-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2019-da6be81bd3 2019-07-26 01:50:50.617877 --------------------------------------------------------------------------------
Name : libmspack Product : Fedora 29 Version : 0.10.1 Release : 0.1.alpha.fc29 URL : http://www.cabextract.org.uk/libmspack/ Summary : Library for CAB and related files compression and decompression Description : The purpose of libmspack is to provide both compression and decompression of some loosely related file formats used by Microsoft.
-------------------------------------------------------------------------------- Update Information:
Security fix for CVE-2019-1010305 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jul 17 2019 Dan Hor��k <dan[at]danny.cz> - 0.10.1-0.1.alpha - updated to 0.10.1alpha (fixes CVE-2019-1010305) * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 0.9.1-0.2.alpha - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Tue Nov 6 2018 Rex Dieter rdieter@fedoraproject.org - 0.9.1-0.1.alpha - 0.9.1alpha - libmspack-0.8-0.1.alpha corrupts extracted cab files (#1647033) - examples no longer installed (by default) * Tue Oct 30 2018 Rex Dieter rdieter@fedoraproject.org - 0.8-0.1.alpha - 0.8alpha - use %make_build %make_install %ldconfig_scriptlets %license - devel: use %{?_isa} to tighten dep on main pkg - drop deprecated Group: tag - %files: tighten to include library soname -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1730568 - CVE-2019-1010305 libmspack: buffer overflow in function chmd_read_headers() https://bugzilla.redhat.com/show_bug.cgi?id=1730568 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-da6be81bd3' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------