{
  "schema_version": "1.7.0",
  "id": "MGASA-2018-0455",
  "published": "2018-11-17T22:23:26Z",
  "modified": "2018-11-17T21:58:01Z",
  "summary": "Updated libmspack/cabextract packages fix security vulnerabilities",
  "details": "Hanno Böck discovered that libmspack incorrectly handled certain CHM\nfiles. An attacker could possibly use this issue to cause a denial of\nservice (CVE-2018-14679, CVE-2018-14680).\n\nJakub Wilk discovered that libmspack incorrectly handled certain KWAJ\nfiles. An attacker could possibly use this issue to execute arbitrary\ncode (CVE-2018-14681).\n\nDmitry Glavatskikh discovered that libmspack incorrectly certain CHM\nfiles. An attacker could possibly use this issue to execute arbitrary\ncode (CVE-2018-14682).\n\nIf a CAB file has a Quantum-compressed datablock with exactly 38912\ncompressed bytes, cabextract would write exactly one byte beyond its\ninput buffer (CVE-2018-18584).\n\nlibmspack didn't reject blank CHM filenames that are blank because they\nhave embedded null bytes, not just because they are zero-length\n(CVE-2018-18585).\n\nchmextract didn't protect from absolute/relative pathnames in CHM files\n(CVE-2018-18586).\n",
  "upstream": [
    "CVE-2018-14679",
    "CVE-2018-14680",
    "CVE-2018-14681",
    "CVE-2018-14682",
    "CVE-2018-18584",
    "CVE-2018-18585",
    "CVE-2018-18586"
  ],
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://advisories.mageia.org/MGASA-2018-0455.html"
    },
    {
      "type": "REPORT",
      "url": "https://bugs.mageia.org/show_bug.cgi?id=23365"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3728-1/"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2018/10/22/1"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2018/10/23/11"
    }
  ],
  "affected": [
    {
      "package": {
        "ecosystem": "Mageia:6",
        "name": "libmspack",
        "purl": "pkg:rpm/mageia/libmspack?arch=source&distro=mageia-6"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.9.1-0.alpha.1.mga6"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "core"
      }
    },
    {
      "package": {
        "ecosystem": "Mageia:6",
        "name": "cabextract",
        "purl": "pkg:rpm/mageia/cabextract?arch=source&distro=mageia-6"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.9-1.mga6"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "core"
      }
    }
  ],
  "credits": [
    {
      "name": "Mageia",
      "type": "COORDINATOR",
      "contact": [
        "https://wiki.mageia.org/en/Packages_Security_Team"
      ]
    }
  ]
}