ASA-201708-10 log original external raw

[ASA-201708-10] libytnef: arbitrary code execution
Arch Linux Security Advisory ASA-201708-10 ========================================== Severity: High Date : 2017-08-14 CVE-ID : CVE-2017-9058 Package : libytnef Type : arbitrary code execution Remote : Yes Link : Summary ======= The package libytnef before version 1.9.2-2 is vulnerable to arbitrary code execution. Resolution ========== Upgrade to 1.9.2-2. # pacman -Syu "libytnef>=1.9.2-2" The problem has been fixed upstream but no release is available yet. Workaround ========== None. Description =========== A heap-buffer-overflow vulnerability has been found in the libytnef in the lib/ytnef.c module. Impact ====== A remote attacker can execute arbitrary code on the affected host via a crafted tnef file. References ==========