Mailinglist Archive: opensuse-bugs (4251 mails)

< Previous Next >
[Bug 1038061] New: VUL-1: CVE-2017-8825: libetpan: NULL dereference vulnerability
  • From: bugzilla_noreply@xxxxxxxxxx
  • Date: Mon, 08 May 2017 14:19:21 +0000
  • Message-id: <>

Bug ID: 1038061
Summary: VUL-1: CVE-2017-8825: libetpan: NULL dereference
Classification: openSUSE
Product: openSUSE Distribution
Version: Leap 42.2
Hardware: Other
OS: Other
Status: NEW
Severity: Normal
Priority: P5 - None
Component: Security
Assignee: security-team@xxxxxxx
Reporter: mikhail.kasimov@xxxxxxxxx
QA Contact: qa-bugs@xxxxxxx
Found By: ---
Blocker: ---

A NULL dereference vulnerability has been found in the MIME handling
code of LibEtPan, a C language mail access and handling library that
is used in a number of MUAs.

Versions 1.7.2 and earlier are affected.

This bug has been assigned CVE-2017-8825.

Hoa Viet Dinh, the author of the library, has released LibEtPan 1.8,
which fixes the bug. It may be found at:


[2] See:
for details on the vulnerability.

Upstream users that wish to patch only this particular problem may
find the fix at:


Thanks to Ryan Whitworth for uncovering this problem with
American Fuzzy Lop.

Perry E. Metzger perry () piermont com


1.6 (TW, 42.{1,2}, official repo)

You are receiving this mail because:
You are on the CC list for the bug.
< Previous Next >