-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : libmspack Version : 0.5-1+deb8u4 CVE ID : CVE-2019-1010305
JsHuang found an issue in libmspack, a library for Microsoft compression format. Opening a crafted chm file might result in a buffer overflow which might disclose confidential information.
For Debian 8 "Jessie", this problem has been fixed in version 0.5-1+deb8u4. We recommend that you upgrade your libmspack packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl1gUTVfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7 WEfleQ/+OGXkvlaUHjBW6htsM0AJZmIKZ0zxEjafOxRFgUH08fE4qVMtVDf680dQ VshW+lNDK/ePmc9YbVgiYMOZIgm0kf1UlFOgQ7OomoOM4/P8S1g8kAI9xNxxUQQ1 U/2gZDa2NLNSQOf/QEcGMRIoZkDeXu6GbPyXaDIWsZMPiDrwzIzb66MQ3MzMoDqu iq8DNhkKXHjdcaV/UYvXrArNiu96/CGExdDNVazJu3jUQKtaPocTCww6DQ42yXym 0nRhWkcJXx5mdo703Wtg8dCoh/G+S5Wy6czP0ltbKiuJqTXMO+C1pwshZpKN6At1 alMu1GlD/VsqF+uBQfva28VBLC9+ioLoMVs2coadnSF2EmfzXLwl5H+BY87n0mQq bVvTm3fG/tIRg6R+dh1+s1bJs9RLG1RBvlgOs+J/PQNk8eCTGr891QBCRL+WK2/K jTyU52SJy9sACK+tjUmth3N+78QQXWKGTGbwpk0aWC78k4slve9hgANyayDMiK3B KmubXBjAdWmVg31bl0ppq9ANdU2i1+4q8DWoSdpwBTMg5ZNGgoZj7eLvdQ+9sFut 9Nct+Niaq+VKcf9BUs4ekuAlSh6VnaJQBZJLG854K29l9gAtezug2wjjTfl4Tocr r4EXSc/6648beGOuJSjSZOqMv72DjdgmfspqA6mQ1wIjMVH6iWs= =rcia -----END PGP SIGNATURE-----
