-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 26 Oct 2018 19:03:02 +0200 Source: libmspack Binary: libmspack0 libmspack-dev libmspack-dbg libmspack-doc Architecture: source amd64 all Version: 0.5-1+deb8u3 Distribution: jessie-security Urgency: high Maintainer: Marc Dequènes (Duck) <Duck@DuckCorp.org> Changed-By: Thorsten Alteholz <debian@alteholz.de> Description: libmspack-dbg - library for Microsoft compression formats (debugging symbols) libmspack-dev - library for Microsoft compression formats (development files) libmspack-doc - library for Microsoft compression formats (documentation) libmspack0 - library for Microsoft compression formats (shared library) Changes: libmspack (0.5-1+deb8u3) jessie-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2018-18584 Fixing the size of the CAB block input buffer, which is too small for the maximal Quantum block, prevents an out-of-bounds write. * CVE-2018-18585 Blank filenames (having length zero or their 1st or 2nd byte is null) should be rejected. Checksums-Sha1: b183c434fb9bf39ceee83dd3cc13cae6ae41c35c 2265 libmspack_0.5-1+deb8u3.dsc 226f19b1fc58e820671a1749983b06896e108cc4 654193 libmspack_0.5.orig.tar.gz 651329b18d7531bd3c0f210f6812ed29e29dcd6a 8076 libmspack_0.5-1+deb8u3.debian.tar.xz 56826d53efe650571a000b4cca518aa563fcfcfb 47910 libmspack0_0.5-1+deb8u3_amd64.deb c7ca5ab5d158eabfd58da9013b31acdb7650737f 66264 libmspack-dev_0.5-1+deb8u3_amd64.deb ec0625a6cf40abfbec584b7e6d25d6999e5885df 85194 libmspack-dbg_0.5-1+deb8u3_amd64.deb 7a7158f76bb412d4b2cf209483d8f0ed89224a81 102702 libmspack-doc_0.5-1+deb8u3_all.deb Checksums-Sha256: e09f0a0b9855cfd9b20924b97c9200d11746be39f388edf3940553bb73a0b533 2265 libmspack_0.5-1+deb8u3.dsc 8967f275525f5067b364cee43b73e44d0433668c39f9376dfff19f653d1c8110 654193 libmspack_0.5.orig.tar.gz 2b803f86a4b1f52a73e81d53e5e1bfd8e05baa19637f70c7ce7bc2e56d26d89b 8076 libmspack_0.5-1+deb8u3.debian.tar.xz 29815f49b83e919fe6175940b2cf220c2f74146a2550178fdcacd5b8c0f464bf 47910 libmspack0_0.5-1+deb8u3_amd64.deb 55e64d9bb84c014974c3e6bf50a5008836ec11060f828a79ee44b6e4263fdbce 66264 libmspack-dev_0.5-1+deb8u3_amd64.deb 352cab579fd2836bfb5a4177faa5d1f18933807498acc5a19cf141b519f005c4 85194 libmspack-dbg_0.5-1+deb8u3_amd64.deb 3e9846d489b73d1d48ecba3378c9a7836daab5ea756afe2c48d07e6994d72d84 102702 libmspack-doc_0.5-1+deb8u3_all.deb Files: 78545a77afae497fd5a9118905b72f3d 2265 libs optional libmspack_0.5-1+deb8u3.dsc 3aa3f6b9ef101463270c085478fda1da 654193 libs optional libmspack_0.5.orig.tar.gz 7abcae4456d5928732103f2baf2ad078 8076 libs optional libmspack_0.5-1+deb8u3.debian.tar.xz c052cb6b328d9887abd58474e80fbd27 47910 libs optional libmspack0_0.5-1+deb8u3_amd64.deb 8977645d1e65bfa999120b87f97daf6e 66264 libdevel optional libmspack-dev_0.5-1+deb8u3_amd64.deb 38bfe95f754ed93f5e1048201a6a0dec 85194 debug extra libmspack-dbg_0.5-1+deb8u3_amd64.deb ae2bdfb656aa3ef97162515329725dc6 102702 doc optional libmspack-doc_0.5-1+deb8u3_all.deb -----BEGIN PGP SIGNATURE----- iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAlvTVZtfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh bHRlaG9sei5kZQAKCRCW/KwNOHtYRxOoD/4yQ3n+O7ZGdSRCfas2nKp741g/zhqk ji/VFYu0H5FX5+fyytzxRHAyIIZRTNvpsRqxFFLs14R796dl27psJf19jQ3GeRZ1 Wfa8WfUKJtix9NqieHu0sXZOffti2KJxnIGfMuy9/bUMLa7NnVTiFbs1ooz/Vn1H WxXtTP0l+vk1FuUPunkhVT5seb6/Y6oRZI1D5PfxCZXW3RrEPDeWxWlA5HnZiHJ9 oTR06s90G/cES4tsgK1TsvEzSMDkYtoxZGU+3JSRRvHuK3PqriEqYlzXOc6bi/jy MhaLYM/CJHkMccb5TUJeaZYJLXD9SHG2fe9McAs/EzCuCw1EnuDEi9rjDTZ4gkko Im04o6Ev/TPXI7EJcmYdK1jhaQpv4l7Nyy64cdl6yUe/IoaLHGzWJdNWKo6R+vNT 9V8rT+wHGfHK5+pHlNtIjPXhzWnAaKRKVvzaZAN5McELTN/BGt5Ir7tvsTpJbXfF djvRyN6frG7414XqqaBaE/SZdRGfgH6RjniUBTQHS4c31e3ujXrbLL3IiSsJn//U P09ydH1+wHbKsgK3gEb2hZqbKYRLQ6CUkmG6c6ctHzrGM1VnPTzefabKROk8IKiq Ml8ydst64dq3Jte5qrroppKnmbBtS1OXeXvyRG7pv8A9CjEcVyQOi2+DL6w7XpIJ VjGRKFJPZ6dQew== =fKa2 -----END PGP SIGNATURE-----