The following builds have been pushed to Fedora EPEL 4 updates-testing
cabextract-1.3-1.el4 libmspack-0.2-0.1.20100723alpha.el4
Details about builds:
================================================================================ cabextract-1.3-1.el4 (FEDORA-EPEL-2010-3383) Utility for extracting cabinet (.cab) archives -------------------------------------------------------------------------------- ChangeLog:
* Mon Sep 13 2010 Dan Horák <dan[at]danny.cz> - 1.3-1 - updated to 1.3 - built with system copy of libmspack (CVE-2010-2800 CVE-2010-2801) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #620450 - CVE-2010-2800 cabextract: Infinite loop in MS-ZIP and Quantum decoders https://bugzilla.redhat.com/show_bug.cgi?id=620450 [ 2 ] Bug #620454 - CVE-2010-2801 cabextract: Integer wrap-around (crash) by processing certain *.cab files in test archive mode https://bugzilla.redhat.com/show_bug.cgi?id=620454 --------------------------------------------------------------------------------
================================================================================ libmspack-0.2-0.1.20100723alpha.el4 (FEDORA-EPEL-2010-3383) Library for CAB and related files compression and decompression -------------------------------------------------------------------------------- References:
[ 1 ] Bug #620450 - CVE-2010-2800 cabextract: Infinite loop in MS-ZIP and Quantum decoders https://bugzilla.redhat.com/show_bug.cgi?id=620450 [ 2 ] Bug #620454 - CVE-2010-2801 cabextract: Integer wrap-around (crash) by processing certain *.cab files in test archive mode https://bugzilla.redhat.com/show_bug.cgi?id=620454 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org