| Revision Date: | 2020-09-22 | Version: | 1 |
| Title: | Security update for libmspack (Moderate) |
| Description: |
This update for libmspack fixes the following issues:
Security issues fixed:
- CVE-2019-1010305: Fixed a buffer overflow triggered by a crafted chm file which could have led to information disclosure (bsc#1141680). - CVE-2018-18584: The CAB block input buffer was one byte too small for the maximal Quantum block, leading to an out-of-bounds write. (bsc#1113038) - CVE-2018-18585: chmd_read_headers accepted a filename that has '\0' as its first or second character (such as the '/\0' name). (bsc#1113039) - Fix off-by-one bounds check on CHM PMGI/PMGL chunk numbers and reject empty filenames.
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1113038
1113039
1130489
1141680
CVE-2018-18584
CVE-2018-18585
CVE-2019-1010305
|
| Platform(s): | SUSE Linux Enterprise Server 12 SP3-TERADATA
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND libmspack0-0.4-15.7.1 is installed
|