Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

libmspack0-32bit-0.11-150600.1.2 RPM for x86_64

From OpenSuSE Leap 15.6 for x86_64

Name: libmspack0-32bit Distribution: SUSE Linux Enterprise 15
Version: 0.11 Vendor: SUSE LLC <https://www.suse.com/>
Release: 150600.1.2 Build date: Fri Mar 8 18:48:20 2024
Group: System/Libraries Build host: h01-ch3b
Size: 79260 Source RPM: libmspack-0.11-150600.1.2.src.rpm
Packager: https://www.suse.com/
Url: https://www.cabextract.org.uk/libmspack/
Summary: Library That Implements Different Microsoft Compressions
The purpose of libmspack is to provide both compression and
decompression of some loosely related file formats used by Microsoft.
Currently the most common formats are implemented.

Provides

Requires

License

LGPL-2.1-only

Changelog

* Mon Jan 22 2024 danilo.spinella@suse.com
  - The following bugs and CVEs are not affecting TW:
    * CVE-2018-18584
    * CVE-2018-18585
    * CVE-2018-18586
    * CVE-2019-1010305
    * bsc#1113038
    * bsc#1113039
    * bsc#1113040
    * bsc#1130489
    * bsc#1141680
* Mon Feb 06 2023 info@paolostivanin.com
  - Update to version 0.11:
    * see https://github.com/kyz/libmspack/blob/master/libmspack/ChangeLog
      for a full changelog
* Wed Mar 06 2019 mardnh@gmx.de
  - Update to version 0.10.1
    * Bugfix release, no functional changes
* Mon Mar 04 2019 mardnh@gmx.de
  - Update to version 0.10:
    * Fix Heap buffer overflow in chmd_read_headers()
    * Fix memory exhausted in chmd_read_headers()
    * Fix memory exhausted in oabd_decompress()
* Wed Nov 07 2018 sbrabec@suse.com
  - Update to version 0.9.1:
    * Fix bug in decompressing data to get to the correct folder
      offset when the folder is LZX compressed (0.8 regression).
    * Build system cleanup
    * Testsuite available
    * Does not install testing tools and examples by default.
  - Rename mspack-tools to mspack-examples to follow upstream change.
* Tue Oct 23 2018 sbrabec@suse.com
  - Update to version 0.8:
    * New parameter MSCABD_PARAM_SALVAGE which permits salvaging
      badly damaged files rather than rejecting them outright.
    * Fix the above 38912-byte Quantum CAB block bug.
    * Reject blank CHM filenames that are blank because they have
      embedded null bytes.
    * chmextract: Protect from absolute/relative pathnames in CHM
      files.
* Mon Jul 30 2018 sbrabec@suse.com
  - Update to version 0.7 (bsc#1103032):
    * Fix 1 or 2 byte overwrite by bad KWAJ file header extensions
      (CVE-2018-14681).
    * Fix 1 byte overread by character U+0100 in a CHM filename
      (CVE-2018-14682).
    * Reject blank CHM filenames (CVE-2018-14680).
    * Fix off-by-1 in CHM PMGI/PMGL chunk number validity checks,
      which could cause a crash (CVE-2018-14679).
* Fri Jan 19 2018 adam.majer@suse.de
  - Correct mspack-tools group to Productivity/File utilities
* Tue Jan 16 2018 jengelh@inai.de
  - Correct SRPM group.
* Tue Jan 16 2018 mardnh@gmx.de
  - Fix typo
* Mon Jan 15 2018 mardnh@gmx.de
  - Update to version 0.6
    * read_spaninfo(): a CHM file can have no ResetTable and have a
    negative length in SpanInfo, which then feeds a negative output
    length to lzxd_init(), which then sets frame_size to a value of
    your choosing, the lower 32 bits of output length, larger than
    LZX_FRAME_SIZE. If the first LZX block is uncompressed, this
    writes data beyond the end of the window.
    This issue was raised by ClamAV as CVE-2017-6419.
    * lzxd_init(), lzxd_set_output_length(), mszipd_init(): due to the
    issue mentioned above, these functions now reject negative lengths
    * cabd_read_string(): add missing error check on result of read().
    If an mspack_system implementation returns an error, it's
    interpreted as a huge positive integer, which leads to reading
    past the end of the stack-based buffer.
    This issue was raised by ClamAV as CVE-2017-11423
  - Add subpackage for helper tools
  - Run spec-cleaner
* Fri Feb 27 2015 sbrabec@suse.cz
  - Remove problematic libmspack-qtmd_decompress-loop.patch
    (bnc#912214#c10).
    Version 0.5 has a correct fix dated 2015-01-05.
* Wed Feb 11 2015 p.drouand@gmail.com
  - Update to version 0.5
    * Please read the changelog; too many things to list
* Tue Jan 20 2015 sbrabec@suse.cz
  - Fix possible infinite loop caused DoS (bnc912214, CVE-2014-9556,
    libmspack-qtmd_decompress-loop.patch).

Files

/usr/lib/libmspack.so.0
/usr/lib/libmspack.so.0.1.0


Generated by rpm2html 1.8.1

Fabrice Bellet, Sat May 11 23:39:44 2024