'Re: [oss-security] Fw: New cabextract 1.7 and libmspack 0.7 release'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] Fw: New cabextract 1.7 and libmspack 0.7 release
From:       Salvatore Bonaccorso <carnil () debian ! org>
Date:       2018-07-28 21:23:57
Message-ID: 20180728212357.GA1623 () eldamar ! local
[Download RAW message or body]

Hi,

On Thu, Jul 26, 2018 at 09:09:36AM +0200, Hanno Böck wrote:
> Several memory safety bugs fixed, see below.
> 
> Begin forwarded message:
> 
> Date: Thu, 26 Jul 2018 00:46:18 +0100
> From: Stuart Caie
> Subject: New cabextract 1.7 and libmspack 0.7 release
> 
> 
> Hello all,
> 
> cabextract 1.7 has been released.
> 
> It fixes a few bugs, an introduces a new "--encoding" option, which is 
> made available if the iconv() function and/or libiconv library are 
> available on your system. It also now tries calling setlocale() (if 
> present) with several possible locales that have a UTF-8 ctype, to
> allow towlower() (if present) to lowercase non-ASCII characters.
> 
> cabextract can be downloaded from https://www.cabextract.org.uk/
> 
> SHA256 sums:
> 
> 06d3cdded6519fccff1532f64ab54ce6cc3c7be51bcc6fff0f91092179a9bb26 
> cabextract-1.7-1.i386.rpm
> 11570d7e5ba0f46f458b88d76d2f0bdcad3a1266055ea5c8229830be2023e16e 
> cabextract-1.7-1.src.rpm
> 297203c826c004801ea1b17414f568e7bdf56c3ae9bbaca4d8514e8a56e506bd 
> cabextract-1.7.tar.gz
> 
> libmspack 0.7alpha has also been released. It fixes several bugs:
> 
> * bad KWAJ file header extensions could cause a one or two byte
>   overwrite
> * The character U+0100 in a CHM filename could cause a one-byte overread
> * libmspack now rejects blank CHM filenames.
> * Fixed off-by-one error in CHM PMGI/PMGL chunk number validity checks, 
> which could cause a crash by dereferencing uninitialised data beyond
>   the end of the fast_find() chunk cache.

MITRE has assigned four CVEs as follows

CVE-2018-14679:
https://github.com/kyz/libmspack/commit/72e70a921f0f07fee748aec2274b30784e1d312a
(for the off-by-one error in CHM PMGI/PMGL chunk number validity
checks part).

CVE-2018-14680:
https://github.com/kyz/libmspack/commit/72e70a921f0f07fee748aec2274b30784e1d312a
(for not-rejecting blank CHM filenames part).

CVE-2018-14681:
https://github.com/kyz/libmspack/commit/0b0ef9344255ff5acfac6b7af09198ac9c9756c8

CVE-2018-14682:
https://github.com/kyz/libmspack/commit/4fd9ccaa54e1aebde1e4b95fb0163b699fd7bcc8

Regards,
Salvatore
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic