Package : libmspack
Version : 0.5-1+deb8u3
CVE ID : CVE-2018-18584 CVE-2018-18585
CVE-2018-18584
Fixing the size of the CAB block input buffer, which is too small
for the maximal Quantum block, prevents an out-of-bounds write.
CVE-2018-18585
Blank filenames (having length zero or their 1st or 2nd byte is
null) should be rejected.
For Debian 8 "Jessie", these problems have been fixed in version
0.5-1+deb8u3.
We recommend that you upgrade your libmspack packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
Debian LTS: DLA-1555-1: libmspack security update
October 26, 2018
CVE-2018-18584 Fixing the size of the CAB block input buffer, which is too small for the maximal Quantum block, prevents an out-of-bounds write
Summary
CVE-2018-18585
Blank filenames (having length zero or their 1st or 2nd byte is
null) should be rejected.
For Debian 8 "Jessie", these problems have been fixed in version
0.5-1+deb8u3.
We recommend that you upgrade your libmspack packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
Severity
Package : libmspack
Version : 0.5-1+deb8u3
CVE ID : CVE-2018-18584 CVE-2018-18585
News
HOWTOs
About Us
Powered By
