advisories/20477.adv

type: security
subject: Updated icoutils packages fix security vulnerability
CVE:
 - CVE-2017-6009
 - CVE-2017-6010
 - CVE-2017-6011
src:
  5:
   core:
     - icoutils-0.31.3-1.mga5
description: |
  Multiple vulnerabilities were discovered in the icotool (CVE-2017-6010,
  CVE-2017-6011) and wrestool (CVE-2017-6009) tools of icoutils, a set of
  programs that deal with MS Windows icons and cursors, which may result in
  denial of service or the execution of arbitrary code if a malformed .ico
  or .exe file is processed.
references:
 - https://bugs.mageia.org/show_bug.cgi?id=20477
 - https://www.debian.org/security/2017/dsa-3807
 - http://git.savannah.gnu.org/cgit/icoutils.git/tree/NEWS?h=0.31.3
ID: MGASA-2017-0080
1	type: security
2	subject: Updated icoutils packages fix security vulnerability
3	CVE:
4	- CVE-2017-6009
5	- CVE-2017-6010
6	- CVE-2017-6011
7	src:
8	5:
9	core:
10	- icoutils-0.31.3-1.mga5
11	description: \|
12	Multiple vulnerabilities were discovered in the icotool (CVE-2017-6010,
13	CVE-2017-6011) and wrestool (CVE-2017-6009) tools of icoutils, a set of
14	programs that deal with MS Windows icons and cursors, which may result in
15	denial of service or the execution of arbitrary code if a malformed .ico
16	or .exe file is processed.
17	references:
18	- https://bugs.mageia.org/show_bug.cgi?id=20477
19	- https://www.debian.org/security/2017/dsa-3807
20	- http://git.savannah.gnu.org/cgit/icoutils.git/tree/NEWS?h=0.31.3
21	ID: MGASA-2017-0080