Candidate: CVE-2017-8305
PublicDate: 2017-04-27 21:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8305
Description:
 The UDFclient (before 0.8.8) custom strlcpy implementation has a buffer
 overflow. UDFclient's strlcpy is used only on systems with a C library
 (e.g., glibc) that lacks its own strlcpy.
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861347
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [9.8 CRITICAL]

Patches_udfclient:
upstream_udfclient: released (0.8.8-1)
precise_udfclient: DNE
precise/esm_udfclient: DNE
trusty_udfclient: DNE
trusty/esm_udfclient: DNE
vivid/stable-phone-overlay_udfclient: DNE
vivid/ubuntu-core_udfclient: DNE
xenial_udfclient: DNE
yakkety_udfclient: ignored (reached end-of-life)
zesty_udfclient: ignored (reached end-of-life)
artful_udfclient: ignored (reached end-of-life)
bionic_udfclient: not-affected (0.8.8-1)
cosmic_udfclient: not-affected (0.8.8-1)
devel_udfclient: not-affected (0.8.8-1)