Debian Security Advisory DSA 4260-1 (libmspack - security update)

Several vulnerabilities were discovered in libsmpack, a library used to handle Microsoft compression formats. A remote attacker could craft malicious CAB, CHM or KWAJ files and use these flaws to cause a denial of service via application crash, or potentially execute arbitrary code.

libmspack on Debian Linux

This check tests the installed software version using the apt package manager.

For the stable distribution (stretch), these problems have been fixed in version 0.5-1+deb9u2. We recommend that you upgrade your libmspack packages. For the detailed security status of libmspack please refer to its security tracker page linked in the references.