Advisories » MGASA-2017-0007

Updated unrtf package fixes security vulnerability

Publication date: 06 Jan 2017
Modification date: 06 Jan 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-10091

Description

A Stack-based buffer overflow has been found in unrtf 0.21.9, which
affects functions including cmd_expand, cmd_emboss and cmd_engrave
(CVE-2016-10091).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=20052
• http://openwall.com/lists/oss-security/2017/01/01/1
• https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849705
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10091

SRPMS

5/core

• unrtf-0.21.9-1.1.mga5