PublicDateAtUSN: 2017-05-18
Candidate: CVE-2017-9058
PublicDate: 2017-05-18 06:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9058
 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862556
 https://github.com/Yeraze/ytnef/issues/45
 https://ubuntu.com/security/notices/USN-3667-1
Description:
 In libytnef in ytnef through 1.9.2, there is a heap-based buffer over-read
 due to incorrect boundary checking in the SIZECHECK macro in lib/ytnef.c.
Ubuntu-Description:
Notes:
 seth-arnold> The fix is to a macro; I didn't see any uses in main but there
  may be some in universe
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862556
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [9.8 CRITICAL]

Patches_libytnef:
 distro: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862556
upstream_libytnef: released (1.9.2-2)
precise/esm_libytnef: DNE
trusty_libytnef: released (1.5-6ubuntu0.2)
trusty/esm_libytnef: DNE (trusty was released [1.5-6ubuntu0.2])
vivid/stable-phone-overlay_libytnef: DNE
vivid/ubuntu-core_libytnef: DNE
xenial_libytnef: ignored (end of standard support, was needed)
yakkety_libytnef: ignored (reached end-of-life)
zesty_libytnef: ignored (reached end-of-life)
artful_libytnef: not-affected (1.9.2-2)
bionic_libytnef: not-affected (1.9.2-2)
cosmic_libytnef: not-affected (1.9.2-2)
disco_libytnef: not-affected (1.9.2-2)
eoan_libytnef: not-affected (1.9.2-2)
focal_libytnef: not-affected (1.9.2-2)
groovy_libytnef: not-affected (1.9.2-2)
hirsute_libytnef: not-affected (1.9.2-2)
impish_libytnef: not-affected (1.9.2-2)
jammy_libytnef: not-affected (1.9.2-2)
devel_libytnef: not-affected (1.9.2-2)