You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa wavpack

Sigurnosni nedostaci programskog paketa wavpack

by - 0

==========================================================================
Ubuntu Security Notice USN-4062-1
July 16, 2019

wavpack vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 19.04
– Ubuntu 18.04 LTS

Summary:

WavPack could be made to crash if it received a specially crafted WAV file.

Software Description:
– wavpack: audio codec (lossy and lossless) – encoder and decoder

Details:

Rohan Padhye discovered that WavPack incorrectly handled certain WAV files.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2019-1010315, CVE-2019-1010317, CVE-2019-1010318, CVE-2019-1010319)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 19.04:
libwavpack1 5.1.0-5ubuntu0.2
wavpack 5.1.0-5ubuntu0.2

Ubuntu 18.04 LTS:
libwavpack1 5.1.0-2ubuntu1.4
wavpack 5.1.0-2ubuntu1.4

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4062-1
CVE-2019-1010315, CVE-2019-1010317, CVE-2019-1010318, CVE-2019-1010319

Package Information:
https://launchpad.net/ubuntu/+source/wavpack/5.1.0-5ubuntu0.2
https://launchpad.net/ubuntu/+source/wavpack/5.1.0-2ubuntu1.4
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIcBAEBAgAGBQJdLhqPAAoJEEW851uECx9p4rEQAJ1nK0H0//TgrFunFBK4r168
3+EAXitPIoK3TqX+/L5OPQVhMUeKFIunDQvtKC1wo7Px+Y8yS5vvuMsMOXPsMDSN
Qom0g/1sWvZh61VUlpidMNhZliHnzagfvW/+2fbk6YqfKQiCCdjbb61K6jF6o/DP
Diw5OkehPVIjSukmN4GgtkjR9PY3QcCUvJHpPNEB06+pTlidlD+fVQxi0o6s6ClY
tIv5OnWup67DHB81oNtQJwxqKNNJC4Ui38K3Y505dFX8783GGAAy0RvqAZ75Ol5k
l4D+ahVg83xExd59/QEzG7YqMce+DBergsBZqIUymWQpMHRxzg3E8F6BRb6dkG7R
WFyEk3EEViBgOubESEQWfU2wOMptnKi8w7CUUJA3CB4nMrvP2UTOIArH2pOsoJsk
+udPAd0aQpZrGxbhBKzGbwpEMw+BROKlfKtHxE+05ZiambSotVU1Fx0FoSS19DgH
/PubP1Zx8VKAxn+kM/geyz4BchcHDTG30g+ZLVVJzs7+q1Kzk3y8UVKP4BcqYSWu
4cREJfe/EvypO48JTpmn8b2DrqxVjYCxjrGMZp6hOJsJwfbY6C3MeS+d0zWTJZzM
+duwPGHkdcZiE4Od7KxaSplvKQxCOaoMVLeyRPOTuJhv7HnSfFfEjYNllxy0mU8J
nfZsNlj3AQKUpcSOl7iR
=T2UT
—–END PGP SIGNATURE—–

Top
More in Preporuke
Sigurnosni nedostaci programske biblioteke libssh2

Otkriveni su sigurnosni nedostaci programske biblioteke libssh2 za operacijski sustav RHEL. Otkriveni nedostaci potencijalnim udaljenim napadačima omogućuju izvršavanje proizvoljnog programskog...

Close