Overview
Request 645188 revoked
- Added patches:
* libmspack-resize-buffer.patch -- CAB block input buffer is one
byte too small for maximal Quantum block.
* libmspack-fix-bounds-checking.patch -- Fix off-by-one bounds
check on CHM PMGI/PMGL chunk numbers and reject empty filenames.
* libmspack-reject-blank-filenames.patch -- Avoid returning CHM
file entries that are "blank" because they have embedded null
bytes.
* libmspack-fix-install.patch -- Add anti "../" and leading slash
protection to chmextract.
- Fixed bugs:
* CVE-2018-18584 (bsc#1113038)
* CVE-2018-18585 (bsc#1113039)
* CVE-2018-18586 (bsc#1113040)
- Created by mcalabkova
- In state revoked
Request History
mcalabkova created request
- Added patches:
* libmspack-resize-buffer.patch -- CAB block input buffer is one
byte too small for maximal Quantum block.
* libmspack-fix-bounds-checking.patch -- Fix off-by-one bounds
check on CHM PMGI/PMGL chunk numbers and reject empty filenames.
* libmspack-reject-blank-filenames.patch -- Avoid returning CHM
file entries that are "blank" because they have embedded null
bytes.
* libmspack-fix-install.patch -- Add anti "../" and leading slash
protection to chmextract.
- Fixed bugs:
* CVE-2018-18584 (bsc#1113038)
* CVE-2018-18585 (bsc#1113039)
* CVE-2018-18586 (bsc#1113040)
licensedigger accepted review
ok
factory-auto accepted review
Check script succeeded
maintbot added libmspack as a reviewer
Submission for libmspack by someone who is not maintainer in the devel project (devel:libraries:c_c++). Please review
maintbot accepted review
ok
namtrac accepted review
namtrac approved review
AndreasStieger declined request
SLE inherited package, will be taken from SLE maintenance
mcalabkova revoked request