Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 536
Alerts This Week
Warning Icon 1 536

Scientific Linux: SLSA-2018-3327-1 Low: libmspack Updates for Errors

Scientific Large Esm H446
libmspack: off-by-one error in the CHM PMGI/PMGL chunk number validity checks (CVE-2018-14679) * libmspack: off-by-one error in the CHM chunk number validity checks (CVE-2018-14680) * libmspack: out-of-bounds write in kwajd_read_headers in mspack/kwajd.c (CVE-2018-14681) * libmspack: off-by-one error in the TOLOWER() macro for CHM decompression (CVE-2018-14682) SL7 x86_64 libmspack-0 [More...]
Synopsis:          Low: libmspack security update
Advisory ID:       SLSA-2018:3327-1
Issue Date:        2018-10-30
CVE Numbers:       CVE-2018-14679
                   CVE-2018-14681
                   CVE-2018-14680
                   CVE-2018-14682
--

Security Fix(es):

* libmspack: off-by-one error in the CHM PMGI/PMGL chunk number validity
checks (CVE-2018-14679)

* libmspack: off-by-one error in the CHM chunk number validity checks
(CVE-2018-14680)

* libmspack: out-of-bounds write in kwajd_read_headers in mspack/kwajd.c
(CVE-2018-14681)

* libmspack: off-by-one error in the TOLOWER() macro for CHM decompression
(CVE-2018-14682)
--

SL7
  x86_64
    libmspack-0.5-0.6.alpha.el7.i686.rpm
    libmspack-0.5-0.6.alpha.el7.x86_64.rpm
    libmspack-debuginfo-0.5-0.6.alpha.el7.i686.rpm
    libmspack-debuginfo-0.5-0.6.alpha.el7.x86_64.rpm
    libmspack-devel-0.5-0.6.alpha.el7.i686.rpm
    libmspack-devel-0.5-0.6.alpha.el7.x86_64.rpm

- Scientific Linux Development Team