Fedora 25: icoutils Security Update 2017-3d7734a8b2
Summary
The icoutils are a set of programs for extracting and converting images in
Microsoft Windows icon and cursor files. These files usually have the
extension .ico or .cur, but they can also be embedded in executables or
libraries.
Update Information:
This new point release fixes a security vulnerability in wrestool. For further details see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850017
Change Log
References
[ 1 ] Bug #1411251 - CVE-2017-5208 icoutils: Check_offset overflow on 64-bit systems https://bugzilla.redhat.com/show_bug.cgi?id=1411251 [ 2 ] Bug #1412259 - CVE-2017-5333 icoutils: Integer overflow vulnerability in extract.c https://bugzilla.redhat.com/show_bug.cgi?id=1412259 [ 3 ] Bug #1412263 - CVE-2017-5332 icoutils: Access to unallocated memory possible in extract.c https://bugzilla.redhat.com/show_bug.cgi?id=1412263
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade icoutils' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html