-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4197-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff May 09, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : wavpack CVE ID : CVE-2018-10536 CVE-2018-10537 CVE-2018-10538 CVE-2018-10539 CVE-2018-10540 Multiple vulnerabilities were discovered in the wavpack audio codec which could result in denial of service or the execution of arbitrary code if malformed media files are processed. The oldstable distribution (jessie) is not affected. For the stable distribution (stretch), these problems have been fixed in version 5.0.0-2+deb9u2. We recommend that you upgrade your wavpack packages. For the detailed security status of wavpack please refer to its security tracker page at: https://security-tracker.debian.org/tracker/wavpack Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlrzPIAACgkQEMKTtsN8 TjatXhAAvWZolol6Pg9GRGJDAQRhStyBToLM3HK9L52XPMQOjdQ3WdsSXwsooHrM r0i7cwSkM3ODsGZ4+ToQwbNTlvRKPpmjaI9w9BoKlnM2UVFziHaoJnmPQnlyk2Yb pKm8/xRuhZ0JIDhOM9mhofM1p8GruLcOpdSkw7PkKFWvps0AREf/8TNtH0WTj9oY jj4hxF2+7bRHBOY906ZKgRXjOsaaKussYt/qIETSibxewLPOcOhqKvfnQBWwgVkm KesB6yOdx53voSqpH04fsEi+HGQhrnzS7cUUKRdUnlF68xe/9WE8ewbC8hF+Pddv RYhi7cx2BWl4ibAyYbniD+7k9A6e0ReOWD1/A/dq+g13BniorVFOYcH6RRwDtWJN oUU971UoN75+0aRjnj8ugfEY81l90c0oJtl09iCzwO5jIepMdj4GaaxFU7i5+y/u CsKmv7tEvqXJFyIJwY28BbbYN0oY1meIlfgkMwqEHbWsIUPQrSzMlveBMpUhcG7k 2BgLqUR8haVqkq7jzLXzVtv1QArNp3NpllDXCc1SwpnbYmiJdTB9G4/kLJsVRscK 65Cxbergb7LEtWrUmyJq1Lc7yWO1cdaqhSQpxHzK1EhdKTKLzgzTZlT7a6M5zytI g29ne535y9JmwNoJkQOJz0GxT7NFnr6+X/pL2fmu0630qj++RJA= =P0EO -----END PGP SIGNATURE-----