Overview

File _patchinfo of Package patchinfo.9894

<patchinfo incident="9894">
  <issue tracker="bnc" id="1120929">VUL-1: CVE-2018-19841: wavpack: out-of-bounds read in function WavpackVerifySingleBlock can lead to a DoS</issue>
  <issue tracker="bnc" id="1120930">VUL-1: CVE-2018-19840: wavpack: resource exhaustion caused by an infinite loop in function WavpackPackInit</issue>
  <issue tracker="cve" id="2018-19840"/>
  <issue tracker="cve" id="2018-19841"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>sbrabec</packager>
  <description>This update for wavpack fixes the following issues:

Security issues fixed:

- CVE-2018-19840: Fixed a denial-of-service in the WavpackPackInit function from pack_utils.c (bsc#1120930)
- CVE-2018-19841: Fixed a denial-of-service in the WavpackVerifySingleBlock function from open_utils.c (bsc#1120929)
</description>
  <summary>Security update for wavpack</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places