NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
75f4520ac1
kumquat-buildroot/package/wavpack/wavpack.hash
Fabrice Fontaine 7a24c6d63b package/wavpack: security bump to version 5.2.0 
- Switch to github to get latest version
- Drop patches (already in version)
- Fix CVE-2018-19840: The function WavpackPackInit in pack_utils.c in
  libwavpack.a in WavPack through 5.1.0 allows attackers to cause a
  denial-of-service (resource exhaustion caused by an infinite loop) via
  a crafted wav audio file because WavpackSetConfiguration64 mishandles
  a sample rate of zero.
- Fix CVE-2018-19841: The function WavpackVerifySingleBlock in
  open_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers
  to cause a denial-of-service (out-of-bounds read and application
  crash) via a crafted WavPack Lossless Audio file, as demonstrated by
  wvunpack.
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-12-19 12:21:35 +01:00

4 lines
201 B
Plaintext
Raw Blame History

# locally computed hash
sha256 77e5b1cfa26e387e4275b362f0c3fb9a27106447d9bce00f9f794f30badb77e3 wavpack-5.2.0.tar.xz
sha256 2ab58075e26305cc16920e9867c1d43f46ce81adab2051100dd316a3a93a2619 COPYING
Reference in New Issue View Git Blame Copy Permalink