openSUSE-SU-2022:0954-1

Опубликовано: 28 мар. 2022

Источник: suse-cvrf

Описание

Security update for wavpack

This update for wavpack fixes the following issues:

CVE-2021-44269: Fixed out of bounds read in processing .wav files (bsc#1197020).

Список пакетов

openSUSE Leap 15.3

libwavpack1-5.4.0-4.12.1

libwavpack1-32bit-5.4.0-4.12.1

wavpack-5.4.0-4.12.1

wavpack-devel-5.4.0-4.12.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MA3ZHJ2SJ5F7RD4MVUADLVJ2VXDS4AOS/
E-Mail link for openSUSE-SU-2022:0954-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1197020
SUSE Bug 1197020
https://www.suse.com/security/cve/CVE-2021-44269/
SUSE CVE CVE-2021-44269 page

Описание

An out of bounds read was found in Wavpack 5.4.0 in processing *.WAV files. This issue triggered in function WavpackPackSamples of file src/pack_utils.c, tainted variable cnt is too large, that makes pointer sptr read beyond heap bound.

Затронутые продукты

openSUSE Leap 15.3:libwavpack1-32bit-5.4.0-4.12.1

openSUSE Leap 15.3:libwavpack1-5.4.0-4.12.1

openSUSE Leap 15.3:wavpack-5.4.0-4.12.1

openSUSE Leap 15.3:wavpack-devel-5.4.0-4.12.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-44269.html
CVE-2021-44269
https://bugzilla.suse.com/1197020
SUSE Bug 1197020

openSUSE-SU-2022:0954-1

Описание

Список пакетов

openSUSE Leap 15.3

Ссылки

Уязвимость: CVE-2021-44269

Описание

Затронутые продукты

Ссылки