libmspack (0.5-1+deb8u1) jessie-security; urgency=high * Non-maintainer upload. * Correct rejection of empty strings. * Fix mis-handling of sys->read() errors in cabd_read_string() (CVE-2017-11423) (Closes: #868956). * Reject negative output length in SpanInfo (CVE-2017-6419) (Closes: #871263). -- Sebastian Andrzej Siewior Wed, 16 Aug 2017 21:42:50 +0200 libmspack (0.5-1) unstable; urgency=medium * New upstream fix-only release: + Fix previously reported bugs with an upstream approved patch (#773041, #774725, #774726) + Fixes many security-sensitive bugs (Closes: #775687, #775498, #774665, #775499). -- Marc Dequènes (Duck) Mon, 02 Feb 2015 19:41:59 +0100 libmspack (0.4-3) unstable; urgency=medium * Added (slightly modified/split) patches from Jakub Wilk to fix programmation errors causing segfaults and security issues: - fix-division-by-zero.patch - fix-pointer-arithmetic-overflow.patch - fix-name-field-boundaries.patch (Closes: #774725, #774726) -- Marc Dequènes (Duck) Tue, 13 Jan 2015 22:51:40 +0100 libmspack (0.4-2) unstable; urgency=medium * Added patch 'qtmd-fix-frame_end-overflow.patch' to fix an overflow causing an infinite loop in some situation (Closes: #773041). -- Marc Dequènes (Duck) Tue, 30 Dec 2014 17:40:47 +0100 libmspack (0.4-1) unstable; urgency=low * Initial release. (Closes: #711232) -- Marc Dequènes (Duck) Fri, 16 Aug 2013 23:47:01 +0200