[ubuntu/artful-security] wavpack 5.1.0-2ubuntu0.3 (Accepted)
Leonidas S. Barbosa
leo.barbosa at canonical.com
Mon Apr 30 20:06:24 UTC 2018
wavpack (5.1.0-2ubuntu0.3) artful-security; urgency=medium
* SECURITY UPDATE: Writing to memory vulnerability in wav64 and riff
- debian/patches/CVE-2018-10536-and-10537.patch: fixing in cli/riff.c,
cli/wave64.c.
- CVE-2018-10536
- CVE-2018-10537
* SECURITY UPDATE: Out-of-bounds writes in riff, DSDiff and W64
- debian/patches/CVE-2018-10538-and-10539-and-10540.patch: sanitize
size of unknown chunks before malloc in cli/dsdiff.c, cli/riff.c,
cli/wave64.c.
- CVE-2018-10538
- CVE-2018-10539
- CVE-2018-10540
Date: 2018-04-30 19:16:13.191677+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
https://launchpad.net/ubuntu/+source/wavpack/5.1.0-2ubuntu0.3
-------------- next part --------------
Sorry, changesfile not available.
More information about the Artful-changes
mailing list