[Git][security-tracker-team/security-tracker][master] Add three new libmspack issues

Salvatore Bonaccorso carnil at debian.org
Mon Oct 22 22:59:10 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cb3dcaa8 by Salvatore Bonaccorso at 2018-10-22T21:56:59Z
Add three new libmspack issues

One issue is theoretically as well affecting the cabextract source, but
since 1.4-5 it is using the system libmspack library. Track it still as
the older entries for cabextract which had issues in the embedded
libmspack code.

chmextract issue is unimportant as the sample code is not installed into
the binary packages.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,21 @@
+CVE-2018-XXXX [Avoid returning CHM file entries that are "blank" because they have embedded null bytes]
+	- libsmpack <unfixed>
+	NOTE: https://github.com/kyz/libmspack/commit/8759da8db6ec9e866cb8eb143313f397f925bb4f
+	NOTE: https://www.openwall.com/lists/oss-security/2018/10/22/1
+CVE-2018-XXXX [add anti "../" and leading slash protection to chmextract]
+	- libsmpack <unfixed> (unimportant)
+	NOTE: https://github.com/kyz/libmspack/commit/7cadd489698be117c47efcadd742651594429e6d
+	NOTE: https://www.openwall.com/lists/oss-security/2018/10/22/1
+	NOTE: src/chmextract.c was renamed from originally test/chmx.c
+	NOTE: This sample code is not installed into the binary packages and was as well
+	NOTE: never the idea to use it in "productised" binaries, but rather just simple
+	NOTE: examples of the library use.
+CVE-2018-XXXX [CAB block input buffer is one byte too small for maximal Quantum block]
+	- cabextract 1.4-5
+	NOTE: Starting with 1.4-5 cabextract uses the mspack system library
+	- libsmpack <unfixed>
+	NOTE: https://github.com/kyz/libmspack/commit/40ef1b4093d77ad3a5cfcee1f5cb6108b3a3bcc2
+	NOTE: https://www.openwall.com/lists/oss-security/2018/10/22/1
 CVE-2018-18575
 	RESERVED
 CVE-2018-18574



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cb3dcaa8eb1f040cfc8e330fded3d44ae3dd0b3a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cb3dcaa8eb1f040cfc8e330fded3d44ae3dd0b3a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181022/433d2535/attachment.html>

More information about the debian-security-tracker-commits mailing list