Univention Bugzilla – Bug 46138
libmspack: Multiple issues (4.2)
Last modified: 2018-05-08 14:56:45 CEST
libmspack (0.5-1+deb8u1) jessie-security; urgency=high * Fix mis-handling of sys->read() errors in cabd_read_string() (CVE-2017-11423) * Reject negative output length in SpanInfo (CVE-2017-6419)
Mass-import from Debian-Security: python -m univention.repong.^Cbmirror -s jessie -r 4.2-3 --override=$HOME/REPOS/repo-ng/mirror/update_ucs42_mirror_from_debian.yml --errata=doc/errata --sql --process=ALL -vvvv --now=201801211553 YAML: git:bd6159834a..449aa5a7cf
--- mirror/ftp/4.1/unmaintained/4.1-0/source/libmspack_0.5-1.5.201510261830.dsc +++ apt/ucs_4.2-0-errata4.2-3/source/libmspack_0.5-1.A~4.2.3.201801211553.dsc @@ -1,6 +1,15 @@ -0.5-1.5.201510261830 [Mon, 26 Oct 2015 18:30:38 +0100] Univention builddaemon <buildd@univention.de>: +0.5-1.A~4.2.3.201801211553 [Wed, 24 Jan 2018 11:04:08 +0100] Univention builddaemon <buildd@univention.de>: * UCS auto build. No patches were applied to the original source package + +0.5-1+deb8u1 [Wed, 16 Aug 2017 21:42:50 +0200] Sebastian Andrzej Siewior <sebastian@breakpoint.cc>: + + * Non-maintainer upload. + * Correct rejection of empty strings. + * Fix mis-handling of sys->read() errors in cabd_read_string() + (CVE-2017-11423) (Closes: #868956). + * Reject negative output length in SpanInfo (CVE-2017-6419) + (Closes: #871263). 0.5-1 [Mon, 02 Feb 2015 19:41:59 +0100] Marc Dequènes (Duck) <Duck@DuckCorp.org>:
* No UCS specific patches * Comparison to previously and next shipped version ok * Binary package update Ok * Advisory Ok
<http://errata.software-univention.de/ucs/4.2/348.html>