Synopsis: Low: libmspack security update Advisory ID: SLSA-2018:3327-1 Issue Date: 2018-10-30 CVE Numbers: CVE-2018-14679 CVE-2018-14681 CVE-2018-14680 CVE-2018-14682 -- Security Fix(es): * libmspack: off-by-one error in the CHM PMGI/PMGL chunk number validity checks (CVE-2018-14679) * libmspack: off-by-one error in the CHM chunk number validity checks (CVE-2018-14680) * libmspack: out-of-bounds write in kwajd_read_headers in mspack/kwajd.c (CVE-2018-14681) * libmspack: off-by-one error in the TOLOWER() macro for CHM decompression (CVE-2018-14682) -- SL7 x86_64 libmspack-0.5-0.6.alpha.el7.i686.rpm libmspack-0.5-0.6.alpha.el7.x86_64.rpm libmspack-debuginfo-0.5-0.6.alpha.el7.i686.rpm libmspack-debuginfo-0.5-0.6.alpha.el7.x86_64.rpm libmspack-devel-0.5-0.6.alpha.el7.i686.rpm libmspack-devel-0.5-0.6.alpha.el7.x86_64.rpm - Scientific Linux Development Team