libmspack (0.4-1~12.04.1) precise-security; urgency=medium

  * Rebuilding for  precise/esm

 -- Leonidas S. Barbosa <leo.barbosa@canonical.com>  Wed, 02 Oct 2019 12:38:10 -0300

libmspack (0.4-1ubuntu0.1~esm1) trusty-security; urgency=medium

  * SECURITY UPDATE: Buffer Overflow when CAB block input buffer is smaller
    than the maximal Quantum block
    - debian/patches/CVE-2018-18584.patch: CAB block input buffer is one byte
      too small for maximal Quantum block
    - CVE-2018-18584
  * SECURITY UPDATE: Buffer underread (DoS) via a crafted CAB archive
    - debian/patches/CVE-2015-4471.patch: Prevent a 1-byte underread of the
      input buffer if an odd-sized data block comes just before an uncompressed
      block header
    - CVE-2015-4471
  * SECURITY UPDATE: Off-by-one buffer overread via a crafted CAB archive
    - debian/patches/CVE-2015-4470.patch: Properly handle distance codes.
      Distance codes are 0-29, not 0-30.
    - CVE-2015-4470
  * SECURITY UPDATE: NULL pointer dereference via a crafted CAB archive
    - debian/patches/CVE-2014-9732.patch: Avoid using invalid decompression
      state
    - CVE-2014-9732
  * SECURITY UPDATE: Integer overflow causes infinite loop(DoS) via a crafted
    CAB archive
    - debian/patches/CVE-2014-9556.patch: Disallow decompressing files whose
      offset+length is more than the maximum length of a folder
    - CVE-2014-9556

 -- Mike Salvatore <mike.salvatore@canonical.com>  Fri, 28 Jun 2019 07:32:38 -0400

libmspack (0.4-1) unstable; urgency=low

  * Initial release. (Closes: #711232)

 -- Marc Dequènes (Duck) <Duck@DuckCorp.org>  Fri, 16 Aug 2013 23:47:01 +0200
