Clam 2252 Update libmspack 0.10.1alpha to 0.11alpha (0.103) #830

micahsnyder · 2023-02-08T03:19:58Z

No description provided.

pkgsrc change: avoid use empty in options.mk. Security release. 0.103.8 (2023-02-15) * CVE-2023-20032<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20032>: Fixed a possible remote code execution vulnerability in the HFS+ file parser. The issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. Thank you to Simon Scannell for reporting this issue. * CVE-2023-20052<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20052>: Fixed a possible remote information leak vulnerability in the DMG file parser. The issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. Thank you to Simon Scannell for reporting this issue. * Update the vendored libmspack library to version 0.11alpha. * GitHub pull request: Cisco-Talos/clamav#830

Update libmspack 0.10.1alpha to 0.11alpha

a2a0463

micahsnyder added the 🍒cherry-picked fix (backport) label Feb 8, 2023

micahsnyder added this to the 0.103.8 milestone Feb 8, 2023

News: Add detail for libmspack update

580bf64

micahsnyder force-pushed the CLAM-2252-libmspack-0.11alpha-0.103 branch from 601b581 to 580bf64 Compare February 8, 2023 17:18

ragusaa approved these changes Feb 9, 2023

View reviewed changes

Windows: Revert mspack lib name in def file to fix link issue

bfdf79d

micahsnyder merged commit f678a5f into Cisco-Talos:dev/0.103.8 Feb 12, 2023
1 check failed

micahsnyder deleted the CLAM-2252-libmspack-0.11alpha-0.103 branch February 12, 2023 23:44

Clam 2252 Update libmspack 0.10.1alpha to 0.11alpha (0.103) #830

Clam 2252 Update libmspack 0.10.1alpha to 0.11alpha (0.103) #830

Conversation

micahsnyder commented Feb 8, 2023