Description:
WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode.
Security Fix(es):
* wawpack: Infinite loop in WavpackPackInit function lead to DoS (CVE-2018-19840)
* wawpack: Out-of-bounds read in WavpackVerifySingleBlock function leads to DoS (CVE-2018-19841)
* wavpack: Use of uninitialized variable in WavpackSetConfiguration64 leads to DoS (CVE-2019-11498)
* wavpack: Divide by zero in ParseDsdiffHeaderConfig leads to crash (CVE-2019-1010315)
* wavpack: Use of uninitialized variable in ParseCaffHeaderConfig leads to DoS (CVE-2019-1010317)
* wavpack: Use of uninitialized variable in ParseWave64HeaderConfig leads to DoS (CVE-2019-1010319)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
wavpack-devel-5.1.0-15.el8.aarch64.rpm |
443e33b00511a651e84d567bb5bc012980a457c94c5d8daea67e70921aff439d |
| aarch64 |
wavpack-5.1.0-15.el8.aarch64.rpm |
d2e6d2c7f2ec0e0c73cc646d5ef9d458c3640f39cb5b956878cfd290d40b382b |
| i686 |
wavpack-5.1.0-15.el8.i686.rpm |
5c34b65c60ce590bb8b4d56e810aa992423e92c9713c106933a06e9f6c45abd6 |
| i686 |
wavpack-devel-5.1.0-15.el8.i686.rpm |
e1da8e8de14d0bac64b96e6f3e600679f17f3c578f3770a42fa106181fd6c594 |
| ppc64le |
wavpack-devel-5.1.0-15.el8.ppc64le.rpm |
55b7dabc2ac75d689673d390eb860d1303fd07fd8880fd9f1bd06a8406431342 |
| ppc64le |
wavpack-5.1.0-15.el8.ppc64le.rpm |
81c78367352033f4df2179c318c9f431f39cef89af98640d90948a4d250f1c1b |
| x86_64 |
wavpack-devel-5.1.0-15.el8.x86_64.rpm |
3a4a4200fbaaeaad7d4ba82a657d9e44dbe56b59c613ba16a9598870ca78faad |
| x86_64 |
wavpack-5.1.0-15.el8.x86_64.rpm |
6d009b7238ec8861544d4215953fd5f6bcddab280525958d526121cd4289b500 |
