libmspack-0.5-0.6.alpha.el7

The libmspack packages contain a library providing compression and extraction of the Cabinet (CAB) file format used by Microsoft.

Security Fix(es):

* libmspack: off-by-one error in the CHM PMGI/PMGL chunk number validity checks (CVE-2018-14679)

* libmspack: off-by-one error in the CHM chunk number validity checks (CVE-2018-14680)

* libmspack: out-of-bounds write in kwajd_read_headers in mspack/kwajd.c (CVE-2018-14681)

* libmspack: off-by-one error in the TOLOWER() macro for CHM decompression (CVE-2018-14682)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Asianux Server 7.6 Release Notes linked from the References section.

CVE-2018-14679
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead to denial of service (uninitialized data dereference and application crash).
CVE-2018-14680
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. It does not reject blank CHM filenames.
CVE-2018-14681
An issue was discovered in kwajd_read_headers in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or two byte overwrite.
CVE-2018-14682
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER() macro for CHM decompression.