* Wed Jan 5 2022 danilo.spinella@suse.com - chmextract.c add anti "../" and leading slash protection to chmextract (CVE-2018-18586.patch, bsc#1113040) * cve-2018-18586.patch * Wed Jul 14 2021 danilo.spinella@suse.com - There is an off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead to denial of service (CVE-2018-14679, bsc#1103032) * libmspack-CVE-2018-14679.patch - Bad KWAJ file header extensions could cause a one or two byte overwrite (CVE-2018-14681, bsc#1103032). * libmspack-CVE-2018-14681.patch - There is an off-by-one error in the TOLOWER() macro for CHM decompression (CVE-2018-14682, bsc#1103032). * libmspack-CVE-2018-14682.patch * Mon Nov 4 2019 kstreitova@suse.com - add libmspack-0.6alpha-CVE-2019-1010305.patch to fix a buffer overflow in chmd_read_headers(): a CHM file name beginning "::" but shorter than 33 bytes will lead to reading past the freshly-allocated name buffer - checks for specific control filenames didn't take length into account [bsc#1141680] [CVE-2019-1010305] * Fri Mar 29 2019 mcalabkova@suse.com - Enable build-time tests (bsc#1130489) * Added patch libmspack-failing-tests.patch * Fri Oct 26 2018 mcalabkova@suse.com - Added patches: * libmspack-resize-buffer.patch -- CAB block input buffer is one byte too small for maximal Quantum block. * libmspack-fix-bounds-checking.patch -- Fix off-by-one bounds check on CHM PMGI/PMGL chunk numbers and reject empty filenames. * libmspack-reject-blank-filenames.patch -- Avoid returning CHM file entries that are "blank" because they have embedded null bytes. * (the last two patches were modified by removing unneeded part in order to make them more independent) - Fixed bugs: * CVE-2018-18584 (bsc#1113038) * CVE-2018-18585 (bsc#1113039) * Fri Jan 19 2018 adam.majer@suse.de - Correct mspack-tools group to Productivity/File utilities * Tue Jan 16 2018 jengelh@inai.de - Correct SRPM group. * Tue Jan 16 2018 mardnh@gmx.de - Fix typo * Mon Jan 15 2018 mardnh@gmx.de - Update to version 0.6 * read_spaninfo(): a CHM file can have no ResetTable and have a negative length in SpanInfo, which then feeds a negative output length to lzxd_init(), which then sets frame_size to a value of your choosing, the lower 32 bits of output length, larger than LZX_FRAME_SIZE. If the first LZX block is uncompressed, this writes data beyond the end of the window. This issue was raised by ClamAV as CVE-2017-6419. * lzxd_init(), lzxd_set_output_length(), mszipd_init(): due to the issue mentioned above, these functions now reject negative lengths * cabd_read_string(): add missing error check on result of read(). If an mspack_system implementation returns an error, it's interpreted as a huge positive integer, which leads to reading past the end of the stack-based buffer. This issue was raised by ClamAV as CVE-2017-11423 - Add subpackage for helper tools - Run spec-cleaner * Fri Feb 27 2015 sbrabec@suse.cz - Remove problematic libmspack-qtmd_decompress-loop.patch (bnc#912214#c10). Version 0.5 has a correct fix dated 2015-01-05. * Wed Feb 11 2015 p.drouand@gmail.com - Update to version 0.5 * Please read the changelog; too many things to list * Tue Jan 20 2015 sbrabec@suse.cz - Fix possible infinite loop caused DoS (bnc912214, CVE-2014-9556, libmspack-qtmd_decompress-loop.patch). * Fri Apr 4 2014 jengelh@inai.de - Add baselibs.conf: wxWidgets-32bit depends on libmspack0-32bit * Mon Jun 24 2013 werner@suse.de - Avoid Source URL for http://www.cabextract.org.uk/ as this does not work * Sat Jun 22 2013 dimstar@opensuse.org - Update to version 0.4alpha: + This release adds support for the Microsoft Exchange Offline Address Book (OAB) format, both compressed and incremental variants. * Wed Jul 18 2012 aj@suse.de - Remove autoreconf call and libtool buildrequires, they are not needed anymore. * Wed Jul 18 2012 sbrabec@suse.cz - Update to version 0.3alpha: * code cleanup and build system update * handle corrupted cabinet files better * handle special cases of cabinet files - License update: LGPL-2.1 only. * Mon Feb 27 2012 cfarrell@suse.com - license update: LGPL-2.1+ No indication of GPL-2.0+ code in the package * Mon Feb 13 2012 coolo@suse.com - patch license to follow spdx.org standard * Sun Nov 20 2011 jengelh@medozas.de - Remove redundant/unwanted tags/section (cf. specfile guidelines) - Use %%_smp_mflags for parallel building * Sat Nov 19 2011 coolo@suse.com - add libtool as buildrequire to avoid implicit dependency * Wed Dec 22 2010 andreas.hanke@gmx-topmail.de - update to version 0.2alpha (#660942): * matches cabextract-1.3, fixing CVE-2010-2800 and CVE-2010-2801 * adds pkg-config support * obsoletes half of libmspack-warnings.patch - remove self-obsoletion - drop -D_POSIX_SOURCE as it breaks the build with this version - drop empty NEWS file * Tue Jan 15 2008 sbrabec@suse.cz - Applied shared library packaging policy. - Removed unneeded static library and .la file. * Fri Oct 20 2006 sbrabec@suse.cz - Updated to version 0.0.20060920alpha: * Bug fixes. * Write an mspack_system implementation that can handle normal disk files, open file handles, open file descriptors and raw memory all at the same time. * Added a program for dumping useful data from CHM files. * Added a new test example which shows an mspack_system implementation that reads and writes from memory only. * Wed Jan 25 2006 mls@suse.de - converted neededforbuild to BuildRequires * Mon Nov 22 2004 ro@suse.de - "sed -i" does not work on older distributions * Wed Apr 14 2004 mcihar@suse.cz - include some documentation * Wed Apr 14 2004 mcihar@suse.cz - initial packaging