-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 27 Feb 2018 15:15:53 +0100 Source: wavpack Binary: libwavpack1 libwavpack-dev wavpack Architecture: source amd64 Version: 5.0.0-2+deb9u1 Distribution: stretch-security Urgency: high Maintainer: Debian Multimedia Maintainers <pkg-multimedia-maintainers@lists.alioth.debian.org> Changed-By: Sebastien Delafond <seb@debian.org> Description: libwavpack-dev - audio codec (lossy and lossless) - development files libwavpack1 - audio codec (lossy and lossless) - library wavpack - audio codec (lossy and lossless) - encoder and decoder Changes: wavpack (5.0.0-2+deb9u1) stretch-security; urgency=high . * Non-maintainer upload by the Security Team. * CVE-2018-6767, CVE-2018-7253, CVE-2018-7254 several vulnerabilities allow a remote attacker to cause a denial-of-service or have unspecified other impact via maliciously crafted files (RF64, DSDIFF, CAF) Checksums-Sha1: d02e6038b4a1267a20694ac98bcee79b98e134e1 1809 wavpack_5.0.0-2+deb9u1.dsc 3f5e7ac02ab931da68812578be4710906055427e 807953 wavpack_5.0.0.orig.tar.bz2 20a432b4553c609620d6beb3c837ec6e44817b1a 8512 wavpack_5.0.0-2+deb9u1.debian.tar.xz a9cbf9da82f74232bbb6d5228500a0edf486c0b7 99586 libwavpack-dev_5.0.0-2+deb9u1_amd64.deb d8bab646cd18cdf7ee606f4594d5e0cc5149210b 160772 libwavpack1-dbgsym_5.0.0-2+deb9u1_amd64.deb defac7ea774b69cb5691576e4423b5764b6ca067 85840 libwavpack1_5.0.0-2+deb9u1_amd64.deb ec6a0be59fc24c849b6d628958d3e2fda5c99621 163228 wavpack-dbgsym_5.0.0-2+deb9u1_amd64.deb cfd96aa9d719cc833a0c26fbf45a4d04fb4e3b4e 6590 wavpack_5.0.0-2+deb9u1_amd64.buildinfo 8c2bf330b6b0ececd48c98287b9ef8ab719a86f4 90044 wavpack_5.0.0-2+deb9u1_amd64.deb Checksums-Sha256: 81e005fd7e3b3d9d7ce6e4d9bca6da473b3cd6e79767388cefa8901e5a390aee 1809 wavpack_5.0.0-2+deb9u1.dsc 918d7e32a19598df543b17fff840b10a0880f87296f9e32af454d256b6a64049 807953 wavpack_5.0.0.orig.tar.bz2 34a1ec11351287bcb35203ad45003768216733c7a473bdbe9238bacff2e30b08 8512 wavpack_5.0.0-2+deb9u1.debian.tar.xz f3f59cb85fcb1877c535805221335739f636f810fe5ea78cb73eb917ab434bfa 99586 libwavpack-dev_5.0.0-2+deb9u1_amd64.deb e0c3954d7e37e8ef70137758465e0c67af6614a2b42e2c25c062605a01403c3c 160772 libwavpack1-dbgsym_5.0.0-2+deb9u1_amd64.deb 3da39adab0e9535286e2c32a9cd1fc660e5e2d818c23cfbbb68327c94e37abe7 85840 libwavpack1_5.0.0-2+deb9u1_amd64.deb 173f7c98120ee93977faa9715fcccd6b4f5a9e266f1300e11814cc86404df1ac 163228 wavpack-dbgsym_5.0.0-2+deb9u1_amd64.deb c4c26bd06f66bcd90336897eee90946947f58aede0739498a7391c6f45942692 6590 wavpack_5.0.0-2+deb9u1_amd64.buildinfo 7f3fd3b49f4a2a2ab97cacfe6432ee6906c82e3968bb423958ccc85317a754cf 90044 wavpack_5.0.0-2+deb9u1_amd64.deb Files: df4c613fba6949601a08f7d79263e01b 1809 sound optional wavpack_5.0.0-2+deb9u1.dsc 2a14f9004aec1419d265ce5b19b18463 807953 sound optional wavpack_5.0.0.orig.tar.bz2 bcac3b017440d7e324d6d061f999e86c 8512 sound optional wavpack_5.0.0-2+deb9u1.debian.tar.xz d0d77949953974fda1f848e748681867 99586 libdevel optional libwavpack-dev_5.0.0-2+deb9u1_amd64.deb 7525ea03589a774284cefc2dc9f2ccb3 160772 debug extra libwavpack1-dbgsym_5.0.0-2+deb9u1_amd64.deb 7b5cd1f5f07e99419ec6451b319ba002 85840 libs optional libwavpack1_5.0.0-2+deb9u1_amd64.deb 83e9c9c2b29dea7862aada58291bf08d 163228 debug extra wavpack-dbgsym_5.0.0-2+deb9u1_amd64.deb c7b9de4d54e6043653a089fc6d51ebe6 6590 sound optional wavpack_5.0.0-2+deb9u1_amd64.buildinfo bf3cb6fa5d77a2fdc68d4a414e0202d8 90044 sound optional wavpack_5.0.0-2+deb9u1_amd64.deb -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEAqSkbVtrXP4xJMh3EL6Jg/PVnWQFAlqVbo0ACgkQEL6Jg/PV nWRy3QgAjBEgPBZ7zmHjXlzj4gO35o8X0X98KRLX54qvvKMMyLK04WfsdNpRLdVG dCRpQxN5mECtRSigDk2oHLX9WvW+d376X34+41YUR/W1hBc1noVpa/PDDtzWuUuK Ghu9Y3ZnDKslZ34N1XdEs7JUrFnJiZUOIVedMr9Qg1Kr/9OZlKhDHTD0FHVrsFDV FRWQEzqmket6ZABV2ClAH1df6mP2+8ZD2KDGZfQTxANu+KnB4dQJE/WNX6G0iPJX CBdO+2bQXaccRmCBUTM1oOeONx1bkMvN/SvAejcYfVm+6HEYJHiZZfD75HoFU1v1 +rwYokccLdxrKxkCpiVHn0ik0KNpBw== =M8T2 -----END PGP SIGNATURE-----
