Photon OS 1.0: Libmspack PHSA-2019-1.0-0247

An update of the libmspack package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-1.0-0247. The text itself is copyright C VMware, Inc. include"compat.inc"; if description...

Debian: Security Advisory (DLA-1895-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 1895-1] libmspack security update

Package : libmspack Version : 0.5-1+deb8u4 CVE ID : CVE-2019-1010305 JsHuang found an issue in libmspack, a library for Microsoft compression format. Opening a crafted chm file might result in a buffer overflow which might disclose confidential information. For Debian 8 "Jessie", this problem has...

DLA-1895-1 libmspack - security update

Bulletin has no description...

Important Photon OS Security Update - PHSA-2019-0248

Updates of 'systemd', 'libmspack', 'patch', 'dracut', 'binutils', 'mysql' packages of Photon OS have been released...

libmspack security update

0.5-0.7.alpha - Fixes for CVE-2018-18584 CVE-2018-18585. resolves: rhbz1648384 rhbz1648385...

RHEL 7 : libmspack (RHSA-2019:2049)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2049 advisory. The libmspack packages contain a library providing compression and extraction of the Cabinet CAB file format used by Microsoft. Security...

Improper NULL Byte Parsing

libmspack parses NULL bytes in an insecure manner. The chmdreadheaders function in mspack/chmd.c accepts filenames that has \0 as its first or second character. This could allow attackers to bypass input validations or authorization controls...

Denial Of Service (Dos)

libmspack is vulnerable to denial of service. The CAB block input buffer is one byte too small for the maximal Quantum block, which would allow an attacker to crash the application via an out-of-bounds write using a malicious CAB block input...

libmspack: Out-of-bounds write in mspack/cab.h

In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write...

libmspack: chmd_read_headers() fails to reject filenames containing NULL bytes

chmdreadheaders in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character such as the "/\0" name...

Moderate: Red Hat Security Advisory: libmspack security update

An update for libmspack is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-1.0-0247

An update of 'redis', 'libmspack', 'expat' packages of Photon OS has been released...

Important Photon OS Security Update - PHSA-2019-0247

Updates of 'libssh2', 'libmspack', 'redis', 'expat' packages of Photon OS have been released...

[SECURITY] Fedora 29 Update: libmspack-0.10.1-0.1.alpha.fc29

The purpose of libmspack is to provide both compression and decompression of some loosely related file formats used by Microsoft...

[SECURITY] Fedora 30 Update: libmspack-0.10.1-0.1.alpha.fc30

The purpose of libmspack is to provide both compression and decompression of some loosely related file formats used by Microsoft...

Fedora 29 : libmspack (2019-da6be81bd3)

Security fix for CVE-2019-1010305 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Networ...

Fedora Update for libmspack FEDORA-2019-da6be81bd3

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora Update for libmspack FEDORA-2019-6235a32624

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora 30 : libmspack (2019-6235a32624)

Security fix for CVE-2019-1010305 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Networ...