Ytnef upstream released a security advisory for their latest release. http://openwall.com/lists/oss-security/2017/02/15/4 It fixes multiple security vulnerabilities.
Created libytnef tracking bugs for this issue: Affects: epel-all [bug 1422814] Affects: fedora-all [bug 1422817] Created ytnef tracking bugs for this issue: Affects: epel-all [bug 1422816] Affects: fedora-all [bug 1422815]
Mitre assigned CVEs for these patches: Null Pointer Deref / calloc return value not checked - CVE-2017-6298 Infinite Loop / DoS - CVE-2017-6299 Buffer Overflow in version field - CVE-2017-6300 Out of Bound Reads - CVE-2017-6301 Integer Overflow - CVE-2017-6302 Invalid Write and Integer Overflow CVE-2017-6303 Out of Bounds read - CVE-2017-6304 Out of Bounds read and write - CVE-2017-6305 Directory Traversal using the filename - CVE-2017-6306
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.