Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: libmspack0 | Distribution: SUSE Linux Enterprise 15 |
Version: 0.6 | Vendor: SUSE LLC <https://www.suse.com/> |
Release: 3.8.19 | Build date: Thu May 14 17:09:35 2020 |
Group: System/Libraries | Build host: sheep25 |
Size: 131488 | Source RPM: libmspack-0.6-3.8.19.src.rpm |
Packager: https://www.suse.com/ | |
Url: http://www.cabextract.org.uk/libmspack/ | |
Summary: Library That Implements Different Microsoft Compressions |
The purpose of libmspack is to provide both compression and decompression of some loosely related file formats used by Microsoft. Currently the most common formats are implemented.
LGPL-2.1
* Mon Nov 04 2019 kstreitova@suse.com - add libmspack-0.6alpha-CVE-2019-1010305.patch to fix a buffer overflow in chmd_read_headers(): a CHM file name beginning "::" but shorter than 33 bytes will lead to reading past the freshly-allocated name buffer - checks for specific control filenames didn't take length into account [bsc#1141680] [CVE-2019-1010305] * Fri Mar 29 2019 mcalabkova@suse.com - Enable build-time tests (bsc#1130489) * Added patch libmspack-failing-tests.patch * Fri Oct 26 2018 mcalabkova@suse.com - Added patches: * libmspack-resize-buffer.patch -- CAB block input buffer is one byte too small for maximal Quantum block. * libmspack-fix-bounds-checking.patch -- Fix off-by-one bounds check on CHM PMGI/PMGL chunk numbers and reject empty filenames. * libmspack-reject-blank-filenames.patch -- Avoid returning CHM file entries that are "blank" because they have embedded null bytes. * (the last two patches were modified by removing unneeded part in order to make them more independent) - Fixed bugs: * CVE-2018-18584 (bsc#1113038) * CVE-2018-18585 (bsc#1113039) * Fri Jan 19 2018 adam.majer@suse.de - Correct mspack-tools group to Productivity/File utilities * Tue Jan 16 2018 jengelh@inai.de - Correct SRPM group. * Tue Jan 16 2018 mardnh@gmx.de - Fix typo * Mon Jan 15 2018 mardnh@gmx.de - Update to version 0.6 * read_spaninfo(): a CHM file can have no ResetTable and have a negative length in SpanInfo, which then feeds a negative output length to lzxd_init(), which then sets frame_size to a value of your choosing, the lower 32 bits of output length, larger than LZX_FRAME_SIZE. If the first LZX block is uncompressed, this writes data beyond the end of the window. This issue was raised by ClamAV as CVE-2017-6419. * lzxd_init(), lzxd_set_output_length(), mszipd_init(): due to the issue mentioned above, these functions now reject negative lengths * cabd_read_string(): add missing error check on result of read(). If an mspack_system implementation returns an error, it's interpreted as a huge positive integer, which leads to reading past the end of the stack-based buffer. This issue was raised by ClamAV as CVE-2017-11423 - Add subpackage for helper tools - Run spec-cleaner * Fri Feb 27 2015 sbrabec@suse.cz - Remove problematic libmspack-qtmd_decompress-loop.patch (bnc#912214#c10). Version 0.5 has a correct fix dated 2015-01-05. * Wed Feb 11 2015 p.drouand@gmail.com - Update to version 0.5 * Please read the changelog; too many things to list * Tue Jan 20 2015 sbrabec@suse.cz - Fix possible infinite loop caused DoS (bnc912214, CVE-2014-9556, libmspack-qtmd_decompress-loop.patch).
/usr/lib64/libmspack.so.0 /usr/lib64/libmspack.so.0.1.0 /usr/share/doc/packages/libmspack0 /usr/share/doc/packages/libmspack0/AUTHORS /usr/share/doc/packages/libmspack0/COPYING.LIB /usr/share/doc/packages/libmspack0/ChangeLog /usr/share/doc/packages/libmspack0/README /usr/share/doc/packages/libmspack0/TODO
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Jul 9 14:00:23 2024