Synopsis: Important: icoutils security update Advisory ID: SLSA-2017:0837-1 Issue Date: 2017-03-22 CVE Numbers: CVE-2017-5208 CVE-2017-5333 CVE-2017-5332 CVE-2017-6009 CVE-2017-6010 CVE-2017-6011 -- Security Fix(es): * Multiple vulnerabilities were found in icoutils, in the wrestool program. An attacker could create a crafted executable that, when read by wrestool, could result in memory corruption leading to a crash or potential code execution. (CVE-2017-5208, CVE-2017-5333, CVE-2017-6009) * A vulnerability was found in icoutils, in the wrestool program. An attacker could create a crafted executable that, when read by wrestool, could result in failure to allocate memory or an over-large memcpy operation, leading to a crash. (CVE-2017-5332) * Multiple vulnerabilities were found in icoutils, in the icotool program. An attacker could create a crafted ICO or CUR file that, when read by icotool, could result in memory corruption leading to a crash or potential code execution. (CVE-2017-6010, CVE-2017-6011) -- SL7 x86_64 icoutils-0.31.3-1.el7_3.x86_64.rpm icoutils-debuginfo-0.31.3-1.el7_3.x86_64.rpm - Scientific Linux Development Team