Описание
Low: wavpack security update
WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode.
Security Fix(es):
-
wawpack: Infinite loop in WavpackPackInit function lead to DoS (CVE-2018-19840)
-
wawpack: Out-of-bounds read in WavpackVerifySingleBlock function leads to DoS (CVE-2018-19841)
-
wavpack: Use of uninitialized variable in WavpackSetConfiguration64 leads to DoS (CVE-2019-11498)
-
wavpack: Divide by zero in ParseDsdiffHeaderConfig leads to crash (CVE-2019-1010315)
-
wavpack: Use of uninitialized variable in ParseCaffHeaderConfig leads to DoS (CVE-2019-1010317)
-
wavpack: Use of uninitialized variable in ParseWave64HeaderConfig leads to DoS (CVE-2019-1010319)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Rocky Linux 8.2 Release Notes linked from the References section.
Затронутые продукты
Rocky Linux 8
Ссылки на источники
Исправления
- Red Hat - 1661448
- Red Hat - 1661449
- Red Hat - 1704633
- Red Hat - 1729418
- Red Hat - 1737740
- Red Hat - 1737747
