| Summary: | tnef breaks with an assertion error | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | Marcel Pol <marcel> |
| Component: | RPM Packages | Assignee: | All Packagers <pkg-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | |
| Severity: | normal | ||
| Priority: | Normal | CC: | marja11, nicolas.salguero, zombie_ryushu |
| Version: | Cauldron | ||
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Source RPM: | tnef-1.4.9-6 | CVE: | |
| Status comment: | |||
| Bug Depends on: | 21013 | ||
| Bug Blocks: | |||
|
Description
Marcel Pol
2017-05-25 21:50:29 CEST
Assigning to all packagers collectively, since there is no registered maintainer for this package. CC:
(none) =>
marja11 I wonder if just adding the CVE patches in the last update caused this, as opposed to updating to the newest version. Perhaps we should upgrade to 1.4.14. CC:
(none) =>
nicolas.salguero Got another CVE to tack on here. Package : tnef CVE ID : CVE-2017-8911 Debian Bug : 862442 It was discovered that tnef, a tool used to unpack MIME attachments of type "application/ms-tnef", did not correctly validate its input. An attacker could exploit this by tricking a user into opening a malicious attachment, which would result in a denial-of-service by application crash. CC:
(none) =>
zombie_ryushu
David Walser
2017-06-02 12:13:07 CEST
Depends on:
(none) =>
21013 Thank you for the update of today Status:
NEW =>
RESOLVED |