Univention Bugzilla – Bug 46996
wavpack: Multiple issues (4.3)
Last modified: 2018-05-16 17:04:27 CEST
New Debian wavpack 5.0.0-2+deb9u2 fixes: This update addresses the following issues: * out of bounds write in ParseRiffHeaderConfig in riff.c (CVE-2018-10536) * out of bounds write in ParseWave64HeaderConfig in wave64.c (CVE-2018-10537) * out of bounds write in ParseRiffHeaderConfig in riff.c (CVE-2018-10538) * out of bounds write in ParseDsdiffHeaderConfig in dsdiff.c (CVE-2018-10539) * out of bounds write in ParseWave64HeaderConfig in wave64.c (CVE-2018-10540) CVE-2018-10536 wavpack: out of bounds write in ParseRiffHeaderConfig in riff.c CVE-2018-10537 wavpack: out of bounds write in ParseWave64HeaderConfig in wave64.c CVE-2018-10538 wavpack: out of bounds write in ParseRiffHeaderConfig in riff.c CVE-2018-10539 wavpack: out of bounds write in ParseDsdiffHeaderConfig in dsdiff.c CVE-2018-10540 wavpack: out of bounds write in ParseWave64HeaderConfig in wave64.c
[4.3-0] 79cba26734 Bug #46996: wavpack_5.0.0-2+deb9u2 doc/errata/staging/wavpack.yaml | 20 ++++++++++++++++++++
--- mirror/ftp/4.3/unmaintained/4.3-0/source/wavpack_5.0.0-2+deb9u1.dsc +++ apt/ucs_4.3-0-errata4.3-0/source/wavpack_5.0.0-2+deb9u2.dsc @@ -1,3 +1,8 @@ +5.0.0-2+deb9u2 [Mon, 30 Apr 2018 20:34:34 +0000] Moritz Muehlenhoff <jmm@debian.org>: + + * CVE-2018-10536 CVE-2018-10537 CVE-2018-10538 CVE-2018-10539 + CVE-2018-10540 + 5.0.0-2+deb9u1 [Tue, 27 Feb 2018 15:15:53 +0100] Sebastien Delafond <seb@debian.org>: * Non-maintainer upload by the Security Team.
* No UCS specific patches * Comparison to previously shipped version ok * Binary package update Ok * Advisory Ok
<http://errata.software-univention.de/ucs/4.3/76.html>