Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

libmspack-devel-0.11-150600.1.2 RPM for x86_64

From OpenSuSE Leap 15.6 for x86_64

Name: libmspack-devel Distribution: SUSE Linux Enterprise 15
Version: 0.11 Vendor: SUSE LLC <https://www.suse.com/>
Release: 150600.1.2 Build date: Fri Mar 8 19:30:45 2024
Group: Development/Libraries/C and C++ Build host: h01-ch4d
Size: 91877 Source RPM: libmspack-0.11-150600.1.2.src.rpm
Packager: https://www.suse.com/
Url: https://www.cabextract.org.uk/libmspack/
Summary: Static libraries, header files and documentation for libmspack
 
The libmspack-devel package contains the header files and static
libraries necessary for developing programs using libmspack.

Provides

Requires

License

LGPL-2.1-only

Changelog

* Mon Jan 22 2024 danilo.spinella@suse.com
  - The following bugs and CVEs are not affecting TW:
    * CVE-2018-18584
    * CVE-2018-18585
    * CVE-2018-18586
    * CVE-2019-1010305
    * bsc#1113038
    * bsc#1113039
    * bsc#1113040
    * bsc#1130489
    * bsc#1141680
* Mon Feb 06 2023 info@paolostivanin.com
  - Update to version 0.11:
    * see https://github.com/kyz/libmspack/blob/master/libmspack/ChangeLog
      for a full changelog
* Wed Mar 06 2019 mardnh@gmx.de
  - Update to version 0.10.1
    * Bugfix release, no functional changes
* Mon Mar 04 2019 mardnh@gmx.de
  - Update to version 0.10:
    * Fix Heap buffer overflow in chmd_read_headers()
    * Fix memory exhausted in chmd_read_headers()
    * Fix memory exhausted in oabd_decompress()
* Wed Nov 07 2018 sbrabec@suse.com
  - Update to version 0.9.1:
    * Fix bug in decompressing data to get to the correct folder
      offset when the folder is LZX compressed (0.8 regression).
    * Build system cleanup
    * Testsuite available
    * Does not install testing tools and examples by default.
  - Rename mspack-tools to mspack-examples to follow upstream change.
* Tue Oct 23 2018 sbrabec@suse.com
  - Update to version 0.8:
    * New parameter MSCABD_PARAM_SALVAGE which permits salvaging
      badly damaged files rather than rejecting them outright.
    * Fix the above 38912-byte Quantum CAB block bug.
    * Reject blank CHM filenames that are blank because they have
      embedded null bytes.
    * chmextract: Protect from absolute/relative pathnames in CHM
      files.
* Mon Jul 30 2018 sbrabec@suse.com
  - Update to version 0.7 (bsc#1103032):
    * Fix 1 or 2 byte overwrite by bad KWAJ file header extensions
      (CVE-2018-14681).
    * Fix 1 byte overread by character U+0100 in a CHM filename
      (CVE-2018-14682).
    * Reject blank CHM filenames (CVE-2018-14680).
    * Fix off-by-1 in CHM PMGI/PMGL chunk number validity checks,
      which could cause a crash (CVE-2018-14679).
* Fri Jan 19 2018 adam.majer@suse.de
  - Correct mspack-tools group to Productivity/File utilities
* Tue Jan 16 2018 jengelh@inai.de
  - Correct SRPM group.
* Tue Jan 16 2018 mardnh@gmx.de
  - Fix typo
* Mon Jan 15 2018 mardnh@gmx.de
  - Update to version 0.6
    * read_spaninfo(): a CHM file can have no ResetTable and have a
    negative length in SpanInfo, which then feeds a negative output
    length to lzxd_init(), which then sets frame_size to a value of
    your choosing, the lower 32 bits of output length, larger than
    LZX_FRAME_SIZE. If the first LZX block is uncompressed, this
    writes data beyond the end of the window.
    This issue was raised by ClamAV as CVE-2017-6419.
    * lzxd_init(), lzxd_set_output_length(), mszipd_init(): due to the
    issue mentioned above, these functions now reject negative lengths
    * cabd_read_string(): add missing error check on result of read().
    If an mspack_system implementation returns an error, it's
    interpreted as a huge positive integer, which leads to reading
    past the end of the stack-based buffer.
    This issue was raised by ClamAV as CVE-2017-11423
  - Add subpackage for helper tools
  - Run spec-cleaner
* Fri Feb 27 2015 sbrabec@suse.cz
  - Remove problematic libmspack-qtmd_decompress-loop.patch
    (bnc#912214#c10).
    Version 0.5 has a correct fix dated 2015-01-05.
* Wed Feb 11 2015 p.drouand@gmail.com
  - Update to version 0.5
    * Please read the changelog; too many things to list
* Tue Jan 20 2015 sbrabec@suse.cz
  - Fix possible infinite loop caused DoS (bnc912214, CVE-2014-9556,
    libmspack-qtmd_decompress-loop.patch).

Files

/usr/include/mspack.h
/usr/lib64/libmspack.so
/usr/lib64/pkgconfig/libmspack.pc

Generated by rpm2html 1.8.1

Fabrice Bellet, Fri Apr 26 23:37:53 2024