Описание
Security update for wavpack
This update for wavpack fixes the following issues:
- CVE-2021-44269: Fixed out of bounds read in processing .wav files (bsc#1197020).
Список пакетов
Image SLES15-SP1-SAPCAL-Azure
libwavpack1-5.4.0-4.12.1
Image SLES15-SP1-SAPCAL-EC2-HVM
libwavpack1-5.4.0-4.12.1
Image SLES15-SP1-SAPCAL-GCE
libwavpack1-5.4.0-4.12.1
Image SLES15-SP3-EC2-HVM
libwavpack1-5.4.0-4.12.1
Image SLES15-SP3-SAP-Azure
libwavpack1-5.4.0-4.12.1
Image SLES15-SP3-SAP-EC2-HVM
libwavpack1-5.4.0-4.12.1
Image SLES15-SP3-SAP-GCE
libwavpack1-5.4.0-4.12.1
Image SLES15-SP3-SAPCAL-Azure
libwavpack1-5.4.0-4.12.1
Image SLES15-SP3-SAPCAL-EC2-HVM
libwavpack1-5.4.0-4.12.1
Image SLES15-SP3-SAPCAL-GCE
libwavpack1-5.4.0-4.12.1
Image SLES15-SP4-SAP
libwavpack1-5.4.0-4.12.1
Image SLES15-SP4-SAP-Azure
libwavpack1-5.4.0-4.12.1
Image SLES15-SP4-SAP-EC2
libwavpack1-5.4.0-4.12.1
Image SLES15-SP4-SAP-GCE
libwavpack1-5.4.0-4.12.1
Image SLES15-SP4-SAPCAL
libwavpack1-5.4.0-4.12.1
Image SLES15-SP4-SAPCAL-Azure
libwavpack1-5.4.0-4.12.1
Image SLES15-SP4-SAPCAL-EC2
libwavpack1-5.4.0-4.12.1
Image SLES15-SP4-SAPCAL-GCE
libwavpack1-5.4.0-4.12.1
Image SLES15-SP5-SAP-Azure
libwavpack1-5.4.0-4.12.1
Image SLES15-SP5-SAP-EC2
libwavpack1-5.4.0-4.12.1
Image SLES15-SP5-SAP-GCE
libwavpack1-5.4.0-4.12.1
Image SLES15-SP5-SAPCAL-Azure
libwavpack1-5.4.0-4.12.1
Image SLES15-SP5-SAPCAL-EC2
libwavpack1-5.4.0-4.12.1
Image SLES15-SP5-SAPCAL-GCE
libwavpack1-5.4.0-4.12.1
Image SLES15-SP6-SAP
libwavpack1-5.4.0-4.12.1
Image SLES15-SP6-SAP-Azure
libwavpack1-5.4.0-4.12.1
Image SLES15-SP6-SAP-EC2
libwavpack1-5.4.0-4.12.1
Image SLES15-SP6-SAP-GCE
libwavpack1-5.4.0-4.12.1
Image SLES15-SP6-SAPCAL
libwavpack1-5.4.0-4.12.1
Image SLES15-SP6-SAPCAL-Azure
libwavpack1-5.4.0-4.12.1
Image SLES15-SP6-SAPCAL-EC2
libwavpack1-5.4.0-4.12.1
Image SLES15-SP6-SAPCAL-GCE
libwavpack1-5.4.0-4.12.1
SUSE Linux Enterprise Module for Basesystem 15 SP3
libwavpack1-5.4.0-4.12.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP3
wavpack-5.4.0-4.12.1
wavpack-devel-5.4.0-4.12.1
SUSE Linux Enterprise Real Time 15 SP2
libwavpack1-5.4.0-4.12.1
wavpack-5.4.0-4.12.1
wavpack-devel-5.4.0-4.12.1
Ссылки
- Link for SUSE-SU-2022:0954-1
- E-Mail link for SUSE-SU-2022:0954-1
- SUSE Security Ratings
- SUSE Bug 1197020
- SUSE CVE CVE-2021-44269 page
Описание
An out of bounds read was found in Wavpack 5.4.0 in processing *.WAV files. This issue triggered in function WavpackPackSamples of file src/pack_utils.c, tainted variable cnt is too large, that makes pointer sptr read beyond heap bound.
Затронутые продукты
Image SLES15-SP1-SAPCAL-Azure:libwavpack1-5.4.0-4.12.1
Image SLES15-SP1-SAPCAL-EC2-HVM:libwavpack1-5.4.0-4.12.1
Image SLES15-SP1-SAPCAL-GCE:libwavpack1-5.4.0-4.12.1
Image SLES15-SP3-EC2-HVM:libwavpack1-5.4.0-4.12.1
Ссылки
- CVE-2021-44269
- SUSE Bug 1197020