Source: libmspack Version: 0.5-1 Severity: important Tags: patch security upstream Control: found -1 0.5-1+deb9u2 Control: found -1 0.7-1
>From https://www.openwall.com/lists/oss-security/2018/10/22/1 > libmspack now also rejects blank CHM filenames that are blank because > they have embedded null bytes, not just because they are zero-length https://github.com/kyz/libmspack/commit/8759da8db6ec9e866cb8eb143313f397f925bb4f CVE not yet assigned for this issue. Regards, Salvatore -- System Information: Debian Release: buster/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.18.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled