Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 4197-1] wavpack security updaze

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 4197-1] wavpack security updaze


Chronologisch Thread 
    < Chronologisch >      < Thread >
  • From: Moritz Muehlenhoff <jmm AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 4197-1] wavpack security updaze
  • Date: Wed, 9 May 2018 20:24:39 +0200
  • List-archive: https://lists.debian.org/msgid-search/20180509182439.GA17293 AT pisco.westfalen.local
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-return-path: <jmm AT inutil.org>
  • Priority: urgent
  • Resent-date: Wed, 9 May 2018 18:25:05 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <3TZyGEyrfXF.A.PPG.B0z8aB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4197-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
May 09, 2018 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : wavpack
CVE ID : CVE-2018-10536 CVE-2018-10537 CVE-2018-10538 CVE-2018-10539
CVE-2018-10540

Multiple vulnerabilities were discovered in the wavpack audio codec which
could result in denial of service or the execution of arbitrary code if
malformed media files are processed.

The oldstable distribution (jessie) is not affected.

For the stable distribution (stretch), these problems have been fixed in
version 5.0.0-2+deb9u2.

We recommend that you upgrade your wavpack packages.

For the detailed security status of wavpack please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/wavpack

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlrzPIAACgkQEMKTtsN8
TjatXhAAvWZolol6Pg9GRGJDAQRhStyBToLM3HK9L52XPMQOjdQ3WdsSXwsooHrM
r0i7cwSkM3ODsGZ4+ToQwbNTlvRKPpmjaI9w9BoKlnM2UVFziHaoJnmPQnlyk2Yb
pKm8/xRuhZ0JIDhOM9mhofM1p8GruLcOpdSkw7PkKFWvps0AREf/8TNtH0WTj9oY
jj4hxF2+7bRHBOY906ZKgRXjOsaaKussYt/qIETSibxewLPOcOhqKvfnQBWwgVkm
KesB6yOdx53voSqpH04fsEi+HGQhrnzS7cUUKRdUnlF68xe/9WE8ewbC8hF+Pddv
RYhi7cx2BWl4ibAyYbniD+7k9A6e0ReOWD1/A/dq+g13BniorVFOYcH6RRwDtWJN
oUU971UoN75+0aRjnj8ugfEY81l90c0oJtl09iCzwO5jIepMdj4GaaxFU7i5+y/u
CsKmv7tEvqXJFyIJwY28BbbYN0oY1meIlfgkMwqEHbWsIUPQrSzMlveBMpUhcG7k
2BgLqUR8haVqkq7jzLXzVtv1QArNp3NpllDXCc1SwpnbYmiJdTB9G4/kLJsVRscK
65Cxbergb7LEtWrUmyJq1Lc7yWO1cdaqhSQpxHzK1EhdKTKLzgzTZlT7a6M5zytI
g29ne535y9JmwNoJkQOJz0GxT7NFnr6+X/pL2fmu0630qj++RJA=
=P0EO
-----END PGP SIGNATURE-----


  • [IT-SecNots] [SECURITY] [DSA 4197-1] wavpack security updaze, Moritz Muehlenhoff, 09.05.2018

Archiv bereitgestellt durch MHonArc 2.6.19.

Seitenanfang