Alerts This Week
Warning Icon 1 666
Alerts This Week
Warning Icon 1 666

Ubuntu 18.10: 3839-1 Moderate: WavPack Denial Of Service Threat

Calendar Dec 06, 2018 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory denial of service Ubuntu moderate threat WavPack
Several security issues were fixed in WavPack. 
=========================================================================Ubuntu Security Notice USN-3839-1
December 06, 2018

wavpack vulnerabilities
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.10
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in WavPack.

Software Description:
- wavpack: audio codec (lossy and lossless) - encoder and decoder

Details:

It was discovered that WavPack incorrectly handled certain WAV files.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2018-19840, CVE-2018-19841)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.10:
  libwavpack1                     5.1.0-4ubuntu0.1
  wavpack                         5.1.0-4ubuntu0.1

Ubuntu 18.04 LTS:
  libwavpack1                     5.1.0-2ubuntu1.2
  wavpack                         5.1.0-2ubuntu1.2

Ubuntu 16.04 LTS:
  libwavpack1                     4.75.2-2ubuntu0.2
  wavpack                         4.75.2-2ubuntu0.2

Ubuntu 14.04 LTS:
  libwavpack1                     4.70.0-1ubuntu0.2
  wavpack                         4.70.0-1ubuntu0.2

In general, a standard system update will make all the necessary
changes.

References:
  https://ubuntu.com/security/notices/USN-3839-1
  CVE-2018-19840, CVE-2018-19841

Package Information:
  https://launchpad.net/ubuntu/+source/wavpack/5.1.0-4ubuntu0.1
  https://launchpad.net/ubuntu/+source/wavpack/5.1.0-2ubuntu1.2
  https://launchpad.net/ubuntu/+source/wavpack/4.75.2-2ubuntu0.2
  https://launchpad.net/ubuntu/+source/wavpack/4.70.0-1ubuntu0.2

Ubuntu 18.10: 3839-1 Moderate: WavPack Denial Of Service Threat

ubuntu
Calendar Grey December 6, 2018
Dist Ubuntu Esm H88
Ubuntu users are urged to apply the latest security patches related to WavPack vulnerabilities. This update addresses potential denial of service issues.
Several security issues were fixed in WavPack.

Summary

Topics%20covered

Topics Covered

security advisory denial of service Ubuntu moderate threat WavPack

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10:   libwavpack1                     5.1.0-4ubuntu0.1   wavpack                         5.1.0-4ubuntu0.1 Ubuntu 18.04 LTS:   libwavpack1                     5.1.0-2ubuntu1.2   wavpack                         5.1.0-2ubuntu1.2 Ubuntu 16.04 LTS:   libwavpack1                     4.75.2-2ubuntu0.2   wavpack                         4.75.2-2ubuntu0.2 Ubuntu 14.04 LTS:   libwavpack1                     4.70.0-1ubuntu0.2   wavpack                         4.70.0-1ubuntu0.2 In general, a standard system update will make all the necessary changes.

References

  https://ubuntu.com/security/notices/USN-3839-1

  CVE-2018-19840, CVE-2018-19841

Severity
important
Lowest
Low
Medium
High
Critical

December 06, 2018

Topics%20covered

Topics Covered

security advisory denial of service Ubuntu moderate threat WavPack

Package Information

  https://launchpad.net/ubuntu/+source/wavpack/5.1.0-4ubuntu0.1   https://launchpad.net/ubuntu/+source/wavpack/5.1.0-2ubuntu1.2   https://launchpad.net/ubuntu/+source/wavpack/4.75.2-2ubuntu0.2   https://launchpad.net/ubuntu/+source/wavpack/4.70.0-1ubuntu0.2

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here