[ubuntu/disco-security] wavpack 5.1.0-5ubuntu0.2 (Accepted)

Leonidas S. Barbosa leo.barbosa at canonical.com
Tue Jul 16 17:23:24 UTC 2019

wavpack (5.1.0-5ubuntu0.2) disco-security; urgency=medium

  * debian/0009-issue-41-make-sure-DFF-does-not*.patch: make sure
    DFF chunk does not have negative length.
  * debian/patches/0010-issue-43-catch-zero*.patch: catch zero
    channel count in DSF and DSDIFF files.
  * SECURITY UPDATE: Crash due a divide by zero
    - debian/patches/CVE-2019-1010315.patch: make sure DSDIFF files
      have a valid channel count in cli/dsdiff.c.
    - CVE-2019-1010315
  * SECURITY UPDATE: Crashes and segfaults
    - debian/patches/CVE-2019-1010317.patch: make sure CAF files
      have a "desc" chunk in cli/caff.c.
    - CVE-2019-1010317
  * SECURITY UPDATE: Crashes and segfaults
    - debian/patches/CVE-2019-1010318.patch: make sure sample rate is
      specified and non-zero in DFF files in cli/dsdiff.c.
    - CVE-2019-1010318
  * SECURITY UPDATE: Crashes and segfaults
    - debian/patches/CVE-2019-1010319.patch: clear WaveHeader at start
      to prevent uninitialized read in cli/wave64.c.
    - CVE-2019-1010319

Date: 2019-07-16 12:35:13.919255+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
-------------- next part --------------
Sorry, changesfile not available.

More information about the Disco-changes mailing list