pkgsrc-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

New cabextract 1.5 and libmspack 0.5alpha release



Hello all,

cabextract 1.5 and libmspack 0.5alpha have been released.

The main changes are fixes in handling invalid files, which were found by Debian researchers using the American fuzzy lop (afl) tool.
  • CVE-2014-9556: A CAB file with invalid file offset or length (where offset + length == 2^32) causes an infinite loop in the Quantum decoder on 32-bit architectures. [Debian bugs #772891, #773041]
  • A CAB file with two folders, the second folder invalid, and a file decompression order of folder 1, 2, 1, causes execution to jump to NULL. [Debian bugs #773659, #774665]
  • A CHM file with reset interval of zero causes division by zero. [Debian bug #774725]
  • A CHM file with invalid name lengths in PGML/PGMI blocks causes over-read and segfaults on 32-bit architecture [Debian bugs #774726, #775687]
  • A CAB file with MSZIP-compressed data and a distance code of 30 causes a 1 byte over-read [Debian bug #775498]
  • A CAB file with zero-length filenames causes a 1 byte over-read.
  • A CAB file with invalid UTF-8 encoded filenames causes over-read of up to 5 bytes.
  • A CAB or CHM file with LZX-compressed data ending early during an odd-sized uncompressed block can cause a 1-byte under-read. [Debian bug #775499]
These issues have been fixed.

Additionally, cabextract and libmspack's mschm_decompressor::fast_find now have more robust handling of invalid UTF-8 encoded filenames, and the bundled extra script wince_rename now creates files' install directories.

cabextract and libmspack can be downloaded from http://www.cabextract.org.uk/

SHA256 sums:

4df8c1e25563b5e5433b50f30d75686f7d31511889fcacd8d5249b6894e1eff9  cabextract-1.5-1.i386.rpm
f959be5c4fc089835743440cc3775fa342fcdf2ef6873dc2bba84db6448ffb86  cabextract-1.5-1.src.rpm
23d6ae3f65cd90b036958fa95fc4d9983f80fded4bd8e2ad2736ba8c4095268a  cabextract-1.5.tar.gz
8967f275525f5067b364cee43b73e44d0433668c39f9376dfff19f653d1c8110  libmspack-0.5alpha.tar.gz

Regards
Stuart


Home | Main Index | Thread Index | Old Index