Download
| Alert*
oval:org.secpod.oval:def:89003301
This update for libmspack fixes the following issues: Security issues fixed: - CVE-2018-18584: The CAB block input buffer was one byte too small for the maximal Quantum block, leading to an out-of-bounds write. - CVE-2018-18585: chmd_read_headers accepted a filename that has "\0" as its first or se ... oval:org.secpod.oval:def:704388 clamav: Anti-virus utility for Unix Details: USN-3814-1 fixed several vulnerabilities in libmspack. In Ubuntu 14.04 libmspack is included into ClamAV. This update provides the corresponding update for Ubuntu 14.04 LTS. Original advisory Several security issues were fixed in ClamAV. oval:org.secpod.oval:def:205290 The libmspack packages contain a library providing compression and extraction of the Cabinet file format used by Microsoft. Security Fix: * libmspack: Out-of-bounds write in mspack/cab.h * libmspack: chmd_read_headers fails to reject filenames containing NULL bytes For more details about the secu ... oval:org.secpod.oval:def:704383 libmspack: library for Microsoft compression formats Several security issues were fixed in libmspack. oval:org.secpod.oval:def:503280 The libmspack packages contain a library providing compression and extraction of the Cabinet file format used by Microsoft. Security Fix: * libmspack: Out-of-bounds write in mspack/cab.h * libmspack: chmd_read_headers fails to reject filenames containing NULL bytes For more details about the secu ... oval:org.secpod.oval:def:115477 cabextract is a program which can extract files from cabinet archives. oval:org.secpod.oval:def:115479 The purpose of libmspack is to provide both compression and decompression of some loosely related file formats used by Microsoft. oval:org.secpod.oval:def:51163 libmspack: library for Microsoft compression formats Several security issues were fixed in libmspack. oval:org.secpod.oval:def:115451 The purpose of libmspack is to provide both compression and decompression of some loosely related file formats used by Microsoft. oval:org.secpod.oval:def:115454 cabextract is a program which can extract files from cabinet archives. oval:org.secpod.oval:def:1504242 [0.5-0.7.alpha] - Fixes for CVE-2018-18584 CVE-2018-18585. resolves: rhbz#1648384 rhbz#1648385 oval:org.secpod.oval:def:1700224 In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write.chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has #039;\\0#039; as its f ... oval:org.secpod.oval:def:52955 clamav: Anti-virus utility for Unix Details: USN-3814-1 fixed several vulnerabilities in libmspack. In Linux Mint 17.x libmspack is included into ClamAV. This update provides the corresponding update for Linux Mint 17.x LTS. Original advisory Several security issues were fixed in ClamAV. oval:org.secpod.oval:def:89000397 This update for libmspack fixes the following issues: Security issues fixed: - CVE-2019-1010305: Fixed a buffer overflow triggered by a crafted chm file which could have led to information disclosure . - CVE-2018-18584: The CAB block input buffer was one byte too small for the maximal Quantum block, ... |