You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa wavpack

Sigurnosni nedostaci programskog paketa wavpack

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

– ————————————————————————-
Debian Security Advisory DSA-4197-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
May 09, 2018 https://www.debian.org/security/faq
– ————————————————————————-

Package : wavpack
CVE ID : CVE-2018-10536 CVE-2018-10537 CVE-2018-10538 CVE-2018-10539
CVE-2018-10540

Multiple vulnerabilities were discovered in the wavpack audio codec which
could result in denial of service or the execution of arbitrary code if
malformed media files are processed.

The oldstable distribution (jessie) is not affected.

For the stable distribution (stretch), these problems have been fixed in
version 5.0.0-2+deb9u2.

We recommend that you upgrade your wavpack packages.

For the detailed security status of wavpack please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/wavpack

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlrzPIAACgkQEMKTtsN8
TjatXhAAvWZolol6Pg9GRGJDAQRhStyBToLM3HK9L52XPMQOjdQ3WdsSXwsooHrM
r0i7cwSkM3ODsGZ4+ToQwbNTlvRKPpmjaI9w9BoKlnM2UVFziHaoJnmPQnlyk2Yb
pKm8/xRuhZ0JIDhOM9mhofM1p8GruLcOpdSkw7PkKFWvps0AREf/8TNtH0WTj9oY
jj4hxF2+7bRHBOY906ZKgRXjOsaaKussYt/qIETSibxewLPOcOhqKvfnQBWwgVkm
KesB6yOdx53voSqpH04fsEi+HGQhrnzS7cUUKRdUnlF68xe/9WE8ewbC8hF+Pddv
RYhi7cx2BWl4ibAyYbniD+7k9A6e0ReOWD1/A/dq+g13BniorVFOYcH6RRwDtWJN
oUU971UoN75+0aRjnj8ugfEY81l90c0oJtl09iCzwO5jIepMdj4GaaxFU7i5+y/u
CsKmv7tEvqXJFyIJwY28BbbYN0oY1meIlfgkMwqEHbWsIUPQrSzMlveBMpUhcG7k
2BgLqUR8haVqkq7jzLXzVtv1QArNp3NpllDXCc1SwpnbYmiJdTB9G4/kLJsVRscK
65Cxbergb7LEtWrUmyJq1Lc7yWO1cdaqhSQpxHzK1EhdKTKLzgzTZlT7a6M5zytI
g29ne535y9JmwNoJkQOJz0GxT7NFnr6+X/pL2fmu0630qj++RJA=
=P0EO
—–END PGP SIGNATURE—–

Top
More in Preporuke
Sigurnosni nedostatak programskog paketa flash-plugin

Otkriven je kritični nedostatak u programskom paketu flash-plugin za operacijski sustav RHEL 6. Otkriveni nedostatak potencijalnim napadačima omogućuje izvršavanje proizvoljnog...

Close