Advisories » MGASA-2017-0209

Updated tnef packages fix security vulnerability

Publication date: 22 Jul 2017
Modification date: 21 Jul 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2017-8911

Description

It was discovered that tnef did not correctly validate its input. An
attacker could exploit this by tricking a user into opening a malicious
attachment, which would result in a denial-of-service by application
crash (CVE-2017-8911).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=21013
• https://www.debian.org/security/2017/dsa-3869
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8911

SRPMS

5/core

• tnef-1.4.15-1.mga5