An issue was discovered in ytnef before 1.9.1. This is related to a patch
described as “1 of 9. Null Pointer Deref / calloc return value not
checked.”
www.openwall.com/lists/oss-security/2017/02/15/4
github.com/Yeraze/ytnef/pull/27
launchpad.net/bugs/cve/CVE-2017-6298
nvd.nist.gov/vuln/detail/CVE-2017-6298
security-tracker.debian.org/tracker/CVE-2017-6298
ubuntu.com/security/notices/USN-3288-1
ubuntu.com/security/notices/USN-4615-1
www.cve.org/CVERecord?id=CVE-2017-6298
www.x41-dsec.de/lab/advisories/x41-2017-002-ytnef/