CVE-2017-6011

Priority
Medium
Description
An issue was discovered in icoutils 0.31.1. An out-of-bounds read leading
to a buffer overflow was observed in the "simple_vec" function in the
"extract.c" source file. This affects icotool.
References
Bugs
Notes
 mdeslaur> same fixes as CVE-2017-6010
Package
Upstream:released (0.31.2-1)
Ubuntu 17.10 (Artful Aardvark):not-affected (0.31.2-1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was released [0.29.1-2ubuntu0.2])
Ubuntu 14.04 LTS (Trusty Tahr):released (0.31.0-2+deb8u3build0.14.04.1)
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 17.04 (Zesty Zapus):not-affected (0.31.2-1)
Patches:
Upstream:http://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=bf97b99109607d4367a4e57df9a37cbcac02e220
Upstream:http://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=45a0207225df4cd4b82f41eee636e21f11a7db74
More Information

Updated: 2017-08-11 23:25:59 UTC (commit 13081)