Information on source package libmspack

Available versions

ReleaseVersion
jessie0.5-1+deb8u1
jessie (security)0.5-1+deb8u4
stretch0.5-1+deb9u3
stretch (security)0.5-1+deb9u2
buster0.10.1-1
bullseye0.10.1-1
sid0.10.1-1

Open issues

BugjessiestretchbusterbullseyesidDescription
CVE-2019-1010305fixedvulnerablefixedfixedfixedlibmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: I ...

Open unimportant issues

BugjessiestretchbusterbullseyesidDescription
CVE-2018-18586vulnerablevulnerablefixedfixedfixed** DISPUTED ** chmextract.c in the chmextract sample program, as distr ...

Resolved issues

BugDescription
TEMP-0000000-A4F3DEInvalid read in create_output_name
TEMP-0000000-970209Invalid read in ensure_filepath
CVE-2018-18585chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accept ...
CVE-2018-18584In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8 ...
CVE-2018-14682An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. ...
CVE-2018-14681An issue was discovered in kwajd_read_headers in mspack/kwajd.c in lib ...
CVE-2018-14680An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. ...
CVE-2018-14679An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. ...
CVE-2017-6419mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows ...
CVE-2017-11423The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha, ...
CVE-2015-4472Off-by-one error in the READ_ENCINT macro in chmd.c in libmspack befor ...
CVE-2015-4471Off-by-one error in the lzxd_decompress function in lzxd.c in libmspac ...
CVE-2015-4470Off-by-one error in the inflate function in mszipd.c in libmspack befo ...
CVE-2015-4469The chmd_read_headers function in chmd.c in libmspack before 0.5 does ...
CVE-2015-4468Multiple integer overflows in the search_chunk function in chmd.c in l ...
CVE-2015-4467The chmd_init_decomp function in chmd.c in libmspack before 0.5 does n ...
CVE-2014-9732The cabd_extract function in cabd.c in libmspack before 0.5 does not p ...
CVE-2014-9556Integer overflow in the qtmd_decompress function in libmspack 0.4 allo ...

Security announcements

DSA / DLADescription
DLA-1895-1libmspack - security update
DLA-1555-1libmspack - security update
DLA-1460-1libmspack - security update
DSA-4260-1libmspack - security update
DSA-3946-1libmspack - security update
DSA-3946-1libmspack - security update

Search for package or bug name: Reporting problems