Updated wavpack packages fix security vulnerabilities
Publication date: 31 Aug 2019Modification date: 31 Aug 2019
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-1010315 , CVE-2019-1010317 , CVE-2019-1010318 , CVE-2019-1010319
Description
Updated wavpack packages fixes security vulnerabilities: Rohan Padhye discovered that WavPack incorrectly handled certain WAV files. An attacker could possibly use this issue to cause a denial of service (CVE-2019-1010315, CVE-2019-1010317, CVE-2019-1010318, CVE-2019-1010319).
References
- https://bugs.mageia.org/show_bug.cgi?id=25265
- https://usn.ubuntu.com/4062-1/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010315
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010317
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010318
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010319
SRPMS
7/core
- wavpack-5.1.0-4.1.mga7