Fix CVE-2017-11110: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11110 https://bugzilla.redhat.com/show_bug.cgi?id=1468471 https://security-tracker.debian.org/tracker/CVE-2017-11110 Patch copied from openSUSE: https://build.opensuse.org/package/view_file/openSUSE:Maintenance:6985/catdoc.openSUSE_Leap_42.2_Update/CVE-2017-11110.patch?expand=1 From: Andreas Stieger Date: Mon, 10 Jul 2017 15:37:58 +0000 References: CVE-2017-11110 http://bugzilla.suse.com/show_bug.cgi?id=1047877 All .doc I found had sectorSize 0x09 at offset 0x1e. Guarding it against <4. --- src/ole.c | 5 +++++ 1 file changed, 5 insertions(+) Index: catdoc-0.95/src/ole.c =================================================================== --- catdoc-0.95.orig/src/ole.c 2016-05-25 06:37:12.000000000 +0200 +++ catdoc-0.95/src/ole.c 2017-07-10 17:42:33.578308107 +0200 @@ -106,6 +106,11 @@ FILE* ole_init(FILE *f, void *buffer, si return NULL; } sectorSize = 1<= 4 for CVE-2017-11110 */ 1, sectorSize, newfile) != sectorSize) { fprintf(stderr, "Error read MSAT!\n"); ole_finish();