Security update for icoutils (important)

2017-01-17T00:09:13
ID OPENSUSE-SU-2017:0168-1
Type suse
Reporter Suse
Modified 2017-01-17T00:09:13

Description

This update for icoutils to version 0.31.1 fixes the following issues:

  • CVE-2017-5208: An integer overflow allows maliciously crafted files to cause DoS or code execution (boo#1018756).
  • CVE-2017-5331: Incorrect out of bounds checks in check_offset allow for DoS or code execution (boo#1018756).
  • CVE-2017-5332: Missing out of bounds checks in extract_group_icon_cursor_resource allow for DoS or code execution (boo#1018756).
  • CVE-2017-5333: Incorrect out of bounds checks in check_offset allow for DoS or code execution (boo#1018756).