Description: "libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmd_read_headers() in libmspack(file libmspack/mspack/chmd.c). The attack vector is: the victim must open a specially crafted chm file. The fixed version is: after commit 2f084136cfe0d05e5bf5703f3e83c6d955234b4d." Affected versions (dev-libs/libmspack): - <0.10alpha Affected versions (app-arch/cabextract): - <1.9.1 Patch (libmspack): https://github.com/kyz/libmspack/commit/2f084136cfe0d05e5bf5703f3e83c6d955234b4d
@maintainer(s): ping
(In reply to Sam James from comment #1) > @maintainer(s): ping [14:28:16] <@sam_c> reavertm_: I haven't reviewed https://github.com/gentoo/gentoo/pull/15891 yet but it's a bump for libmspack (may end up doing it myself if it's not OK). I'll do it for the security bug unless you have an objection.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=89a8a05de188bd4c1bb7ef9910293788dd6a6850 commit 89a8a05de188bd4c1bb7ef9910293788dd6a6850 Author: David Heidelberg <david@ixit.cz> AuthorDate: 2020-05-20 12:03:10 +0000 Commit: Maciej Mrozowski <reavertm@gentoo.org> CommitDate: 2020-08-02 17:30:36 +0000 dev-libs/libmspack: bump to 0.10.1_alpha Package-Manager: Portage-2.3.99, Repoman-2.3.22 Signed-off-by: David Heidelberg <david@ixit.cz> Bug: https://bugs.gentoo.org/711218 Closes: https://github.com/gentoo/gentoo/pull/15891 Signed-off-by: Maciej Mrozowski <reavertm@gentoo.org> dev-libs/libmspack/Manifest | 1 + dev-libs/libmspack/libmspack-0.10.1_alpha.ebuild | 73 ++++++++++++++++++++++++ 2 files changed, 74 insertions(+)
arm64 done
amd64 done
x86 done
arm done
s390 stable
sparc stable
ppc done
ppc64 stable
hppa stable
Please cleanup.
We needed to stable cabextract too.
Looking good on ppc. # cat cabextract-711218.report USE tests started on Sa 12. Sep 15:03:13 CEST 2020 FEATURES=' test' USE='' succeeded for =app-arch/cabextract-1.9.1 USE='-extras' succeeded for =app-arch/cabextract-1.9.1 USE='extras' succeeded for =app-arch/cabextract-1.9.1
ppc stable thanks to ernsteiswuerfel!
x86 stable
amd64 done all arches done
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=992db41a4e6b51729b78139139cd24910b156a65 commit 992db41a4e6b51729b78139139cd24910b156a65 Author: John Helmert III <jchelmert3@posteo.net> AuthorDate: 2020-12-27 06:29:30 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-12-29 01:59:31 +0000 dev-libs/libmspack: security cleanup (drop <0.10.1_alpha) Bug: https://bugs.gentoo.org/711218 Package-Manager: Portage-3.0.12, Repoman-3.0.2 Signed-off-by: John Helmert III <jchelmert3@posteo.net> Closes: https://github.com/gentoo/gentoo/pull/18824 Signed-off-by: Sam James <sam@gentoo.org> dev-libs/libmspack/Manifest | 1 - .../libmspack-0.9.1_alpha-fix-bigendian.patch | 17 ----- dev-libs/libmspack/libmspack-0.9.1_alpha-r1.ebuild | 75 ---------------------- 3 files changed, 93 deletions(-)