Alerts This Week
Warning Icon 1 666
Alerts This Week
Warning Icon 1 666

Slackware 15.x: 2022-021-02 Severity: Wavpack Buffer Overflow Risk

slackware
Calendar Grey January 14, 2021
Dist Slackware Esm H88
Latest wavpack updates for Slackware address a significant vulnerability. Update today to bolster your defense against potential threats.
New wavpack packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue

Summary

Here are the details from the Slackware 14.2 ChangeLog: patches/packages/wavpack-5.4.0-i586-1_slack14.2.txz: Upgraded. WavPack 5.4.0 fixes an issue where a specially crafted WAV file could cause the wavpack command-line program to crash with an out-of-bounds write. For more information, see: https://www.cve.org/CVERecord?id=CVE-2020-35738 (* Security fix *)

Topics%20covered

Topics Covered

security advisory security issue critical package update slackware software fix out-of-bounds write wavpack

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 14.0:
Updated package for Slackware x86_64 14.0:
Updated package for Slackware 14.1:
Updated package for Slackware x86_64 14.1:
Updated package for Slackware 14.2:
Updated package for Slackware x86_64 14.2:
Updated package for Slackware -current:
Updated package for Slackware x86_64 -current:

MD5 Signatures

Slackware 14.0 package: 73c81f2d86dd3acf4001c95dc7dd607f wavpack-5.4.0-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: 7b60938f01773f7ea26fd40fa262bf17 wavpack-5.4.0-x86_64-1_slack14.0.txz
Slackware 14.1 package: 0e7b8692c7e9765140274106f72fbd5b wavpack-5.4.0-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: a15c97a0e1c6bfc0fd98ca33dc748852 wavpack-5.4.0-x86_64-1_slack14.1.txz
Slackware 14.2 package: aad8f058446a66757fb991822e1091b5 wavpack-5.4.0-i586-1_slack14.2.txz
Slackware x86_64 14.2 package: 13c77241fa0efad104edfe146def62d6 wavpack-5.4.0-x86_64-1_slack14.2.txz
Slackware -current package: 488cad848a0fed25c42b88996707d46b l/wavpack-5.4.0-i586-1.txz
Slackware x86_64 -current package: 0b67b6cd4b48dad135fb40501f0c75f1 l/wavpack-5.4.0-x86_64-1.txz

Severity
critical
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory security issue critical package update slackware software fix out-of-bounds write wavpack

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg wavpack-5.4.0-i586-1_slack14.2.txz

Related News

Your message here