========================================================================= Ubuntu Security Notice USN-4615-1 November 03, 2020 libytnef vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS Summary: Yerase's TNEF could be made to crash if it received specially crafted input. Software Description: - libytnef: Yerases TNEF Stream Reader library Details: It was discovered that Yerase's TNEF had null pointer dereferences, infinite loop, buffer overflow, out of bounds reads, directory traversal issues and other vulnerabilities. An attacker could use those issues to cause a crash and consequently a denial of service. (CVE-2017-6298, CVE-2017-6299, CVE-2017-6300, CVE-2017-6301, CVE-2017-6302, CVE-2017-6303, CVE-2017-6304, CVE-2017-6305, CVE-2017-6306, CVE-2017-6800, CVE-2017-6801, CVE-2017-6802) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: libytnef0 1.5-9ubuntu0.1 In general, a standard system update will make all the necessary changes. References: https://usn.ubuntu.com/4615-1 CVE-2017-6298, CVE-2017-6299, CVE-2017-6300, CVE-2017-6301, CVE-2017-6302, CVE-2017-6303, CVE-2017-6304, CVE-2017-6305, CVE-2017-6306, CVE-2017-6800, CVE-2017-6801, CVE-2017-6802 Package Information: https://launchpad.net/ubuntu/+source/libytnef/1.5-9ubuntu0.1