Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
aports
aports
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 649
    • Issues 649
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Merge Requests 181
    • Merge Requests 181
  • CI / CD
    • CI / CD
    • Pipelines
    • Jobs
    • Schedules
  • Operations
    • Operations
    • Environments
  • Analytics
    • Analytics
    • CI / CD
    • Repository
    • Value Stream
  • Members
    • Members
  • Collapse sidebar
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
  • alpine
  • aportsaports
  • Issues
  • #9227

Closed
Open
Opened Aug 10, 2018 by Alicha CH@alichaReporter
  • Report abuse
  • New issue
Report abuse New issue

[3.7] libmspack: Multiple vulnerabilities (CVE-2018-14679, CVE-2018-14680, CVE-2018-14681, CVE-2018-14682)

CVE-2018-14679: An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha.
There is an off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead
to denial of service (uninitialized data dereference and application crash).

Fixed In Version:

libmspack 0.7alpha

References:

http://www.openwall.com/lists/oss-security/2018/07/26/1
https://nvd.nist.gov/vuln/detail/CVE-2018-14679

Patch:

https://github.com/kyz/libmspack/commit/72e70a921f0f07fee748aec2274b30784e1d312a

CVE-2018-14680: An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha.
It does not reject blank CHM filenames.

Fixed In Version:

libmspack 0.7alpha

References:

http://openwall.com/lists/oss-security/2018/07/28/1

Patch:

https://github.com/kyz/libmspack/commit/72e70a921f0f07fee748aec2274b30784e1d312a

CVE-2018-14681: An issue was discovered in kwajd_read_headers in mspack/kwajd.c in libmspack before 0.7alpha.
A maliciously crafted KWAJ file header extensions could cause a one or two byte overwrite.

Fixed In Version:

libmspack 0.7alpha

References:

http://www.openwall.com/lists/oss-security/2018/07/26/1
https://nvd.nist.gov/vuln/detail/CVE-2018-14681

Patch:

https://github.com/kyz/libmspack/commit/0b0ef9344255ff5acfac6b7af09198ac9c9756c8

CVE-2018-14682: An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an
off-by-one error in the TOLOWER() macro for CHM decompression.

Fixed In Version:

libmspack 0.7alpha

References:

http://openwall.com/lists/oss-security/2018/07/28/1
https://nvd.nist.gov/vuln/detail/CVE-2018-14682

Patch:

https://github.com/kyz/libmspack/commit/4fd9ccaa54e1aebde1e4b95fb0163b699fd7bcc8

(from redmine: issue id 9227, created on 2018-08-10, closed on 2018-08-23)

  • Relations:
    • parent #9224
  • Changesets:
    • Revision c854dba4 by Natanael Copa on 2018-08-22T13:30:28Z:
main/libmspack: security upgrade to 0.7.1alpha

fixes #9227
To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information
Assignee
Assign to
3.7.1
Milestone
3.7.1 (Past due)
Assign milestone
Time tracking
None
Due date
None
3
Labels
Normal tag:security type:bug
Assign labels
  • View project labels
Reference: alpine/aports#9227