OPENSUSE-SU-2024:11467-1 tnef-1.4.18-1.6 on GA media

These are all security issues fixed in the tnef-1.4.18-1.6 package on the GA media of openSUSE Tumbleweed...

Mageia: Security Advisory (MGASA-2019-0367)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2017-0083)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-2748-1 : tnef - LTS security update

The remote Debian 9 host has a package installed that is affected by a vulnerability as referenced in the dla-2748 advisory. - In tnef before 1.4.18, an attacker may be able to write to the victim's .ssh/authorizedkeys file via an e-mail message with a crafted winmail.dat application/ms-tnef...

Debian: Security Advisory (DLA-2748-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2019-0367 Updated tnef packages fix security vulnerability

Updated tnef package fixes security vulnerability: In tnef, an attacker may be able to write to the victim's .ssh/authorizedkeys file via an e-mail message with a crafted winmail.dat application/ms-tnef attachment, because of a heap-based buffer over-read involving strdup CVE-2019-18849...

Updated tnef packages fix security vulnerability

Updated tnef package fixes security vulnerability: In tnef, an attacker may be able to write to the victim's .ssh/authorizedkeys file via an e-mail message with a crafted winmail.dat application/ms-tnef attachment, because of a heap-based buffer over-read involving strdup CVE-2019-18849...

Fedora 31 : tnef (2019-815807c020)

tnef release 1.4.18. ==================== Security release to resolve CVE-2019-18849 in which it may be possible to attack via a crafted email message extracted via tnef. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system websit...

Debian: Security Advisory (DLA-2005-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-839-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-3869-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 962-1] tnef security update

Package : tnef Version : 1.4.9-1+deb7u3 CVE ID : CVE-2017-8911 CVE-2017-8911 An integer underflow has been identified in the unicodetoutf8 function in tnef 1.4.14. This might lead to invalid write operations, controlled by an attacker. For Debian 7 "Wheezy", these problems have been fixed in...

[SECURITY] [DLA 839-2] tnef regression update

Package : tnef Version : 1.4.9-1+deb7u2 CVE ID : CVE-2017-6307 CVE-2017-6308 CVE-2017-6309 CVE-2017-6310 Debian Bug : 857342 While fixing the above mentioned CVEs, upstream introduced a regression. The new patches added for this upload take care of that. For Debian 7 "Wheezy", these problems have...