Synopsis: Moderate: libmspack security update
Advisory ID:       SLSA-2019:2049-1
Issue Date:        2019-08-06
CVE Numbers:       CVE-2018-18584
                   CVE-2018-18585
--

Security Fix(es):

* libmspack: Out-of-bounds write in mspack/cab.h (CVE-2018-18584)

* libmspack: chmd_read_headers() fails to reject filenames containing NULL
bytes (CVE-2018-18585)
--

SL7
  x86_64
    libmspack-0.5-0.7.alpha.el7.i686.rpm
    libmspack-0.5-0.7.alpha.el7.x86_64.rpm
    libmspack-devel-0.5-0.7.alpha.el7.x86_64.rpm
    libmspack-devel-0.5-0.7.alpha.el7.i686.rpm
    libmspack-debuginfo-0.5-0.7.alpha.el7.i686.rpm
    libmspack-debuginfo-0.5-0.7.alpha.el7.x86_64.rpm

- Scientific Linux Development Team