[Pkg-clamav-devel] Bug#773659: cabextract: null pointer dereference on a crafted CAB

Sun Jan 18 14:44:45 UTC 2015

On 16/01/2015 20:29, Sebastian Andrzej Siewior wrote:
>
> Well, it looks like Jakub did not stop yet. Atleast those two do not do
> not crash immediately.
>
> - libmspack: off-by-one buffer over-read in mspack/mszipd.c
>    https://bugs.debian.org/775498
>
> - libmspack: off-by-one(?) buffer under-read in mspack/lzxd.c
>    https://bugs.debian.org/775499
Now fixed in the libmspack repository.

Regards
Stuart