Summary: | <media-sound/wavpack-5.3.2: Multiple vulnerabilities (CVE-2018-{19840,19841}, CVE-2019-11498) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Vlad K. <vk-gentoo-bugs> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | ajak, sound |
Priority: | Normal | Flags: | nattka:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/dbry/WavPack/issues?q=53+or+54 | ||
See Also: | https://github.com/gentoo/gentoo/pull/16621 | ||
Whiteboard: | B3 [glsa+ cve] | ||
Package list: |
media-sound/wavpack-5.3.2
|
Runtime testing required: | --- |
Description
Vlad K.
2018-12-06 17:33:32 UTC
The linked issues contain upstream patches/fixes, though there's no new upstream release, missed to add them in the original post above. * Issue 53, CVE-2018-19840: https://github.com/dbry/WavPack/commit/070ef6f138956d9ea9612e69586152339dbefe51 * Issue 54, CVE-2018-19841 https://github.com/dbry/WavPack/commit/bba5389dc598a92bdf2b297c3ea34620b6679b5b -- Gentoo Security Scout Vladimir Krstulja Maintainer(s), please take a look. Fixed by Debian in media-sound/wavpack - 5.1.0-5 (In reply to Yury German from comment #2) > Maintainer(s), please take a look. Fixed by Debian in media-sound/wavpack - > 5.1.0-5 Patches from linked issues: https://github.com/dbry/WavPack/commit/bba5389dc598a92bdf2b297c3ea34620b6679b5b https://github.com/dbry/WavPack/commit/070ef6f138956d9ea9612e69586152339dbefe51 @maintainers: can you apply these or bump ebuild? (5.2.0 looks like it may fix others too). CVE-2019-11498 (https://nvd.nist.gov/vuln/detail/CVE-2019-11498): WavpackSetConfiguration64 in pack_utils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised value" condition, which might allow attackers to cause a denial of service (application crash) via a DFF file that lacks valid sample-rate data. (In reply to GLSAMaker/CVETool Bot from comment #4) > CVE-2019-11498 (https://nvd.nist.gov/vuln/detail/CVE-2019-11498): > WavpackSetConfiguration64 in pack_utils.c in libwavpack.a in WavPack > through > 5.1.0 has a "Conditional jump or move depends on uninitialised value" > condition, which might allow attackers to cause a denial of service > (application crash) via a DFF file that lacks valid sample-rate data. Patch: https://github.com/dbry/WavPack/commit/bc6cba3f552c44565f7f1e66dc1580189addb2b4 This patch and the others are all in 5.2 onward. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c776c386637618b5b9f951d6a13251b7200bf9ef commit c776c386637618b5b9f951d6a13251b7200bf9ef Author: John Helmert III <jchelmert3@posteo.net> AuthorDate: 2020-07-07 00:20:15 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-07-20 18:24:41 +0000 media-sound/wavpack: Security bump to 5.3.2 This also fixes tests. Previously `make check` successfully executed but didn't run any tests. Bug: https://bugs.gentoo.org/672638 Package-Manager: Portage-2.3.103, Repoman-2.3.23 Signed-off-by: John Helmert III <jchelmert3@posteo.net> Signed-off-by: Sam James <sam@gentoo.org> media-sound/wavpack/Manifest | 1 + media-sound/wavpack/wavpack-5.3.2.ebuild | 45 ++++++++++++++++++++++++++++++++ 2 files changed, 46 insertions(+) arm stable arm64 stable amd64 stable sparc stable ppc{,64} stable x86 stable. Please cleanup. GLSA vote: yes The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e2e68905da8b5386264e1f66551494b75a63f1c4 commit e2e68905da8b5386264e1f66551494b75a63f1c4 Author: Aaron Bauman <bman@gentoo.org> AuthorDate: 2020-07-26 23:49:29 +0000 Commit: Aaron Bauman <bman@gentoo.org> CommitDate: 2020-07-26 23:49:29 +0000 media-sound/wavpack: security cleanup Bug: https://bugs.gentoo.org/672638 Signed-off-by: Aaron Bauman <bman@gentoo.org> media-sound/wavpack/Manifest | 1 - media-sound/wavpack/wavpack-5.1.0-r1.ebuild | 41 ----------------------------- 2 files changed, 42 deletions(-) This issue was resolved and addressed in GLSA 202007-19 at https://security.gentoo.org/glsa/202007-19 by GLSA coordinator Sam James (sam_c). |