Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

libmspack-devel-0.6-3.8.19 RPM for s390x

From OpenSuSE Leap 15.3 for s390x

Name: libmspack-devel Distribution: SUSE Linux Enterprise 15
Version: 0.6 Vendor: SUSE LLC <https://www.suse.com/>
Release: 3.8.19 Build date: Thu May 14 17:08:50 2020
Group: Development/Libraries/C and C++ Build host: s390zp36
Size: 89240 Source RPM: libmspack-0.6-3.8.19.src.rpm
Packager: https://www.suse.com/
Url: http://www.cabextract.org.uk/libmspack/
Summary: Static libraries, header files and documentation for libmspack
The libmspack-devel package contains the header files and static
libraries necessary for developing programs using libmspack.

Provides

Requires

License

LGPL-2.1

Changelog

* Mon Nov 04 2019 kstreitova@suse.com
  - add libmspack-0.6alpha-CVE-2019-1010305.patch to fix a buffer
    overflow in chmd_read_headers(): a CHM file name beginning "::"
    but shorter than 33 bytes will lead to reading past the
    freshly-allocated name buffer - checks for specific control
    filenames didn't take length into account [bsc#1141680]
    [CVE-2019-1010305]
* Fri Mar 29 2019 mcalabkova@suse.com
  - Enable build-time tests (bsc#1130489)
    * Added patch libmspack-failing-tests.patch
* Fri Oct 26 2018 mcalabkova@suse.com
  - Added patches:
    * libmspack-resize-buffer.patch -- CAB block input buffer is one
      byte too small for maximal Quantum block.
    * libmspack-fix-bounds-checking.patch --  Fix off-by-one bounds
      check on CHM PMGI/PMGL chunk numbers and reject empty filenames.
    * libmspack-reject-blank-filenames.patch -- Avoid returning CHM
      file entries that are "blank" because they have embedded null
      bytes.
    * (the last two patches were modified by removing unneeded part
      in order to make them more independent)
  - Fixed bugs:
    * CVE-2018-18584 (bsc#1113038)
    * CVE-2018-18585 (bsc#1113039)
* Fri Jan 19 2018 adam.majer@suse.de
  - Correct mspack-tools group to Productivity/File utilities
* Tue Jan 16 2018 jengelh@inai.de
  - Correct SRPM group.
* Tue Jan 16 2018 mardnh@gmx.de
  - Fix typo
* Mon Jan 15 2018 mardnh@gmx.de
  - Update to version 0.6
    * read_spaninfo(): a CHM file can have no ResetTable and have a
    negative length in SpanInfo, which then feeds a negative output
    length to lzxd_init(), which then sets frame_size to a value of
    your choosing, the lower 32 bits of output length, larger than
    LZX_FRAME_SIZE. If the first LZX block is uncompressed, this
    writes data beyond the end of the window.
    This issue was raised by ClamAV as CVE-2017-6419.
    * lzxd_init(), lzxd_set_output_length(), mszipd_init(): due to the
    issue mentioned above, these functions now reject negative lengths
    * cabd_read_string(): add missing error check on result of read().
    If an mspack_system implementation returns an error, it's
    interpreted as a huge positive integer, which leads to reading
    past the end of the stack-based buffer.
    This issue was raised by ClamAV as CVE-2017-11423
  - Add subpackage for helper tools
  - Run spec-cleaner
* Fri Feb 27 2015 sbrabec@suse.cz
  - Remove problematic libmspack-qtmd_decompress-loop.patch
    (bnc#912214#c10).
    Version 0.5 has a correct fix dated 2015-01-05.
* Wed Feb 11 2015 p.drouand@gmail.com
  - Update to version 0.5
    * Please read the changelog; too many things to list
* Tue Jan 20 2015 sbrabec@suse.cz
  - Fix possible infinite loop caused DoS (bnc912214, CVE-2014-9556,
    libmspack-qtmd_decompress-loop.patch).

Files

/usr/include/mspack.h
/usr/lib64/libmspack.so
/usr/lib64/pkgconfig/libmspack.pc


Generated by rpm2html 1.8.1

Fabrice Bellet, Sat Mar 9 15:01:09 2024