Package "libwavpack-dev"
Name: |
libwavpack-dev
|
Description: |
audio codec (lossy and lossless) - development files
|
Latest version: |
5.1.0-2ubuntu1.5 |
Release: |
bionic (18.04) |
Level: |
updates |
Repository: |
main |
Head package: |
wavpack |
Homepage: |
http://www.wavpack.com |
Links
Download "libwavpack-dev"
Other versions of "libwavpack-dev" in Bionic
Changelog
wavpack (5.1.0-2ubuntu1.5) bionic-security; urgency=medium
* SECURITY UPDATE: Out-of-bounds write
- debian/patches/CVE-2020-35738.patch: checks bounds
in order to avoid/fix integer overflows resulting in buffer
overruns in src/pack_utils.c.
- CVE-2020-35738
-- Leonidas Da Silva Barbosa <email address hidden> Tue, 05 Jan 2021 10:32:02 -0300
|
Source diff to previous version |
CVE-2020-35738 |
WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c because of an integer overflow in a malloc argument. NOTE: some third- |
|
wavpack (5.1.0-2ubuntu1.4) bionic-security; urgency=medium
* debian/0009-issue-41-make-sure-DFF-does-not*.patch: make sure
DFF chunk does not have negative length.
* debian/patches/0010-issue-43-catch-zero*.patch: catch zero
channel count in DSF and DSDIFF files.
* SECURITY UPDATE: Crash due a divide by zero
- debian/patches/CVE-2019-1010315.patch: make sure DSDIFF files
have a valid channel count in cli/dsdiff.c.
- CVE-2019-1010315
* SECURITY UPDATE: Crashes and segfaults
- debian/patches/CVE-2019-1010317.patch: make sure CAF files
have a "desc" chunk in cli/caff.c.
- CVE-2019-1010317
* SECURITY UPDATE: Crashes and segfaults
- debian/patches/CVE-2019-1010318.patch: make sure sample rate is
specified and non-zero in DFF files in cli/dsdiff.c.
- CVE-2019-1010318
* SECURITY UPDATE: Crashes and segfaults
- debian/patches/CVE-2019-1010319.patch: clear WaveHeader at start
to prevent uninitialized read in cli/wave64.c.
- CVE-2019-1010319
-- <email address hidden> (Leonidas S. Barbosa) Tue, 16 Jul 2019 09:04:50 -0300
|
Source diff to previous version |
CVE-2019-1010315 |
WavPack 5.1 and earlier is affected by: CWE 369: Divide by Zero. The impact is: Divide by zero can lead to sudden crash of a software/service that tr |
CVE-2019-1010317 |
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The |
CVE-2019-1010318 |
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-11498. Reason: This candidate is a reservation duplicate of CVE-2019-11498. Notes |
CVE-2019-1010319 |
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The |
|
wavpack (5.1.0-2ubuntu1.3) bionic-security; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2019-11498.patch: make sure sample rate variable
is specified and non-zero in DFF files in cli/dsdiff.c.
- CVE-2019-11498
-- <email address hidden> (Leonidas S. Barbosa) Mon, 29 Apr 2019 11:43:20 -0300
|
Source diff to previous version |
CVE-2019-11498 |
WavpackSetConfiguration64 in pack_utils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised value" co |
|
wavpack (5.1.0-2ubuntu1.2) bionic-security; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2018-19840.patch: checking
if sample_rate is not zero in src/pack_utils.c.
- CVE-2018-19840
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2018-19841.patch: fix in
src/open_utils.c.
-- <email address hidden> (Leonidas S. Barbosa) Thu, 06 Dec 2018 08:47:38 -0300
|
Source diff to previous version |
CVE-2018-19840 |
The function WavpackPackInit in pack_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (resource exhaust |
CVE-2018-19841 |
The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (out-of- |
|
wavpack (5.1.0-2ubuntu1.1) bionic-security; urgency=medium
* SECURITY UPDATE: Writing to memory vulnerability in wav64 and riff
- debian/patches/CVE-2018-10536-and-10537.patch: fixing in cli/riff.c,
cli/wave64.c.
- CVE-2018-10536
- CVE-2018-10537
* SECURITY UPDATE: Out-of-bounds writes in riff, DSDiff and W64
- debian/patches/CVE-2018-10538-and-10539-and-10540.patch: sanitize
size of unknown chunks before malloc in cli/dsdiff.c, cli/riff.c,
cli/wave64.c.
- CVE-2018-10538
- CVE-2018-10539
- CVE-2018-10540
-- <email address hidden> (Leonidas S. Barbosa) Mon, 30 Apr 2018 15:53:18 -0300
|
CVE-2018-10536 |
An issue was discovered in WavPack 5.1.0 and earlier. The WAV parser ... |
CVE-2018-10537 |
An issue was discovered in WavPack 5.1.0 and earlier. The W64 parser ... |
CVE-2018-10538 |
An issue was discovered in WavPack 5.1.0 and earlier for WAV input. ... |
CVE-2018-10539 |
An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. ... |
CVE-2018-10540 |
An issue was discovered in WavPack 5.1.0 and earlier for W64 input. ... |
|
About
-
Send Feedback to @ubuntu_updates