CVE-2021-3403 (https://github.com/Yeraze/ytnef/issues/85): In ytnef 1.9.3, the TNEFSubjectHandler function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a double free which can be triggered via a crafted file. CVE-2021-3404 (https://github.com/Yeraze/ytnef/issues/86): In ytnef 1.9.3, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a heap buffer overflow which can be triggered via a crafted file. Might be further exploitable so the 3 rating may be worth rethinking later.
Package list is empty or all packages have requested keywords.
Please backport the patches linked.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ba52d365d7a5c9e48b2911010cd26546896ba4ff commit ba52d365d7a5c9e48b2911010cd26546896ba4ff Author: Lars Wendler <polynomial-c@gentoo.org> AuthorDate: 2021-09-20 14:21:28 +0000 Commit: Lars Wendler <polynomial-c@gentoo.org> CommitDate: 2021-09-20 14:21:42 +0000 net-mail/ytnef: Bump to version 2.0 Bug: https://bugs.gentoo.org/774255 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> net-mail/ytnef/Manifest | 1 + net-mail/ytnef/ytnef-2.0.ebuild | 31 +++++++++++++++++++++++++++++++ 2 files changed, 32 insertions(+)
Please cleanup.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5ce2cc8f7fe504a91f355a4ff2716dcfaa2bf95e commit 5ce2cc8f7fe504a91f355a4ff2716dcfaa2bf95e Author: Bernard Cafarelli <voyageur@gentoo.org> AuthorDate: 2022-07-10 12:54:03 +0000 Commit: Bernard Cafarelli <voyageur@gentoo.org> CommitDate: 2022-07-10 12:55:04 +0000 net-mail/ytnef: drop 1.9.3 Bug: https://bugs.gentoo.org/774255 Signed-off-by: Bernard Cafarelli <voyageur@gentoo.org> net-mail/ytnef/Manifest | 1 - net-mail/ytnef/ytnef-1.9.3.ebuild | 31 ------------------------------- 2 files changed, 32 deletions(-)