FOR TRACKING PURPOSE SICNE A READ OVERFLOW IN A COMMAND-LINE TOOL DOES NOT DESERVE A CVE CVE-2017-11110 (https://nvd.nist.gov/vuln/detail/CVE-2017-11110): The ole_init function in ole.c in catdoc 0.95 allows remote attackers to cause a denial of service (heap-based buffer underflow and application crash) or possibly have unspecified other impact via a crafted file, i.e., data is written to memory addresses before the beginning of the tmpBuf buffer. @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.