USN-3960-1: WavPack vulnerability
USN-3960-1: WavPack vulnerability wavpack vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.04 Ubuntu 18.10 Ubuntu 18.04 LTS Summary WavPack could be made to crash if it received a specially crafted file. Software Description wavpack – audio codec (lossy and lossless) – encoder and decoder Details It was discovered that WavPack incorrectly handled certain DFF files. An attacker could possibly use this issue to cause a denial of service. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04 libwavpack1 – 5.1.0-5ubuntu0.1 wavpack – 5.1.0-5ubuntu0.1 Ubuntu 18.10 libwavpack1 – 5.1.0-4ubuntu0.2 wavpack – 5.1.0-4ubuntu0.2 Ubuntu 18.04 LTS libwavpack1 – 5.1.0-2ubuntu1.3 wavpack – 5.1.0-2ubuntu1.3 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all the necessary changes. References CVE-2019-11498 Source: USN-3960-1: [ more… ]