Latest stable releases of libmspack and cabextract, includes security fixes for CVE-2018-14680, CVE-2018-14681, CVE-2018-14682, CVE-2018-18584, CVE-2018-18585

How to install

sudo dnf upgrade --advisory=FEDORA-2018-a5953af115

This update has been submitted for testing by rdieter.

a year ago

rdieter edited this update.

a year ago

rdieter edited this update.

a year ago

This update has been pushed to testing.

a year ago
User Icon cserpentis commented & provided feedback a year ago
karma

works for me

User Icon besser82 commented & provided feedback a year ago
karma

Works great! LGTM! =)

This update has reached the stable karma threshold and can be pushed to stable now if the maintainer wishes.

a year ago

This update has been submitted for batched by rdieter.

a year ago
User Icon kparal commented & provided feedback a year ago
karma

corrupts extracted cab files. please see #1647033 (tested in F28, but probably affects all releases)

User Icon kparal commented & provided feedback a year ago

(please cancel the stable push request, thanks)

This update has been unpushed.

rdieter edited this update.

New build(s):

  • cabextract-1.9-1.fc29
  • libmspack-0.9.1-0.1.alpha.fc29

Removed build(s):

  • cabextract-1.8-1.fc29
  • libmspack-0.8-0.1.alpha.fc29

Karma has been reset.

a year ago

This update has been submitted for testing by rdieter.

a year ago

This update has been pushed to testing.

a year ago
User Icon filiperosset commented & provided feedback a year ago
karma

no regressions noted

User Icon kparal commented & provided feedback a year ago
karma

seems to fix the corruption bug

This update has reached the stable karma threshold and can be pushed to stable now if the maintainer wishes.

a year ago
User Icon pwalter commented & provided feedback a year ago
karma

Works

This update has been submitted for batched by rdieter.

a year ago

This update has been submitted for stable by bodhi.

a year ago

This update has been pushed to stable.

a year ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
3
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-4
Dates
submitted
a year ago
in testing
a year ago
in stable
a year ago
modified
a year ago
BZ#1610896 CVE-2018-14681 libmspack: out-of-bounds write in kwajd_read_headers in mspack/kwajd.c
0
0
BZ#1610897 CVE-2018-14681 libmspack: Out-of-bounds Write in kwajd_read_headers in mspack/kwajd.c [fedora-all]
0
0
BZ#1610934 CVE-2018-14680 libmspack: off-by-one error in the CHM chunk number validity checks
0
0
BZ#1610936 CVE-2018-14680 libmspack: off-by-one error in the CHM chunk number validity checks [fedora-all]
0
0
BZ#1610941 CVE-2018-14682 libmspack: off-by-one error in the TOLOWER() macro for CHM decompression
0
0
BZ#1610942 CVE-2018-14682 libmspack: off-by-one error in the TOLOWER() macro for CHM decompression [fedora-all]
0
0
BZ#1644214 CVE-2018-18584 libmspack: Out-of-bounds write in mspack/cab.h
0
0
BZ#1644215 CVE-2018-18585 libmspack: chmd_read_headers() fails to reject filenames containing NULL bytes
0
0
BZ#1644218 CVE-2018-18584 CVE-2018-18585 libmspack: various flaws [fedora-all]
0
0
BZ#1644221 CVE-2018-18584 CVE-2018-18585 cabextract: various flaws [fedora-all]
0
0

Automated Test Results