Overview
Request 566588 accepted
- Correct SRPM group.
- Fix typo
- Update to version 0.6
* read_spaninfo(): a CHM file can have no ResetTable and have a
negative length in SpanInfo, which then feeds a negative output
length to lzxd_init(), which then sets frame_size to a value of
your choosing, the lower 32 bits of output length, larger than
LZX_FRAME_SIZE. If the first LZX block is uncompressed, this
writes data beyond the end of the window.
This issue was raised by ClamAV as CVE-2017-6419.
* lzxd_init(), lzxd_set_output_length(), mszipd_init(): due to the
issue mentioned above, these functions now reject negative lengths
* cabd_read_string(): add missing error check on result of read().
If an mspack_system implementation returns an error, it's
interpreted as a huge positive integer, which leads to reading
past the end of the stack-based buffer.
This issue was raised by ClamAV as CVE-2017-11423
- Add subpackage for helper tools
- Run spec-cleaner
Request History
adamm created request
- Correct SRPM group.
- Fix typo
- Update to version 0.6
* read_spaninfo(): a CHM file can have no ResetTable and have a
negative length in SpanInfo, which then feeds a negative output
length to lzxd_init(), which then sets frame_size to a value of
your choosing, the lower 32 bits of output length, larger than
LZX_FRAME_SIZE. If the first LZX block is uncompressed, this
writes data beyond the end of the window.
This issue was raised by ClamAV as CVE-2017-6419.
* lzxd_init(), lzxd_set_output_length(), mszipd_init(): due to the
issue mentioned above, these functions now reject negative lengths
* cabd_read_string(): add missing error check on result of read().
If an mspack_system implementation returns an error, it's
interpreted as a huge positive integer, which leads to reading
past the end of the stack-based buffer.
This issue was raised by ClamAV as CVE-2017-11423
- Add subpackage for helper tools
- Run spec-cleaner
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto added repo-checker as a reviewer
Please review build success
factory-auto accepted review
Check script succeeded
staging-bot set openSUSE:Factory:Staging:J as a staging project
Being evaluated by staging project "openSUSE:Factory:Staging:J"
staging-bot accepted review
Picked openSUSE:Factory:Staging:J
licensedigger accepted review
ok
repo-checker accepted review
cycle and install check passed
dimstar accepted review
dimstar_suse accepted review
ready to accept
dimstar_suse approved review
ready to accept
dimstar_suse accepted request
Accept to openSUSE:Factory
This does not look lie a Library - this package contains binaries installed to $PATH
Indeed. It should be Productivity/File utilities. Changed, but not restarting staging just for that ;) Maybe someone will find something else to improve before the Factory Bots pulls it in later.