On 18/01/2015 22:00, Sebastian Andrzej Siewior wrote:
On 2015-01-18 18:59:33 [+0100], Jakub Wilk wrote:
Sorry, it's me again! libmspack crashes on the attached file:
As I've seen your ubsan reports, I assumed you were done. Wrong this
was.
$ gpg -d crash.chm.asc crash.chm
$ test/chmd_md5
On 12/08/17 20:40, Sebastian Andrzej Siewior wrote:
On 2017-08-12 00:42:06 [+0100], Stuart Caie wrote:
On 11/08/17 19:07, Sebastian Andrzej Siewior wrote:
[0] https://security-tracker.debian.org/tracker/CVE-2017-6419
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6419
[1
On 11/08/17 19:07, Sebastian Andrzej Siewior wrote:
[0] https://security-tracker.debian.org/tracker/CVE-2017-6419
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6419
[1]
https://github.com/vrtadmin/clamav-devel/commit/a83773682e856ad6529ba6db8d1792e6d515d7f1
Stuart, is this
For your information, libmspack 0.6alpha has now been released.
On 06/08/17 20:22, Sebastian Andrzej Siewior wrote:
On 2017-08-06 10:22:11 [+0100], Stuart Caie wrote:
Commited a fix:
https://github.com/kyz/libmspack/commit/17038206fcc384dcee6dd9e3a75f08fd3ddc6a38
I'll put out a release
t consider it a vulnerability at the time and still don't
consider it one now.
https://github.com/kyz/libmspack/commit/3e3436af6010ac245d7a390c6798e2b81ce09191
2015-05-10 Stuart Caie <ky...@4u.net>
* cabd_read_string(): correct rejection of empty strings. Thanks to
Hanno Böck for finding the iss
On 05/08/17 10:36, Stuart Caie wrote:
libmspack is wrong to convert to unsigned without checking for errors first.
When I get to my computer, I'll check all calls to mspack_system
read/write/seek/tell methods, to be sure this doesn't happen anywhere else.
I checked all the other mspack_system
On 4 Aug 2017 7:40 am, Sebastian Andrzej Siewior
wrote:
>
> The way I see it, the problem is that the read functions returns -1 on
> error and libmspack
> https://sources.debian.net/src/libmspack/0.5-1/mspack/cabd.c/#L524
>
> treats the return code as unsigned
On 04/12/2018 05:35, Marc Dequènes (duck) wrote:
libmspack fails tests on big endian architectures (s390x, mips)
This is fixed in the repository, it just hasn't been released. I'll
release it in the near future.
commit c19e707936947b45cf05bc9aaee68517c6c2aca6
Author: Stuart Caie
Date
On 03/03/2019 04:47, Marc Dequènes (duck) wrote:
Quack,
On 2018-12-04 19:02, Stuart Caie wrote:
This is fixed in the repository, it just hasn't been released. I'll
release it in the near future.
I was myself busy and we missed the Debian freeze deadline. Maybe
there is still some hope
On 04/03/2019 05:00, Marc Dequènes (duck) wrote:
Quack,
On 2019-03-04 10:40, Stuart Caie wrote:
I've released libmspack 0.10 and cabextract 1.9.1. They contain only
fixes.
Thanks a lot for being so fast.
Unfortunately there is a build problem:
How odd, but yes, I have a system where
10 matches
Mail list logo