Ubuntu has issued an advisory on May 31: https://usn.ubuntu.com/3667-1/
pushed 1.9.3 which solves that issue in cauldron
Assignee: bruno => qa-bugsStatus: NEW => ASSIGNED
Fixed in ytnef-1.9.3-1.mga7.
Resolution: (none) => FIXEDAssignee: qa-bugs => brunoStatus: ASSIGNED => RESOLVED
This also fixed CVE-2017-12142 and CVE-2017-12144: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/LFJWMUEUC4ILH2HEOCYVVLQT654ZMCGQ/