2017-02-22 12:51:52 |
Jeremy Bícha |
bug |
|
|
added bug |
2017-02-24 13:57:57 |
Marc Deslauriers |
libytnef (Ubuntu): status |
New |
Confirmed |
|
2017-02-24 14:12:46 |
Jeremy Bícha |
description |
http://www.openwall.com/lists/oss-security/2017/02/15/4
https://github.com/Yeraze/ytnef/pull/27/files
Upstream calls this X41-2017-002 but there will probably be CVE numbers assigned too.
https://security-tracker.debian.org/tracker/TEMP-0000000-8B3E01
Fixed in zesty. I'd like to copy the Debian stable security patches when it's released there.
Quoting from the oss-security post…
Summary and Impact
------------------
Multiple Heap Overflows, out of bound writes and reads, NULL pointer
dereferences and infinite loops have been discovered in ytnef 1.9 an
earlier.
These could be exploited by tricking a user into opening a malicious
winmail.dat file.
Product Description
-------------------
ytnef offers a library and utilities to extract the files from winmail.dat
files. winmail.dat files are send by Microsoft Outlook when forwarding files
via e-mail. The vendor was very responsive in providing a patched version.
Analysis
--------
Due to the big amount of issues found no detailed analysis is given here.
Almost all allocations were unchecked and out of bounds checks rarely
performed in the code.
In total 9 patches were generated for the following issues:
1. Null Pointer Deref / calloc return value not checked
2. Infinite Loop / DoS
3. Buffer Overflow in version field
4. Out of Bound Reads
5. Integer Overflow
6. Invalid Write and Integer Overflow
7. Out of Bounds read
8. Out of Bounds read and write
9. Directory Traversal using the filename |
http://www.openwall.com/lists/oss-security/2017/02/15/4
https://github.com/Yeraze/ytnef/pull/27/files
Upstream calls this X41-2017-002 but a bunch of CVEs have been assigned too.
https://security-tracker.debian.org/tracker/source-package/libytnef
Fixed in zesty. I'd like to copy the Debian stable security patches when it's released there.
Quoting from the oss-security post…
Summary and Impact
------------------
Multiple Heap Overflows, out of bound writes and reads, NULL pointer
dereferences and infinite loops have been discovered in ytnef 1.9 an
earlier.
These could be exploited by tricking a user into opening a malicious
winmail.dat file.
Product Description
-------------------
ytnef offers a library and utilities to extract the files from winmail.dat
files. winmail.dat files are send by Microsoft Outlook when forwarding files
via e-mail. The vendor was very responsive in providing a patched version.
Analysis
--------
Due to the big amount of issues found no detailed analysis is given here.
Almost all allocations were unchecked and out of bounds checks rarely
performed in the code.
In total 9 patches were generated for the following issues:
1. Null Pointer Deref / calloc return value not checked
2. Infinite Loop / DoS
3. Buffer Overflow in version field
4. Out of Bound Reads
5. Integer Overflow
6. Invalid Write and Integer Overflow
7. Out of Bounds read
8. Out of Bounds read and write
9. Directory Traversal using the filename |
|
2017-02-24 14:13:13 |
Jeremy Bícha |
cve linked |
|
2017-6298 |
|
2017-02-24 14:13:26 |
Jeremy Bícha |
cve linked |
|
2017-6299 |
|
2017-02-24 14:13:39 |
Jeremy Bícha |
cve linked |
|
2017-6300 |
|
2017-02-24 14:13:53 |
Jeremy Bícha |
cve linked |
|
2017-6301 |
|
2017-02-24 14:14:06 |
Jeremy Bícha |
cve linked |
|
2017-6302 |
|
2017-02-24 14:14:17 |
Jeremy Bícha |
cve linked |
|
2017-6303 |
|
2017-02-24 14:14:32 |
Jeremy Bícha |
cve linked |
|
2017-6304 |
|
2017-02-24 14:14:45 |
Jeremy Bícha |
cve linked |
|
2017-6305 |
|
2017-02-24 14:14:58 |
Jeremy Bícha |
cve linked |
|
2017-6306 |
|
2017-05-24 13:26:21 |
Jeremy Bícha |
tags |
|
patch trusty xenial yakkety zesty |
|
2017-05-24 13:26:42 |
Jeremy Bícha |
attachment added |
|
libytnef-lp1666884-trusty.debdiff https://bugs.launchpad.net/ubuntu/+source/libytnef/+bug/1666884/+attachment/4882629/+files/libytnef-lp1666884-trusty.debdiff |
|
2017-05-24 13:26:59 |
Jeremy Bícha |
attachment added |
|
libytnef-lp1666884-xenial.debdiff https://bugs.launchpad.net/ubuntu/+source/libytnef/+bug/1666884/+attachment/4882630/+files/libytnef-lp1666884-xenial.debdiff |
|
2017-05-24 13:27:17 |
Jeremy Bícha |
attachment added |
|
libytnef-lp1666884-yakkety.debdiff https://bugs.launchpad.net/ubuntu/+source/libytnef/+bug/1666884/+attachment/4882631/+files/libytnef-lp1666884-yakkety.debdiff |
|
2017-05-24 13:27:35 |
Jeremy Bícha |
attachment added |
|
libytnef-lp1666884-zesty.debdiff https://bugs.launchpad.net/ubuntu/+source/libytnef/+bug/1666884/+attachment/4882632/+files/libytnef-lp1666884-zesty.debdiff |
|
2017-05-24 13:28:11 |
Jeremy Bícha |
cve linked |
|
2017-9058 |
|
2017-05-24 13:32:31 |
Jeremy Bícha |
description |
http://www.openwall.com/lists/oss-security/2017/02/15/4
https://github.com/Yeraze/ytnef/pull/27/files
Upstream calls this X41-2017-002 but a bunch of CVEs have been assigned too.
https://security-tracker.debian.org/tracker/source-package/libytnef
Fixed in zesty. I'd like to copy the Debian stable security patches when it's released there.
Quoting from the oss-security post…
Summary and Impact
------------------
Multiple Heap Overflows, out of bound writes and reads, NULL pointer
dereferences and infinite loops have been discovered in ytnef 1.9 an
earlier.
These could be exploited by tricking a user into opening a malicious
winmail.dat file.
Product Description
-------------------
ytnef offers a library and utilities to extract the files from winmail.dat
files. winmail.dat files are send by Microsoft Outlook when forwarding files
via e-mail. The vendor was very responsive in providing a patched version.
Analysis
--------
Due to the big amount of issues found no detailed analysis is given here.
Almost all allocations were unchecked and out of bounds checks rarely
performed in the code.
In total 9 patches were generated for the following issues:
1. Null Pointer Deref / calloc return value not checked
2. Infinite Loop / DoS
3. Buffer Overflow in version field
4. Out of Bound Reads
5. Integer Overflow
6. Invalid Write and Integer Overflow
7. Out of Bounds read
8. Out of Bounds read and write
9. Directory Traversal using the filename |
http://www.openwall.com/lists/oss-security/2017/02/15/4
https://github.com/Yeraze/ytnef/pull/27/files
Upstream calls this X41-2017-002 but a bunch of CVEs have been assigned too.
https://security-tracker.debian.org/tracker/source-package/libytnef
Fixed in zesty. I'd like to copy the Debian stable security patches when it's released there.
Quoting from the oss-security post…
Summary and Impact
------------------
Multiple Heap Overflows, out of bound writes and reads, NULL pointer
dereferences and infinite loops have been discovered in ytnef 1.9 an
earlier.
These could be exploited by tricking a user into opening a malicious
winmail.dat file.
Product Description
-------------------
ytnef offers a library and utilities to extract the files from winmail.dat
files. winmail.dat files are send by Microsoft Outlook when forwarding files
via e-mail. The vendor was very responsive in providing a patched version.
Analysis
--------
Due to the big amount of issues found no detailed analysis is given here.
Almost all allocations were unchecked and out of bounds checks rarely
performed in the code.
In total 9 patches were generated for the following issues:
1. Null Pointer Deref / calloc return value not checked
2. Infinite Loop / DoS
3. Buffer Overflow in version field
4. Out of Bound Reads
5. Integer Overflow
6. Invalid Write and Integer Overflow
7. Out of Bounds read
8. Out of Bounds read and write
9. Directory Traversal using the filename
Other Info
----------
Zesty already got these fixes synced from Debian. Trusty got these fixes earlier in May since it was still in main. Recently, there's one more CVE, 2017-9058 so I've supplied debdiffs for trusty and zesty for that issue, copied from Debian's 1.9.2-2 package (which will autosync to artful). For xenial and yakkety, I also added the patches that were applied to trusty.
For more about this new issue, see Debian bug 862556 |
|
2017-05-24 13:32:42 |
Jeremy Bícha |
bug watch added |
|
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862556 |
|
2017-05-24 13:32:42 |
Jeremy Bícha |
bug task added |
|
libytnef (Debian) |
|
2017-05-24 13:33:16 |
Jeremy Bícha |
nominated for series |
|
Ubuntu Xenial |
|
2017-05-24 13:33:16 |
Jeremy Bícha |
bug task added |
|
libytnef (Ubuntu Xenial) |
|
2017-05-24 13:33:16 |
Jeremy Bícha |
nominated for series |
|
Ubuntu Trusty |
|
2017-05-24 13:33:16 |
Jeremy Bícha |
bug task added |
|
libytnef (Ubuntu Trusty) |
|
2017-05-24 13:33:16 |
Jeremy Bícha |
nominated for series |
|
Ubuntu Zesty |
|
2017-05-24 13:33:16 |
Jeremy Bícha |
bug task added |
|
libytnef (Ubuntu Zesty) |
|
2017-05-24 13:33:16 |
Jeremy Bícha |
nominated for series |
|
Ubuntu Yakkety |
|
2017-05-24 13:33:16 |
Jeremy Bícha |
bug task added |
|
libytnef (Ubuntu Yakkety) |
|
2017-05-24 13:33:51 |
Jeremy Bícha |
libytnef (Ubuntu Trusty): status |
New |
Confirmed |
|
2017-05-24 13:33:54 |
Jeremy Bícha |
libytnef (Ubuntu Xenial): status |
New |
Confirmed |
|
2017-05-24 13:33:58 |
Jeremy Bícha |
libytnef (Ubuntu Yakkety): status |
New |
Confirmed |
|
2017-05-24 13:34:02 |
Jeremy Bícha |
libytnef (Ubuntu Zesty): status |
New |
Confirmed |
|
2017-05-24 13:34:19 |
Jeremy Bícha |
description |
http://www.openwall.com/lists/oss-security/2017/02/15/4
https://github.com/Yeraze/ytnef/pull/27/files
Upstream calls this X41-2017-002 but a bunch of CVEs have been assigned too.
https://security-tracker.debian.org/tracker/source-package/libytnef
Fixed in zesty. I'd like to copy the Debian stable security patches when it's released there.
Quoting from the oss-security post…
Summary and Impact
------------------
Multiple Heap Overflows, out of bound writes and reads, NULL pointer
dereferences and infinite loops have been discovered in ytnef 1.9 an
earlier.
These could be exploited by tricking a user into opening a malicious
winmail.dat file.
Product Description
-------------------
ytnef offers a library and utilities to extract the files from winmail.dat
files. winmail.dat files are send by Microsoft Outlook when forwarding files
via e-mail. The vendor was very responsive in providing a patched version.
Analysis
--------
Due to the big amount of issues found no detailed analysis is given here.
Almost all allocations were unchecked and out of bounds checks rarely
performed in the code.
In total 9 patches were generated for the following issues:
1. Null Pointer Deref / calloc return value not checked
2. Infinite Loop / DoS
3. Buffer Overflow in version field
4. Out of Bound Reads
5. Integer Overflow
6. Invalid Write and Integer Overflow
7. Out of Bounds read
8. Out of Bounds read and write
9. Directory Traversal using the filename
Other Info
----------
Zesty already got these fixes synced from Debian. Trusty got these fixes earlier in May since it was still in main. Recently, there's one more CVE, 2017-9058 so I've supplied debdiffs for trusty and zesty for that issue, copied from Debian's 1.9.2-2 package (which will autosync to artful). For xenial and yakkety, I also added the patches that were applied to trusty.
For more about this new issue, see Debian bug 862556 |
http://www.openwall.com/lists/oss-security/2017/02/15/4
https://github.com/Yeraze/ytnef/pull/27/files
Upstream calls this X41-2017-002 but a bunch of CVEs have been assigned too.
https://security-tracker.debian.org/tracker/source-package/libytnef
Fixed in zesty. I'd like to copy the Debian stable security patches when it's released there.
Quoting from the oss-security post…
Summary and Impact
------------------
Multiple Heap Overflows, out of bound writes and reads, NULL pointer
dereferences and infinite loops have been discovered in ytnef 1.9 an
earlier.
These could be exploited by tricking a user into opening a malicious
winmail.dat file.
Product Description
-------------------
ytnef offers a library and utilities to extract the files from winmail.dat
files. winmail.dat files are send by Microsoft Outlook when forwarding files
via e-mail. The vendor was very responsive in providing a patched version.
Analysis
--------
Due to the big amount of issues found no detailed analysis is given here.
Almost all allocations were unchecked and out of bounds checks rarely
performed in the code.
In total 9 patches were generated for the following issues:
1. Null Pointer Deref / calloc return value not checked
2. Infinite Loop / DoS
3. Buffer Overflow in version field
4. Out of Bound Reads
5. Integer Overflow
6. Invalid Write and Integer Overflow
7. Out of Bounds read
8. Out of Bounds read and write
9. Directory Traversal using the filename
Testing Done
------------
None
Other Info
----------
Zesty already got these fixes synced from Debian. Trusty got these fixes earlier in May since it was still in main. Recently, there's one more CVE, 2017-9058 so I've supplied debdiffs for trusty and zesty for that issue, copied from Debian's 1.9.2-2 package (which will autosync to artful). For xenial and yakkety, I also added the patches that were applied to trusty.
For more about this new issue, see Debian bug 862556 |
|
2017-05-24 13:34:28 |
Jeremy Bícha |
bug |
|
|
added subscriber Ubuntu Security Sponsors Team |
2017-05-24 13:35:18 |
Jeremy Bícha |
description |
http://www.openwall.com/lists/oss-security/2017/02/15/4
https://github.com/Yeraze/ytnef/pull/27/files
Upstream calls this X41-2017-002 but a bunch of CVEs have been assigned too.
https://security-tracker.debian.org/tracker/source-package/libytnef
Fixed in zesty. I'd like to copy the Debian stable security patches when it's released there.
Quoting from the oss-security post…
Summary and Impact
------------------
Multiple Heap Overflows, out of bound writes and reads, NULL pointer
dereferences and infinite loops have been discovered in ytnef 1.9 an
earlier.
These could be exploited by tricking a user into opening a malicious
winmail.dat file.
Product Description
-------------------
ytnef offers a library and utilities to extract the files from winmail.dat
files. winmail.dat files are send by Microsoft Outlook when forwarding files
via e-mail. The vendor was very responsive in providing a patched version.
Analysis
--------
Due to the big amount of issues found no detailed analysis is given here.
Almost all allocations were unchecked and out of bounds checks rarely
performed in the code.
In total 9 patches were generated for the following issues:
1. Null Pointer Deref / calloc return value not checked
2. Infinite Loop / DoS
3. Buffer Overflow in version field
4. Out of Bound Reads
5. Integer Overflow
6. Invalid Write and Integer Overflow
7. Out of Bounds read
8. Out of Bounds read and write
9. Directory Traversal using the filename
Testing Done
------------
None
Other Info
----------
Zesty already got these fixes synced from Debian. Trusty got these fixes earlier in May since it was still in main. Recently, there's one more CVE, 2017-9058 so I've supplied debdiffs for trusty and zesty for that issue, copied from Debian's 1.9.2-2 package (which will autosync to artful). For xenial and yakkety, I also added the patches that were applied to trusty.
For more about this new issue, see Debian bug 862556 |
http://www.openwall.com/lists/oss-security/2017/02/15/4
https://github.com/Yeraze/ytnef/pull/27/files
Upstream calls this X41-2017-002 but a bunch of CVEs have been assigned too.
https://security-tracker.debian.org/tracker/source-package/libytnef
Fixed in zesty. I'd like to copy the Debian stable security patches when it's released there.
Quoting from the oss-security post…
Summary and Impact
------------------
Multiple Heap Overflows, out of bound writes and reads, NULL pointer
dereferences and infinite loops have been discovered in ytnef 1.9 an
earlier.
These could be exploited by tricking a user into opening a malicious
winmail.dat file.
Product Description
-------------------
ytnef offers a library and utilities to extract the files from winmail.dat
files. winmail.dat files are send by Microsoft Outlook when forwarding files
via e-mail. The vendor was very responsive in providing a patched version.
Analysis
--------
Due to the big amount of issues found no detailed analysis is given here.
Almost all allocations were unchecked and out of bounds checks rarely
performed in the code.
In total 9 patches were generated for the following issues:
1. Null Pointer Deref / calloc return value not checked
2. Infinite Loop / DoS
3. Buffer Overflow in version field
4. Out of Bound Reads
5. Integer Overflow
6. Invalid Write and Integer Overflow
7. Out of Bounds read
8. Out of Bounds read and write
9. Directory Traversal using the filename
Testing Done
------------
None
Other Info
----------
Zesty already got these fixes synced from Debian. Trusty got these fixes earlier in May since it was still in main. Recently, there's one more CVE, 2017-9058 so I've supplied debdiffs for trusty and zesty for that issue, copied from Debian's 1.9.2-2 package (which will autosync to artful). For xenial and yakkety, I also added the patches that were applied to trusty.
For more about this new issue, see Debian bug 862556
The only reverse dependency for libytnef is evolution. |
|
2017-05-24 14:14:30 |
Jeremy Bícha |
description |
http://www.openwall.com/lists/oss-security/2017/02/15/4
https://github.com/Yeraze/ytnef/pull/27/files
Upstream calls this X41-2017-002 but a bunch of CVEs have been assigned too.
https://security-tracker.debian.org/tracker/source-package/libytnef
Fixed in zesty. I'd like to copy the Debian stable security patches when it's released there.
Quoting from the oss-security post…
Summary and Impact
------------------
Multiple Heap Overflows, out of bound writes and reads, NULL pointer
dereferences and infinite loops have been discovered in ytnef 1.9 an
earlier.
These could be exploited by tricking a user into opening a malicious
winmail.dat file.
Product Description
-------------------
ytnef offers a library and utilities to extract the files from winmail.dat
files. winmail.dat files are send by Microsoft Outlook when forwarding files
via e-mail. The vendor was very responsive in providing a patched version.
Analysis
--------
Due to the big amount of issues found no detailed analysis is given here.
Almost all allocations were unchecked and out of bounds checks rarely
performed in the code.
In total 9 patches were generated for the following issues:
1. Null Pointer Deref / calloc return value not checked
2. Infinite Loop / DoS
3. Buffer Overflow in version field
4. Out of Bound Reads
5. Integer Overflow
6. Invalid Write and Integer Overflow
7. Out of Bounds read
8. Out of Bounds read and write
9. Directory Traversal using the filename
Testing Done
------------
None
Other Info
----------
Zesty already got these fixes synced from Debian. Trusty got these fixes earlier in May since it was still in main. Recently, there's one more CVE, 2017-9058 so I've supplied debdiffs for trusty and zesty for that issue, copied from Debian's 1.9.2-2 package (which will autosync to artful). For xenial and yakkety, I also added the patches that were applied to trusty.
For more about this new issue, see Debian bug 862556
The only reverse dependency for libytnef is evolution. |
http://www.openwall.com/lists/oss-security/2017/02/15/4
https://github.com/Yeraze/ytnef/pull/27/files
Upstream calls this X41-2017-002 but a bunch of CVEs have been assigned too.
https://security-tracker.debian.org/tracker/source-package/libytnef
Fixed in zesty. I'd like to copy the Debian stable security patches when it's released there.
Quoting from the oss-security post…
Summary and Impact
------------------
Multiple Heap Overflows, out of bound writes and reads, NULL pointer
dereferences and infinite loops have been discovered in ytnef 1.9 an
earlier.
These could be exploited by tricking a user into opening a malicious
winmail.dat file.
Product Description
-------------------
ytnef offers a library and utilities to extract the files from winmail.dat
files. winmail.dat files are send by Microsoft Outlook when forwarding files
via e-mail. The vendor was very responsive in providing a patched version.
Analysis
--------
Due to the big amount of issues found no detailed analysis is given here.
Almost all allocations were unchecked and out of bounds checks rarely
performed in the code.
In total 9 patches were generated for the following issues:
1. Null Pointer Deref / calloc return value not checked
2. Infinite Loop / DoS
3. Buffer Overflow in version field
4. Out of Bound Reads
5. Integer Overflow
6. Invalid Write and Integer Overflow
7. Out of Bounds read
8. Out of Bounds read and write
9. Directory Traversal using the filename
Testing Done
------------
None
Other Info
----------
Zesty already got these fixes synced from Debian. Trusty got these fixes earlier in May since it was still in main. Recently, there's one more CVE, 2017-9058 so I've supplied debdiffs for trusty and zesty for that issue, copied from Debian's 1.9.2-2 package (which will autosync to artful). For xenial and yakkety, I also added the patches that were applied to trusty.
For more about this new issue, see Debian bug 862556
The only reverse dependency for libytnef is evolution.
For xenial and yakkety, the CVE patch appears to have a basically duplicate fix for the second half of pt_clsid.diff so I dropped those lines from pt_clsid.diff. |
|
2017-05-25 00:50:29 |
Bug Watch Updater |
libytnef (Debian): status |
Unknown |
Fix Released |
|
2017-05-25 22:39:57 |
Tyler Hicks |
libytnef (Ubuntu Trusty): assignee |
|
Tyler Hicks (tyhicks) |
|
2017-05-25 22:40:10 |
Tyler Hicks |
libytnef (Ubuntu Xenial): assignee |
|
Jeremy Bicha (jbicha) |
|
2017-05-25 22:40:17 |
Tyler Hicks |
libytnef (Ubuntu Yakkety): assignee |
|
Jeremy Bicha (jbicha) |
|
2017-05-25 22:40:23 |
Tyler Hicks |
libytnef (Ubuntu Zesty): assignee |
|
Jeremy Bicha (jbicha) |
|
2017-05-25 22:40:28 |
Tyler Hicks |
libytnef (Ubuntu Zesty): status |
Confirmed |
Incomplete |
|
2017-05-25 22:40:30 |
Tyler Hicks |
libytnef (Ubuntu Yakkety): status |
Confirmed |
Incomplete |
|
2017-05-25 22:40:33 |
Tyler Hicks |
libytnef (Ubuntu Xenial): status |
Confirmed |
Incomplete |
|
2017-05-26 23:39:39 |
Tyler Hicks |
libytnef (Ubuntu Trusty): assignee |
Tyler Hicks (tyhicks) |
|
|
2017-08-03 21:34:47 |
Tyler Hicks |
removed subscriber Ubuntu Security Sponsors Team |
|
|
|
2018-06-15 15:28:12 |
Michael Gratton |
bug |
|
|
added subscriber Michael Gratton |
2018-06-15 15:29:30 |
Michael Gratton |
bug |
|
|
added subscriber Ubuntu Security Sponsors Team |
2018-06-17 05:02:09 |
Michael Gratton |
bug watch added |
|
https://github.com/Yeraze/ytnef/issues/45 |
|
2018-07-21 10:10:58 |
Oliver Giles |
cve linked |
|
2017-9068 |
|
2018-07-23 07:37:08 |
Bertrand Croq |
bug |
|
|
added subscriber Bertrand Croq |
2018-07-23 18:54:11 |
Leonidas S. Barbosa |
tags |
patch trusty xenial yakkety zesty |
community-security patch trusty xenial yakkety zesty |
|
2018-08-17 10:56:52 |
Oliver Giles |
bug |
|
|
added subscriber Oliver Giles |
2018-08-30 13:50:27 |
Steve Beattie |
libytnef (Ubuntu Yakkety): status |
Incomplete |
Won't Fix |
|
2018-08-30 13:50:33 |
Steve Beattie |
libytnef (Ubuntu Zesty): status |
Incomplete |
Won't Fix |
|
2018-11-03 23:13:14 |
Mathew Hodson |
libytnef (Ubuntu): importance |
Undecided |
Medium |
|
2018-11-03 23:13:17 |
Mathew Hodson |
libytnef (Ubuntu Trusty): importance |
Undecided |
Medium |
|
2018-11-03 23:13:19 |
Mathew Hodson |
libytnef (Ubuntu Xenial): importance |
Undecided |
Medium |
|
2018-11-03 23:13:22 |
Mathew Hodson |
libytnef (Ubuntu Yakkety): importance |
Undecided |
Medium |
|
2018-11-03 23:13:24 |
Mathew Hodson |
libytnef (Ubuntu Zesty): importance |
Undecided |
Medium |
|
2018-11-09 15:09:32 |
Marc Deslauriers |
removed subscriber Ubuntu Security Sponsors Team |
|
|
|
2019-01-08 00:09:16 |
Michael Gratton |
attachment added |
|
Patch from 1.9.2 to 1.9.3 https://bugs.launchpad.net/ubuntu/+source/libytnef/+bug/1666884/+attachment/5227501/+files/libytnef_1.9.2-2_1.9.3-1.diff.gz |
|
2019-01-08 00:11:12 |
Michael Gratton |
bug |
|
|
added subscriber Ubuntu Security Sponsors Team |
2019-01-24 02:54:30 |
Michael Gratton |
attachment added |
|
libytnef_1.9.2-2_1.9.3-1.diff https://bugs.launchpad.net/ubuntu/+source/libytnef/+bug/1666884/+attachment/5231869/+files/libytnef_1.9.2-2_1.9.3-1.diff |
|
2019-02-09 07:55:21 |
Mathew Hodson |
libytnef (Ubuntu): status |
Confirmed |
Fix Released |
|
2019-04-20 18:41:48 |
Simon Quigley |
removed subscriber Ubuntu Security Sponsors Team |
|
|
|