Debian Package Tracker
Register | Log in
Subscribe

wavpack

audio codec (lossy and lossless) - encoder and decoder

Choose email to subscribe with

general
  • source: wavpack (main)
  • version: 5.1.0-5
  • maintainer: Debian Multimedia Maintainers (archive) [DMD]
  • uploaders: Sebastian Dröge [DMD] – Sebastian Ramacher [DMD]
  • arch: any
  • std-ver: 4.2.1
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • o-o-stable: 4.60.1-3
  • oldstable: 4.70.0-1
  • stable: 5.0.0-2+deb9u2
  • stable-sec: 5.0.0-2+deb9u2
  • testing: 5.1.0-5
  • unstable: 5.1.0-5
versioned links
  • 4.60.1-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 4.70.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 5.0.0-2+deb9u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 5.1.0-5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • libwavpack-dev
  • libwavpack1
  • wavpack
action needed
3 ignored security issues in jessie low
There are 3 open security issues in jessie.
3 issues skipped by the security teams:
  • CVE-2016-10169: The read_code function in read_words.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WV file.
  • CVE-2018-19841: The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (out-of-bounds read and application crash) via a crafted WavPack Lossless Audio file, as demonstrated by wvunpack.
  • CVE-2018-19840: The function WavpackPackInit in pack_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (resource exhaustion caused by an infinite loop) via a crafted wav audio file because WavpackSetConfiguration64 mishandles a sample rate of zero.
Please fix them.
Created: 2017-01-29 Last update: 2019-01-02 04:04
2 ignored security issues in stretch low
There are 2 open security issues in stretch.
2 issues skipped by the security teams:
  • CVE-2018-19841: The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (out-of-bounds read and application crash) via a crafted WavPack Lossless Audio file, as demonstrated by wvunpack.
  • CVE-2018-19840: The function WavpackPackInit in pack_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (resource exhaustion caused by an infinite loop) via a crafted wav audio file because WavpackSetConfiguration64 mishandles a sample rate of zero.
Please fix them.
Created: 2018-12-04 Last update: 2019-01-02 04:04
Standards version of the package is outdated. wishlist
The package should be updated to follow the last version of Debian Policy (Standards-Version 4.3.0 instead of 4.2.1).
Created: 2018-12-23 Last update: 2018-12-23 17:15
news
[rss feed]
  • [2018-12-11] wavpack 5.1.0-5 MIGRATED to testing (Debian testing watch)
  • [2018-12-05] Accepted wavpack 5.1.0-5 (source) into unstable (Sebastian Ramacher)
  • [2018-08-03] wavpack 5.1.0-4 MIGRATED to testing (Debian testing watch)
  • [2018-07-28] Accepted wavpack 5.1.0-4 (source) into unstable (Sebastian Ramacher)
  • [2018-05-13] Accepted wavpack 5.0.0-2+deb9u2 (source) into proposed-updates->stable-new, proposed-updates (Moritz Muehlenhoff) (signed by: Moritz Mühlenhoff)
  • [2018-05-09] Accepted wavpack 5.0.0-2+deb9u2 (source) into stable->embargoed, stable (Moritz Muehlenhoff) (signed by: Moritz Mühlenhoff)
  • [2018-05-06] wavpack 5.1.0-3 MIGRATED to testing (Debian testing watch)
  • [2018-05-01] Accepted wavpack 5.1.0-3 (source) into unstable (Sebastian Ramacher)
  • [2018-03-02] Accepted wavpack 5.0.0-2+deb9u1 (source amd64) into proposed-updates->stable-new, proposed-updates (Sebastien Delafond)
  • [2018-02-27] Accepted wavpack 5.0.0-2+deb9u1 (source amd64) into stable->embargoed, stable (Sebastien Delafond)
  • [2017-07-15] wavpack 5.1.0-2 MIGRATED to testing (Debian testing watch)
  • [2017-07-09] Accepted wavpack 5.1.0-2 (source amd64) into unstable (Loïc Minier)
  • [2017-06-23] wavpack 5.1.0-1 MIGRATED to testing (Debian testing watch)
  • [2017-06-18] Accepted wavpack 5.1.0-1 (source) into unstable (Sebastian Ramacher)
  • [2017-02-04] wavpack 5.0.0-2 MIGRATED to testing (Debian testing watch)
  • [2017-01-30] Accepted wavpack 5.0.0-2 (source) into unstable (Sebastian Ramacher)
  • [2017-01-13] wavpack 5.0.0-1 MIGRATED to testing (Debian testing watch)
  • [2017-01-02] Accepted wavpack 5.0.0-1 (source) into unstable (Sebastian Ramacher)
  • [2016-04-11] wavpack 4.80.0-1 MIGRATED to testing (Debian testing watch)
  • [2016-04-05] Accepted wavpack 4.80.0-1 (source) into unstable (Sebastian Ramacher)
  • [2016-01-23] wavpack 4.75.2-2 MIGRATED to testing (Debian testing watch)
  • [2016-01-17] Accepted wavpack 4.75.2-2 (source) into unstable (Sebastian Ramacher)
  • [2016-01-17] Accepted wavpack 4.75.2-1 (source) into unstable (Sebastian Ramacher)
  • [2015-06-16] wavpack 4.75.0-1 MIGRATED to testing (Britney)
  • [2015-06-10] Accepted wavpack 4.75.0-1 (source amd64) into unstable (Alessio Treglia)
  • [2013-11-11] wavpack 4.70.0-1 MIGRATED to testing (Debian testing watch)
  • [2013-10-31] Accepted wavpack 4.70.0-1 (source amd64) (Sebastian Dröge)
  • [2012-04-12] wavpack 4.60.1-3 MIGRATED to testing (Debian testing watch)
  • [2012-04-01] Accepted wavpack 4.60.1-3 (source amd64) (Alessio Treglia)
  • [2011-12-16] wavpack 4.60.1-2 MIGRATED to testing (Debian testing watch)
  • 1
  • 2
bugs [bug history graph]
  • all: 1
  • RC: 0
  • I&N: 0
  • M&W: 1
  • F&P: 0
  • patch: 0
links
  • homepage
  • lintian
  • buildd: logs, clang, reproducibility
  • popcon
  • browse source code
  • edit tags
  • security tracker
  • screenshots
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 5.1.0-5
  • 2 bugs

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing