ALSA-2020:1686

[ALSA-2020:1686] Low: libmspack security and bug fix update

Type:

security

Severity:

low

Release date:

2021-11-12

Description:

The libmspack packages contain a library providing compression and extraction of the Cabinet (CAB) file format used by Microsoft.

Security Fix(es):

* libmspack: buffer overflow in function chmd_read_headers() (CVE-2019-1010305)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	libmspack-devel-0.7-0.3.alpha.el8.4.aarch64.rpm	6802b8ffb8d994c40ed5cc1718d3ba123457d23dcdb256d92a1554c6dbbcaa23
aarch64	libmspack-0.7-0.3.alpha.el8.4.aarch64.rpm	8f56372f7d3345cda6bf45a394446a14abc685f74d4e4cc5b8e0dfbfb746daa0
i686	libmspack-0.7-0.3.alpha.el8.4.i686.rpm	23805bddb17b3577f7c3a98895266cbca96e5739b7d85cc0797a22bd2003402f
i686	libmspack-devel-0.7-0.3.alpha.el8.4.i686.rpm	c953f6a84944896c8bd279f5685357ac21116356a876140e7abad1ba5d7263c5
ppc64le	libmspack-devel-0.7-0.3.alpha.el8.4.ppc64le.rpm	437142791e5a1d2e67cc906dbebb474b70c53e43501071697046ee7d0c3589be
ppc64le	libmspack-0.7-0.3.alpha.el8.4.ppc64le.rpm	7267bda4330688afe5c99661ad142ee057acb9729f4a5428055430bdafa4533b
x86_64	libmspack-0.7-0.3.alpha.el8.4.x86_64.rpm	0b4af4cd843761ee776be0a08b8716e60e3636541554facacb8cb838ece133c4
x86_64	libmspack-devel-0.7-0.3.alpha.el8.4.x86_64.rpm	2bcc111e94e97f1b3ee1719aebb5133ad832a787282e2c6753be107fc5318749

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.