[ubuntu/bionic-proposed] wavpack 5.1.0-2ubuntu1 (Accepted)
Leonidas S. Barbosa
leo.barbosa at canonical.com
Fri Feb 23 15:27:18 UTC 2018
wavpack (5.1.0-2ubuntu1) bionic; urgency=medium
* SECURITY UPDATE: stack-based buffer overr-read
- debian/patches/CVE-2018-6767.patch: do not overwrite
stack on corrupt RF64 file in cli/riff.c.
- CVE-2018-6767
* SECURITY UPDATE: Maliciously crafted DSDIFF can result
in a denial of service
- debian/patches/CVE-2018-7253.patch: do not overwrite
heap on corrupt DSDIFF file in cli/dsdiff.c
- CVE-2018-7253
* SECURITY UPDATE: Denial of service through maliciously
crafted CAF file
- debian/patches/CVE-2018-7254.patch: fix buffer overflows
and bad allocs in cli/caff.c.
- CVE-2018-7254
Date: Thu, 22 Feb 2018 12:13:50 -0300
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/wavpack/5.1.0-2ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 22 Feb 2018 12:13:50 -0300
Source: wavpack
Binary: libwavpack1 libwavpack-dev wavpack
Architecture: source
Version: 5.1.0-2ubuntu1
Distribution: bionic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Leonidas S. Barbosa <leo.barbosa at canonical.com>
Description:
libwavpack-dev - audio codec (lossy and lossless) - development files
libwavpack1 - audio codec (lossy and lossless) - library
wavpack - audio codec (lossy and lossless) - encoder and decoder
Changes:
wavpack (5.1.0-2ubuntu1) bionic; urgency=medium
.
* SECURITY UPDATE: stack-based buffer overr-read
- debian/patches/CVE-2018-6767.patch: do not overwrite
stack on corrupt RF64 file in cli/riff.c.
- CVE-2018-6767
* SECURITY UPDATE: Maliciously crafted DSDIFF can result
in a denial of service
- debian/patches/CVE-2018-7253.patch: do not overwrite
heap on corrupt DSDIFF file in cli/dsdiff.c
- CVE-2018-7253
* SECURITY UPDATE: Denial of service through maliciously
crafted CAF file
- debian/patches/CVE-2018-7254.patch: fix buffer overflows
and bad allocs in cli/caff.c.
- CVE-2018-7254
Checksums-Sha1:
94e44a5c567b0cedc29f291b12d50d16d37cc1ba 2172 wavpack_5.1.0-2ubuntu1.dsc
fd316b44d3474bb8a2f9c830dde26019535f3f9a 8336 wavpack_5.1.0-2ubuntu1.debian.tar.xz
12bfd19b5469b3b9a2fa36ff953627785649d421 7252 wavpack_5.1.0-2ubuntu1_source.buildinfo
Checksums-Sha256:
6e4630e7d0e6c569cdf1482a5745f9859ab140da53da1a0502e8e2814c4e6cc4 2172 wavpack_5.1.0-2ubuntu1.dsc
942eb5c9e9d2675fc66ac70a9f9abd892fc0067acd473b56c6e554e13ac05513 8336 wavpack_5.1.0-2ubuntu1.debian.tar.xz
9fc56b12f2445c480c4f1f237c10ad24add057101a67cb88a24ed16f133a6c05 7252 wavpack_5.1.0-2ubuntu1_source.buildinfo
Files:
309df100c8918571267d74360404317a 2172 sound optional wavpack_5.1.0-2ubuntu1.dsc
1d5baff6337600c776a091091ba06425 8336 sound optional wavpack_5.1.0-2ubuntu1.debian.tar.xz
35c89b8abf23b9ce69557ba953c16f25 7252 sound optional wavpack_5.1.0-2ubuntu1_source.buildinfo
Original-Maintainer: Debian Multimedia Maintainers <pkg-multimedia-maintainers at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJakDJmAAoJEGVp2FWnRL6TyDIQALsw0iiCVdLKPR1KZmNa64Hl
FSEZ3MdvMBhkp0NWxraP9GpiUYbb0M6k08Yxl7tF7II6e8yWNpVep6oS2u8oY5cQ
GfpFpYVKQmlc3LwUMV7BsACijVd4AOAKf7n2faBE7N7z0qhAZLTcoeFLGMLIM4e9
DkXLYc0YTxXqEPtgY/9Dyeea0nfmHnAhdhdyGqfi+PQnn0S2KcgN0ypuMsUeoMYz
kxm6wczZwBVj4hXbl6kbQtlEE6tNEKZqjj5JqdNwBWr6GDhB5ZIZgq58KQzqOGcj
0Dm0QOs1n91eBNPdzy/fWLWCCh62bP2fhifkNjUCxrm5aaz0kBhwGKKpPy82tXLT
jXNbJEQFJG9nLOpsL0h3HsBVUkySCQIGVqmUmc5Th32JPAkjsHekB3pwkCY5PeGF
UVS1mj84UDEbVgRisusvCRd/bsfBwEcDEFKJmmlQI0UUkaRsdSXYHABvQiNGyC95
hD3N/IeV175SoMcU9n44KPmuvyBnNvDwG9Xg0k9KHQUam+Xha5mKllj2rQysW2lu
BeWubcjhKC0Yd/mEh5fuZaioHCGLADgWNfGlQCHDQrKLzCndeWypfyf4LEfr2Mv5
Y8KS6/znpiyeRcHoTFyszZsbhvAjmxzXGvnUpP5ni436de/Cv1ClKFuGARESCsoI
hvnqqirajCQI6xjB5LOt
=YEyJ
-----END PGP SIGNATURE-----
More information about the Bionic-changes
mailing list