Description:
WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode.
Security Fix(es):
* wawpack: Infinite loop in WavpackPackInit function lead to DoS (CVE-2018-19840)
* wawpack: Out-of-bounds read in WavpackVerifySingleBlock function leads to DoS (CVE-2018-19841)
* wavpack: Use of uninitialized variable in WavpackSetConfiguration64 leads to DoS (CVE-2019-11498)
* wavpack: Divide by zero in ParseDsdiffHeaderConfig leads to crash (CVE-2019-1010315)
* wavpack: Use of uninitialized variable in ParseCaffHeaderConfig leads to DoS (CVE-2019-1010317)
* wavpack: Use of uninitialized variable in ParseWave64HeaderConfig leads to DoS (CVE-2019-1010319)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
Updated packages:
-
wavpack-devel-5.1.0-15.el8.x86_64.rpm
-
wavpack-5.1.0-15.el8.x86_64.rpm
-
wavpack-devel-5.1.0-15.el8.i686.rpm
-
wavpack-devel-5.1.0-15.el8.aarch64.rpm
-
wavpack-5.1.0-15.el8.aarch64.rpm
-
wavpack-devel-5.1.0-15.el8.ppc64le.rpm
-
wavpack-5.1.0-15.el8.ppc64le.rpm
-
wavpack-5.1.0-15.el8.i686.rpm