Package "libmspack"
Name: |
libmspack
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description. Description samples from packages in group:
- library for Microsoft compression formats (debugging symbols)
- library for Microsoft compression formats (development files)
- library for Microsoft compression formats (documentation)
- library for Microsoft compression formats (shared library)
|
Latest version: |
0.5-1ubuntu0.16.04.4 |
Release: |
xenial (16.04) |
Level: |
security |
Repository: |
main |
Links
Other versions of "libmspack" in Xenial
Packages in group
Deleted packages are displayed in grey.
Changelog
libmspack (0.5-1ubuntu0.16.04.4) xenial-security; urgency=medium
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2019-1010305.patch: length checks when looking
for control files in mspack/chmd.c.
- CVE-2019-1010305
-- <email address hidden> (Leonidas S. Barbosa) Wed, 17 Jul 2019 12:04:22 -0300
|
Source diff to previous version |
CVE-2019-1010305 |
libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmd_read_headers() in libmsp |
|
libmspack (0.5-1ubuntu0.16.04.3) xenial-security; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2018-18585.patch: Ensure file names are valid in chmd.c
- CVE-2018-18585
* SECURITY UPDATE: One byte buffer overflow -
- debian/patches/CVE-2018-18584.patch: Ensure input buffer is large
enough in cab.h
- CVE-2018-18584
-- Alex Murray <email address hidden> Fri, 09 Nov 2018 10:35:47 +1030
|
Source diff to previous version |
CVE-2018-18585 |
chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" |
CVE-2018-18584 |
In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum bloc |
|
libmspack (0.5-1ubuntu0.16.04.2) xenial-security; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2018-14679-and-CVE-2018-14680.patch:
fix in chmd.c.
- CVE-2018-14679
- CVE-2018-14680
* SECURITY UPDATE: Bytes overwire with bad KWAJ file extension
- debian/patches/CVE-2018-14681.patch: fix in Makefile.am,
mspack/kwajd.c, test/kwajd_test.c and add some files
for test propose in test_files/kwajd/f*.kwj.
- CVE-2018-14681
* SECURITY UPDATE: Off-by-one error
- debian/patches/CVE-2018-14682.patch: fix in mspack/chmd.c.
- CVE-2018-14682
-- <email address hidden> (Leonidas S. Barbosa) Wed, 01 Aug 2018 11:29:49 -0300
|
Source diff to previous version |
CVE-2018-14679 |
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the CHM PMGI/PMGL chunk number validity checks |
CVE-2018-14680 |
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. It does not reject blank CHM filenames. |
CVE-2018-14681 |
An issue was discovered in kwajd_read_headers in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or tw |
CVE-2018-14682 |
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER() macro for CHM decompression. |
|
No changelog available yet.
|
About
-
Send Feedback to @ubuntu_updates