Hey, I have fixed CVE-2019-18849 for tnef and uploaded the same to mentors.d.net. The relevant .dsc could be found at [1]. Requesting to upload the same on my behalf. Attaching the DLA file for the same. Also, sent a patch for Stretch, Buster, Bullseye, and Sid to the maintainer. CCed #944851 and the Security team as well. Best, Utkarsh --- [1]: https://mentors.debian.net/debian/pool/main/t/tnef/tnef_1.4.9-1+deb8u4.dsc
From: Utkarsh Gupta <guptautkarsh2102@gmail.com> To: debian-lts-announce@lists.debian.org Subject: [SECURITY] [DLA 2005-1] tnef security update Package : tnef Version : 1.4.9-1+deb8u4 CVE ID : CVE-2019-18849 Debian Bug : 944851 In tnef, an attacker may be able to write to the victim's .ssh/authorized_keys file via an e-mail message with a crafted winmail.dat application/ms-tnef attachment, because of a heap-based buffer over-read involving strdup. For Debian 8 "Jessie", this problem has been fixed in version 1.4.9-1+deb8u4. We recommend that you upgrade your tnef packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS
Attachment:
signature.asc
Description: OpenPGP digital signature