Fedora EPEL 4 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Tue Sep 14 17:31:02 UTC 2010
The following builds have been pushed to Fedora EPEL 4 updates-testing
cabextract-1.3-1.el4
libmspack-0.2-0.1.20100723alpha.el4
Details about builds:
================================================================================
cabextract-1.3-1.el4 (FEDORA-EPEL-2010-3383)
Utility for extracting cabinet (.cab) archives
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 13 2010 Dan Horák <dan[at]danny.cz> - 1.3-1
- updated to 1.3
- built with system copy of libmspack (CVE-2010-2800 CVE-2010-2801)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #620450 - CVE-2010-2800 cabextract: Infinite loop in MS-ZIP and Quantum decoders
https://bugzilla.redhat.com/show_bug.cgi?id=620450
[ 2 ] Bug #620454 - CVE-2010-2801 cabextract: Integer wrap-around (crash) by processing certain *.cab files in test archive mode
https://bugzilla.redhat.com/show_bug.cgi?id=620454
--------------------------------------------------------------------------------
================================================================================
libmspack-0.2-0.1.20100723alpha.el4 (FEDORA-EPEL-2010-3383)
Library for CAB and related files compression and decompression
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #620450 - CVE-2010-2800 cabextract: Infinite loop in MS-ZIP and Quantum decoders
https://bugzilla.redhat.com/show_bug.cgi?id=620450
[ 2 ] Bug #620454 - CVE-2010-2801 cabextract: Integer wrap-around (crash) by processing certain *.cab files in test archive mode
https://bugzilla.redhat.com/show_bug.cgi?id=620454
--------------------------------------------------------------------------------
More information about the epel-devel-list
mailing list