Skip to content
GitLab
Explore
Sign in
Register
Commits on Source (3)
CVE-2018-18584/libmspack assigned
· 153af69d
Salvatore Bonaccorso
authored
Oct 23, 2018
153af69d
CVE-2018-18585/libmspack assigned
· 47a50bc9
Salvatore Bonaccorso
authored
Oct 23, 2018
47a50bc9
Add CVE-2018-18586/libmspack
· 92f4dd85
Salvatore Bonaccorso
authored
Oct 23, 2018
92f4dd85
Show whitespace changes
Inline
Side-by-side
data/CVE/list
View file @
92f4dd85
CVE-2018-
XXXX
[Avoid returning CHM file entries that are "blank" because they have embedded null bytes]
CVE-2018-
18585
[Avoid returning CHM file entries that are "blank" because they have embedded null bytes]
- libsmpack <unfixed> (bug #911637)
NOTE: https://github.com/kyz/libmspack/commit/8759da8db6ec9e866cb8eb143313f397f925bb4f
NOTE: https://www.openwall.com/lists/oss-security/2018/10/22/1
CVE-2018-
XXXX
[add anti "../" and leading slash protection to chmextract]
CVE-2018-
18586
[add anti "../" and leading slash protection to chmextract]
- libsmpack <unfixed> (unimportant; bug #911639)
NOTE: https://github.com/kyz/libmspack/commit/7cadd489698be117c47efcadd742651594429e6d
NOTE: https://www.openwall.com/lists/oss-security/2018/10/22/1
...
...
@@ -10,7 +10,7 @@ CVE-2018-XXXX [add anti "../" and leading slash protection to chmextract]
NOTE: This sample code is not installed into the binary packages and was as well
NOTE: never the idea to use it in "productised" binaries, but rather just simple
NOTE: examples of the library use.
CVE-2018-
XXXX
[CAB block input buffer is one byte too small for maximal Quantum block]
CVE-2018-
18584
[CAB block input buffer is one byte too small for maximal Quantum block]
- cabextract 1.4-5
NOTE: Starting with 1.4-5 cabextract uses the mspack system library
- libsmpack <unfixed> (bug #911640)