1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 4260-1] libmspack security update

    From Salvatore Bonaccorso@1:229/2 to All on Thu Aug 2 23:20:01 2018
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4260-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 02, 2018 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : libmspack
    CVE ID : CVE-2018-14679 CVE-2018-14680 CVE-2018-14681 CVE-2018-14682 Debian Bug : 904799 904800 904801 904802

    Several vulnerabilities were discovered in libsmpack, a library used to
    handle Microsoft compression formats. A remote attacker could craft
    malicious CAB, CHM or KWAJ files and use these flaws to cause a denial
    of service via application crash, or potentially execute arbitrary code.

    For the stable distribution (stretch), these problems have been fixed in version 0.5-1+deb9u2.

    We recommend that you upgrade your libmspack packages.

    For the detailed security status of libmspack please refer to its
    security tracker page at:
    https://security-tracker.debian.org/tracker/libmspack

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAltjchxfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0SH7w//aMohH/3ymPCXrXB3RR+NmXpAFeVWO6EbKW2g3J/YEZAWe/nssupxK6Ws 3s8eHYhFxbffpzonkyVQ7E8nfBtp3osUmd9Ir+T2ftzpuSfsCWYFhERpep8c5eAP 4l43UOB118A3fWmVc6i/44/gc0XCRVfWF/SfEofx20x4CQSCliuTHRrQVqudFkgF SsqVwbcpKhiMvUH9eq8Csi0LRywLdz7rX6dEKJ131bxcUmPIP02/wwmHDJQcjbg/ EEyCVbEYYIrIJiUh58OF/OmBFTT1im6rCYmfeyrPiotacSBT5K1dorjvnUytFuO/ Yf/2I1tSEb325hoqx+958pGj0Y+4ubjIpRuvhV/rM4r9kKmQbW344dft2FTqKOp/ a6K+LuaobcqXf9qZC1E/EytJuZNl57pdRAiOTVt3szNSfT3WCHrLWf6ZwF6PwTII HKmfvNPrmfSJI7KEKpmra9FW21jwAcYJL6Xt6LWPKoPVR52rJv1WMd84edsg2mGI J0P62TOKv3ZaJvpBrQ+bkuFoBrQE10RN43iAzOWVqBnw1LxMqq2WOnxHpcYduOBr VduZWPiA8sN9Ee1WrVUn/ct81yie9RxJ21SZZEnoFR3wpMqBsIzeNsB9ISMVtalv TeCi0ZETyCgdFPs7jEIA8F2q0Gg9DgXtcjnc4aIkOSA5IOj0G1w=
    =fFmf
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)