Security update for cabextract SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2015:2131-1 Final 1 1 2015-11-27T12:48:15Z current 2015-11-27T12:48:15Z 2015-11-27T12:48:15Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for cabextract This security update fixes the following issues: - Fix possible infinite loop caused DoS (bsc919283, CVE-2014-9556) - Fix zero dereference (bsc#934524, CVE-2014-9732) - Fix off by one (bsc#934527, CVE-2015-4470) - Fix buffer under-read crash (bsc#934528, CVE-2015-4471) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). sledsp3-cabextract-12233,sledsp4-cabextract-12233 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2015/suse-su-20152131-1/ Link for SUSE-SU-2015:2131-1 https://lists.suse.com/pipermail/sle-security-updates/2015-November/001703.html E-Mail link for SUSE-SU-2015:2131-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/934524 SUSE Bug 934524 https://bugzilla.suse.com/934527 SUSE Bug 934527 https://bugzilla.suse.com/934528 SUSE Bug 934528 https://www.suse.com/security/cve/CVE-2014-9556/ SUSE CVE CVE-2014-9556 page https://www.suse.com/security/cve/CVE-2014-9732/ SUSE CVE CVE-2014-9732 page https://www.suse.com/security/cve/CVE-2015-4470/ SUSE CVE CVE-2015-4470 page https://www.suse.com/security/cve/CVE-2015-4471/ SUSE CVE CVE-2015-4471 page SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 cabextract-1.2-2.12.1 cabextract-1.2-2.12.1 as a component of SUSE Linux Enterprise Desktop 11 SP3 cabextract-1.2-2.12.1 as a component of SUSE Linux Enterprise Desktop 11 SP4 Integer overflow in the qtmd_decompress function in libmspack 0.4 allows remote attackers to cause a denial of service (hang) via a crafted CAB file, which triggers an infinite loop. CVE-2014-9556 SUSE Linux Enterprise Desktop 11 SP3:cabextract-1.2-2.12.1 SUSE Linux Enterprise Desktop 11 SP4:cabextract-1.2-2.12.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20152131-1/ https://www.suse.com/security/cve/CVE-2014-9556.html CVE-2014-9556 https://bugzilla.suse.com/912214 SUSE Bug 912214 https://bugzilla.suse.com/919283 SUSE Bug 919283 https://bugzilla.suse.com/934533 SUSE Bug 934533 The cabd_extract function in cabd.c in libmspack before 0.5 does not properly maintain decompression callbacks in certain cases where an invalid file follows a valid file, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted CAB archive. CVE-2014-9732 SUSE Linux Enterprise Desktop 11 SP3:cabextract-1.2-2.12.1 SUSE Linux Enterprise Desktop 11 SP4:cabextract-1.2-2.12.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20152131-1/ https://www.suse.com/security/cve/CVE-2014-9732.html CVE-2014-9732 https://bugzilla.suse.com/934524 SUSE Bug 934524 https://bugzilla.suse.com/934533 SUSE Bug 934533 Off-by-one error in the inflate function in mszipd.c in libmspack before 0.5 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted CAB archive. CVE-2015-4470 SUSE Linux Enterprise Desktop 11 SP3:cabextract-1.2-2.12.1 SUSE Linux Enterprise Desktop 11 SP4:cabextract-1.2-2.12.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20152131-1/ https://www.suse.com/security/cve/CVE-2015-4470.html CVE-2015-4470 https://bugzilla.suse.com/934527 SUSE Bug 934527 https://bugzilla.suse.com/934533 SUSE Bug 934533 Off-by-one error in the lzxd_decompress function in lzxd.c in libmspack before 0.5 allows remote attackers to cause a denial of service (buffer under-read and application crash) via a crafted CAB archive. CVE-2015-4471 SUSE Linux Enterprise Desktop 11 SP3:cabextract-1.2-2.12.1 SUSE Linux Enterprise Desktop 11 SP4:cabextract-1.2-2.12.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20152131-1/ https://www.suse.com/security/cve/CVE-2015-4471.html CVE-2015-4471 https://bugzilla.suse.com/934528 SUSE Bug 934528 https://bugzilla.suse.com/934533 SUSE Bug 934533