Security update for wavpack SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2021:0186-1 Final 1 1 2021-01-21T13:56:16Z current 2021-01-21T13:56:16Z 2021-01-21T13:56:16Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for wavpack This update for wavpack fixes the following issues: - Update to version 5.4.0 * CVE-2020-35738: Fixed an out-of-bounds write in WavpackPackSamples (bsc#1180414) * fixed: disable A32 asm code when building for Apple silicon * fixed: issues with Adobe-style floating-point WAV files * added: --normalize-floats option to wvunpack for correctly exporting un-normalized floating-point files - Update to version 5.3.0 * fixed: OSS-Fuzz issues 19925, 19928, 20060, 20448 * fixed: trailing garbage characters on imported ID3v2 TXXX tags * fixed: various minor undefined behavior and memory access issues * fixed: sanitize tag extraction names for length and path inclusion * improved: reformat wvunpack 'help' and split into long + short versions * added: regression testing to Travis CI for OSS-Fuzz crashers - Updated to version 5.2.0 *fixed: potential security issues including the following CVEs: CVE-2018-19840, CVE-2018-19841, CVE-2018-10536 (bsc#1091344), CVE-2018-10537 (bsc#1091343) CVE-2018-10538 (bsc#1091342), CVE-2018-10539 (bsc#1091341), CVE-2018-10540 (bsc#1091340), CVE-2018-7254, CVE-2018-7253, CVE-2018-6767, CVE-2019-11498 and CVE-2019-1010319 * added: support for CMake, Travis CI, and Google's OSS-fuzz * fixed: use correction file for encode verify (pipe input, Windows) * fixed: correct WAV header with actual length (pipe input, -i option) * fixed: thumb interworking and not needing v6 architecture (ARM asm) * added: handle more ID3v2.3 tag items and from all file types * fixed: coredump on Sparc64 (changed MD5 implementation) * fixed: handle invalid ID3v2.3 tags from sacd-ripper * fixed: several corner-case memory leaks The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Image SLES15-SP3-EC2-HVM-2021-186,Image SLES15-SP3-SAP-Azure-2021-186,Image SLES15-SP3-SAP-EC2-HVM-2021-186,Image SLES15-SP3-SAP-GCE-2021-186,Image SLES15-SP3-SAPCAL-Azure-2021-186,Image SLES15-SP3-SAPCAL-EC2-HVM-2021-186,Image SLES15-SP3-SAPCAL-GCE-2021-186,Image SLES15-SP4-SAP-2021-186,Image SLES15-SP4-SAP-Azure-2021-186,Image SLES15-SP4-SAP-EC2-2021-186,Image SLES15-SP4-SAP-GCE-2021-186,Image SLES15-SP4-SAPCAL-2021-186,Image SLES15-SP4-SAPCAL-Azure-2021-186,Image SLES15-SP4-SAPCAL-EC2-2021-186,Image SLES15-SP4-SAPCAL-GCE-2021-186,Image SLES15-SP5-SAP-Azure-2021-186,Image SLES15-SP5-SAP-EC2-2021-186,Image SLES15-SP5-SAP-GCE-2021-186,Image SLES15-SP5-SAPCAL-Azure-2021-186,Image SLES15-SP5-SAPCAL-EC2-2021-186,Image SLES15-SP5-SAPCAL-GCE-2021-186,Image SLES15-SP6-SAP-2021-186,Image SLES15-SP6-SAP-Azure-2021-186,Image SLES15-SP6-SAP-EC2-2021-186,Image SLES15-SP6-SAP-GCE-2021-186,Image SLES15-SP6-SAPCAL-2021-186,Image SLES15-SP6-SAPCAL-Azure-2021-186,Image SLES15-SP6-SAPCAL-EC2-2021-186,Image SLES15-SP6-SAPCAL-GCE-2021-186,Image SLES15-SP7-SAPCAL-Azure-2021-186,Image SLES15-SP7-SAPCAL-EC2-2021-186,Image SLES15-SP7-SAPCAL-GCE-2021-186,SUSE-2021-186,SUSE-SLE-Module-Basesystem-15-SP2-2021-186,SUSE-SLE-Module-Basesystem-15-SP3-2021-186,SUSE-SLE-Module-Desktop-Applications-15-SP2-2021-186,SUSE-SLE-Module-Desktop-Applications-15-SP3-2021-186,SUSE-SLE-Product-HPC-15-2021-186,SUSE-SLE-Product-HPC-15-SP1-ESPOS-2021-186,SUSE-SLE-Product-HPC-15-SP1-LTSS-2021-186,SUSE-SLE-Product-SLES-15-2021-186,SUSE-SLE-Product-SLES-15-SP1-BCL-2021-186,SUSE-SLE-Product-SLES-15-SP1-LTSS-2021-186,SUSE-SLE-Product-SLES_SAP-15-2021-186,SUSE-SLE-Product-SLES_SAP-15-SP1-2021-186,SUSE-SLE-Product-SUSE-Manager-Proxy-4.0-2021-186,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.0-2021-186,SUSE-SLE-Product-SUSE-Manager-Server-4.0-2021-186,SUSE-Storage-6-2021-186 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2021/suse-su-20210186-1/ Link for SUSE-SU-2021:0186-1 https://lists.suse.com/pipermail/sle-security-updates/2021-January/008234.html E-Mail link for SUSE-SU-2021:0186-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1091340 SUSE Bug 1091340 https://bugzilla.suse.com/1091341 SUSE Bug 1091341 https://bugzilla.suse.com/1091342 SUSE Bug 1091342 https://bugzilla.suse.com/1091343 SUSE Bug 1091343 https://bugzilla.suse.com/1091344 SUSE Bug 1091344 https://bugzilla.suse.com/1180414 SUSE Bug 1180414 https://www.suse.com/security/cve/CVE-2018-10536/ SUSE CVE CVE-2018-10536 page https://www.suse.com/security/cve/CVE-2018-10537/ SUSE CVE CVE-2018-10537 page https://www.suse.com/security/cve/CVE-2018-10538/ SUSE CVE CVE-2018-10538 page https://www.suse.com/security/cve/CVE-2018-10539/ SUSE CVE CVE-2018-10539 page https://www.suse.com/security/cve/CVE-2018-10540/ SUSE CVE CVE-2018-10540 page https://www.suse.com/security/cve/CVE-2018-19840/ SUSE CVE CVE-2018-19840 page https://www.suse.com/security/cve/CVE-2018-19841/ SUSE CVE CVE-2018-19841 page https://www.suse.com/security/cve/CVE-2018-6767/ SUSE CVE CVE-2018-6767 page https://www.suse.com/security/cve/CVE-2018-7253/ SUSE CVE CVE-2018-7253 page https://www.suse.com/security/cve/CVE-2018-7254/ SUSE CVE CVE-2018-7254 page https://www.suse.com/security/cve/CVE-2019-1010319/ SUSE CVE CVE-2019-1010319 page https://www.suse.com/security/cve/CVE-2019-11498/ SUSE CVE CVE-2019-11498 page https://www.suse.com/security/cve/CVE-2020-35738/ SUSE CVE CVE-2020-35738 page Image SLES15-SP3-EC2-HVM Image SLES15-SP3-SAP-Azure Image SLES15-SP3-SAP-EC2-HVM Image SLES15-SP3-SAP-GCE Image SLES15-SP3-SAPCAL-Azure Image SLES15-SP3-SAPCAL-EC2-HVM Image SLES15-SP3-SAPCAL-GCE Image SLES15-SP4-SAP Image SLES15-SP4-SAP-Azure Image SLES15-SP4-SAP-EC2 Image SLES15-SP4-SAP-GCE Image SLES15-SP4-SAPCAL Image SLES15-SP4-SAPCAL-Azure Image SLES15-SP4-SAPCAL-EC2 Image SLES15-SP4-SAPCAL-GCE Image SLES15-SP5-SAP-Azure Image SLES15-SP5-SAP-EC2 Image SLES15-SP5-SAP-GCE Image SLES15-SP5-SAPCAL-Azure Image SLES15-SP5-SAPCAL-EC2 Image SLES15-SP5-SAPCAL-GCE Image SLES15-SP6-SAP Image SLES15-SP6-SAP-Azure Image SLES15-SP6-SAP-EC2 Image SLES15-SP6-SAP-GCE Image SLES15-SP6-SAPCAL Image SLES15-SP6-SAPCAL-Azure Image SLES15-SP6-SAPCAL-EC2 Image SLES15-SP6-SAPCAL-GCE Image SLES15-SP7-SAPCAL-Azure Image SLES15-SP7-SAPCAL-EC2 Image SLES15-SP7-SAPCAL-GCE SUSE Enterprise Storage 6 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS SUSE Linux Enterprise High Performance Computing 15-ESPOS SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Module for Desktop Applications 15 SP2 SUSE Linux Enterprise Server 15 SP1-BCL SUSE Linux Enterprise Server 15 SP1-LTSS SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Manager Proxy 4.0 SUSE Manager Retail Branch Server 4.0 SUSE Manager Server 4.0 libwavpack1-5.4.0-4.9.1 libwavpack1-32bit-5.4.0-4.9.1 libwavpack1-64bit-5.4.0-4.9.1 wavpack-5.4.0-4.9.1 wavpack-devel-5.4.0-4.9.1 libwavpack1-5.4.0-4.9.1 as a component of Image SLES15-SP3-EC2-HVM libwavpack1-5.4.0-4.9.1 as a component of Image SLES15-SP3-SAP-Azure libwavpack1-5.4.0-4.9.1 as a component of Image SLES15-SP3-SAP-EC2-HVM libwavpack1-5.4.0-4.9.1 as a component of Image SLES15-SP3-SAP-GCE libwavpack1-5.4.0-4.9.1 as a component of Image SLES15-SP3-SAPCAL-Azure libwavpack1-5.4.0-4.9.1 as a component of Image SLES15-SP3-SAPCAL-EC2-HVM libwavpack1-5.4.0-4.9.1 as a component of Image SLES15-SP3-SAPCAL-GCE libwavpack1-5.4.0-4.9.1 as a component of Image SLES15-SP4-SAP libwavpack1-5.4.0-4.9.1 as a component of Image SLES15-SP4-SAP-Azure libwavpack1-5.4.0-4.9.1 as a component of Image SLES15-SP4-SAP-EC2 libwavpack1-5.4.0-4.9.1 as a component of Image SLES15-SP4-SAP-GCE libwavpack1-5.4.0-4.9.1 as a component of Image SLES15-SP4-SAPCAL libwavpack1-5.4.0-4.9.1 as a component of Image SLES15-SP4-SAPCAL-Azure libwavpack1-5.4.0-4.9.1 as a component of Image SLES15-SP4-SAPCAL-EC2 libwavpack1-5.4.0-4.9.1 as a component of Image SLES15-SP4-SAPCAL-GCE libwavpack1-5.4.0-4.9.1 as a component of Image SLES15-SP5-SAP-Azure libwavpack1-5.4.0-4.9.1 as a component of Image SLES15-SP5-SAP-EC2 libwavpack1-5.4.0-4.9.1 as a component of Image SLES15-SP5-SAP-GCE libwavpack1-5.4.0-4.9.1 as a component of Image SLES15-SP5-SAPCAL-Azure libwavpack1-5.4.0-4.9.1 as a component of Image SLES15-SP5-SAPCAL-EC2 libwavpack1-5.4.0-4.9.1 as a component of Image SLES15-SP5-SAPCAL-GCE libwavpack1-5.4.0-4.9.1 as a component of Image SLES15-SP6-SAP libwavpack1-5.4.0-4.9.1 as a component of Image SLES15-SP6-SAP-Azure libwavpack1-5.4.0-4.9.1 as a component of Image SLES15-SP6-SAP-EC2 libwavpack1-5.4.0-4.9.1 as a component of Image SLES15-SP6-SAP-GCE libwavpack1-5.4.0-4.9.1 as a component of Image SLES15-SP6-SAPCAL libwavpack1-5.4.0-4.9.1 as a component of Image SLES15-SP6-SAPCAL-Azure libwavpack1-5.4.0-4.9.1 as a component of Image SLES15-SP6-SAPCAL-EC2 libwavpack1-5.4.0-4.9.1 as a component of Image SLES15-SP6-SAPCAL-GCE libwavpack1-5.4.0-4.9.1 as a component of Image SLES15-SP7-SAPCAL-Azure libwavpack1-5.4.0-4.9.1 as a component of Image SLES15-SP7-SAPCAL-EC2 libwavpack1-5.4.0-4.9.1 as a component of Image SLES15-SP7-SAPCAL-GCE libwavpack1-5.4.0-4.9.1 as a component of SUSE Enterprise Storage 6 wavpack-5.4.0-4.9.1 as a component of SUSE Enterprise Storage 6 wavpack-devel-5.4.0-4.9.1 as a component of SUSE Enterprise Storage 6 libwavpack1-5.4.0-4.9.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS wavpack-5.4.0-4.9.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS wavpack-devel-5.4.0-4.9.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS libwavpack1-5.4.0-4.9.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS wavpack-5.4.0-4.9.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS wavpack-devel-5.4.0-4.9.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS libwavpack1-5.4.0-4.9.1 as a component of SUSE Linux Enterprise High Performance Computing 15-ESPOS libwavpack1-5.4.0-4.9.1 as a component of SUSE Linux Enterprise High Performance Computing 15-LTSS libwavpack1-5.4.0-4.9.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP2 wavpack-5.4.0-4.9.1 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2 wavpack-devel-5.4.0-4.9.1 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2 libwavpack1-5.4.0-4.9.1 as a component of SUSE Linux Enterprise Server 15 SP1-BCL wavpack-5.4.0-4.9.1 as a component of SUSE Linux Enterprise Server 15 SP1-BCL wavpack-devel-5.4.0-4.9.1 as a component of SUSE Linux Enterprise Server 15 SP1-BCL libwavpack1-5.4.0-4.9.1 as a component of SUSE Linux Enterprise Server 15 SP1-LTSS wavpack-5.4.0-4.9.1 as a component of SUSE Linux Enterprise Server 15 SP1-LTSS wavpack-devel-5.4.0-4.9.1 as a component of SUSE Linux Enterprise Server 15 SP1-LTSS libwavpack1-5.4.0-4.9.1 as a component of SUSE Linux Enterprise Server 15-LTSS libwavpack1-5.4.0-4.9.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 libwavpack1-5.4.0-4.9.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP1 wavpack-5.4.0-4.9.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP1 wavpack-devel-5.4.0-4.9.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP1 libwavpack1-5.4.0-4.9.1 as a component of SUSE Manager Proxy 4.0 wavpack-5.4.0-4.9.1 as a component of SUSE Manager Proxy 4.0 wavpack-devel-5.4.0-4.9.1 as a component of SUSE Manager Proxy 4.0 libwavpack1-5.4.0-4.9.1 as a component of SUSE Manager Retail Branch Server 4.0 wavpack-5.4.0-4.9.1 as a component of SUSE Manager Retail Branch Server 4.0 wavpack-devel-5.4.0-4.9.1 as a component of SUSE Manager Retail Branch Server 4.0 libwavpack1-5.4.0-4.9.1 as a component of SUSE Manager Server 4.0 wavpack-5.4.0-4.9.1 as a component of SUSE Manager Server 4.0 wavpack-devel-5.4.0-4.9.1 as a component of SUSE Manager Server 4.0 An issue was discovered in WavPack 5.1.0 and earlier. The WAV parser component contains a vulnerability that allows writing to memory because ParseRiffHeaderConfig in riff.c does not reject multiple format chunks. CVE-2018-10536 Image SLES15-SP3-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 SUSE Enterprise Storage 6:libwavpack1-5.4.0-4.9.1 SUSE Enterprise Storage 6:wavpack-5.4.0-4.9.1 SUSE Enterprise Storage 6:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15-ESPOS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Module for Basesystem 15 SP2:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15:libwavpack1-5.4.0-4.9.1 SUSE Manager Proxy 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Proxy 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Proxy 4.0:wavpack-devel-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:wavpack-devel-5.4.0-4.9.1 SUSE Manager Server 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Server 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Server 4.0:wavpack-devel-5.4.0-4.9.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210186-1/ https://www.suse.com/security/cve/CVE-2018-10536.html CVE-2018-10536 https://bugzilla.suse.com/1091344 SUSE Bug 1091344 An issue was discovered in WavPack 5.1.0 and earlier. The W64 parser component contains a vulnerability that allows writing to memory because ParseWave64HeaderConfig in wave64.c does not reject multiple format chunks. CVE-2018-10537 Image SLES15-SP3-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 SUSE Enterprise Storage 6:libwavpack1-5.4.0-4.9.1 SUSE Enterprise Storage 6:wavpack-5.4.0-4.9.1 SUSE Enterprise Storage 6:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15-ESPOS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Module for Basesystem 15 SP2:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15:libwavpack1-5.4.0-4.9.1 SUSE Manager Proxy 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Proxy 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Proxy 4.0:wavpack-devel-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:wavpack-devel-5.4.0-4.9.1 SUSE Manager Server 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Server 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Server 4.0:wavpack-devel-5.4.0-4.9.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210186-1/ https://www.suse.com/security/cve/CVE-2018-10537.html CVE-2018-10537 https://bugzilla.suse.com/1091343 SUSE Bug 1091343 An issue was discovered in WavPack 5.1.0 and earlier for WAV input. Out-of-bounds writes can occur because ParseRiffHeaderConfig in riff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytes_to_copy calculation and subsequent malloc call, leading to insufficient memory allocation. CVE-2018-10538 Image SLES15-SP3-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 SUSE Enterprise Storage 6:libwavpack1-5.4.0-4.9.1 SUSE Enterprise Storage 6:wavpack-5.4.0-4.9.1 SUSE Enterprise Storage 6:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15-ESPOS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Module for Basesystem 15 SP2:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15:libwavpack1-5.4.0-4.9.1 SUSE Manager Proxy 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Proxy 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Proxy 4.0:wavpack-devel-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:wavpack-devel-5.4.0-4.9.1 SUSE Manager Server 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Server 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Server 4.0:wavpack-devel-5.4.0-4.9.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210186-1/ https://www.suse.com/security/cve/CVE-2018-10538.html CVE-2018-10538 https://bugzilla.suse.com/1091342 SUSE Bug 1091342 An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytes_to_copy calculation and subsequent malloc call, leading to insufficient memory allocation. CVE-2018-10539 Image SLES15-SP3-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 SUSE Enterprise Storage 6:libwavpack1-5.4.0-4.9.1 SUSE Enterprise Storage 6:wavpack-5.4.0-4.9.1 SUSE Enterprise Storage 6:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15-ESPOS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Module for Basesystem 15 SP2:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15:libwavpack1-5.4.0-4.9.1 SUSE Manager Proxy 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Proxy 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Proxy 4.0:wavpack-devel-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:wavpack-devel-5.4.0-4.9.1 SUSE Manager Server 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Server 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Server 4.0:wavpack-devel-5.4.0-4.9.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210186-1/ https://www.suse.com/security/cve/CVE-2018-10539.html CVE-2018-10539 https://bugzilla.suse.com/1091341 SUSE Bug 1091341 An issue was discovered in WavPack 5.1.0 and earlier for W64 input. Out-of-bounds writes can occur because ParseWave64HeaderConfig in wave64.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytes_to_copy calculation and subsequent malloc call, leading to insufficient memory allocation. CVE-2018-10540 Image SLES15-SP3-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 SUSE Enterprise Storage 6:libwavpack1-5.4.0-4.9.1 SUSE Enterprise Storage 6:wavpack-5.4.0-4.9.1 SUSE Enterprise Storage 6:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15-ESPOS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Module for Basesystem 15 SP2:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15:libwavpack1-5.4.0-4.9.1 SUSE Manager Proxy 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Proxy 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Proxy 4.0:wavpack-devel-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:wavpack-devel-5.4.0-4.9.1 SUSE Manager Server 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Server 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Server 4.0:wavpack-devel-5.4.0-4.9.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210186-1/ https://www.suse.com/security/cve/CVE-2018-10540.html CVE-2018-10540 https://bugzilla.suse.com/1091340 SUSE Bug 1091340 The function WavpackPackInit in pack_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (resource exhaustion caused by an infinite loop) via a crafted wav audio file because WavpackSetConfiguration64 mishandles a sample rate of zero. CVE-2018-19840 Image SLES15-SP3-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 SUSE Enterprise Storage 6:libwavpack1-5.4.0-4.9.1 SUSE Enterprise Storage 6:wavpack-5.4.0-4.9.1 SUSE Enterprise Storage 6:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15-ESPOS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Module for Basesystem 15 SP2:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15:libwavpack1-5.4.0-4.9.1 SUSE Manager Proxy 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Proxy 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Proxy 4.0:wavpack-devel-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:wavpack-devel-5.4.0-4.9.1 SUSE Manager Server 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Server 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Server 4.0:wavpack-devel-5.4.0-4.9.1 low 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210186-1/ https://www.suse.com/security/cve/CVE-2018-19840.html CVE-2018-19840 https://bugzilla.suse.com/1120930 SUSE Bug 1120930 The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (out-of-bounds read and application crash) via a crafted WavPack Lossless Audio file, as demonstrated by wvunpack. CVE-2018-19841 Image SLES15-SP3-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 SUSE Enterprise Storage 6:libwavpack1-5.4.0-4.9.1 SUSE Enterprise Storage 6:wavpack-5.4.0-4.9.1 SUSE Enterprise Storage 6:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15-ESPOS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Module for Basesystem 15 SP2:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15:libwavpack1-5.4.0-4.9.1 SUSE Manager Proxy 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Proxy 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Proxy 4.0:wavpack-devel-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:wavpack-devel-5.4.0-4.9.1 SUSE Manager Server 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Server 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Server 4.0:wavpack-devel-5.4.0-4.9.1 low 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210186-1/ https://www.suse.com/security/cve/CVE-2018-19841.html CVE-2018-19841 https://bugzilla.suse.com/1120929 SUSE Bug 1120929 A stack-based buffer over-read in the ParseRiffHeaderConfig function of cli/riff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service attack or possibly have unspecified other impact via a maliciously crafted RF64 file. CVE-2018-6767 Image SLES15-SP3-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 SUSE Enterprise Storage 6:libwavpack1-5.4.0-4.9.1 SUSE Enterprise Storage 6:wavpack-5.4.0-4.9.1 SUSE Enterprise Storage 6:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15-ESPOS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Module for Basesystem 15 SP2:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15:libwavpack1-5.4.0-4.9.1 SUSE Manager Proxy 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Proxy 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Proxy 4.0:wavpack-devel-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:wavpack-devel-5.4.0-4.9.1 SUSE Manager Server 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Server 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Server 4.0:wavpack-devel-5.4.0-4.9.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210186-1/ https://www.suse.com/security/cve/CVE-2018-6767.html CVE-2018-6767 https://bugzilla.suse.com/1079746 SUSE Bug 1079746 The ParseDsdiffHeaderConfig function of the cli/dsdiff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (heap-based buffer over-read) or possibly overwrite the heap via a maliciously crafted DSDIFF file. CVE-2018-7253 Image SLES15-SP3-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 SUSE Enterprise Storage 6:libwavpack1-5.4.0-4.9.1 SUSE Enterprise Storage 6:wavpack-5.4.0-4.9.1 SUSE Enterprise Storage 6:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15-ESPOS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Module for Basesystem 15 SP2:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15:libwavpack1-5.4.0-4.9.1 SUSE Manager Proxy 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Proxy 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Proxy 4.0:wavpack-devel-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:wavpack-devel-5.4.0-4.9.1 SUSE Manager Server 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Server 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Server 4.0:wavpack-devel-5.4.0-4.9.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210186-1/ https://www.suse.com/security/cve/CVE-2018-7253.html CVE-2018-7253 https://bugzilla.suse.com/1081692 SUSE Bug 1081692 The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (global buffer over-read), or possibly trigger a buffer overflow or incorrect memory allocation, via a maliciously crafted CAF file. CVE-2018-7254 Image SLES15-SP3-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 SUSE Enterprise Storage 6:libwavpack1-5.4.0-4.9.1 SUSE Enterprise Storage 6:wavpack-5.4.0-4.9.1 SUSE Enterprise Storage 6:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15-ESPOS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Module for Basesystem 15 SP2:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15:libwavpack1-5.4.0-4.9.1 SUSE Manager Proxy 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Proxy 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Proxy 4.0:wavpack-devel-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:wavpack-devel-5.4.0-4.9.1 SUSE Manager Server 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Server 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Server 4.0:wavpack-devel-5.4.0-4.9.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210186-1/ https://www.suse.com/security/cve/CVE-2018-7254.html CVE-2018-7254 https://bugzilla.suse.com/1081693 SUSE Bug 1081693 WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseWave64HeaderConfig (wave64.c:211). The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit https://github.com/dbry/WavPack/commit/33a0025d1d63ccd05d9dbaa6923d52b1446a62fe. CVE-2019-1010319 Image SLES15-SP3-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 SUSE Enterprise Storage 6:libwavpack1-5.4.0-4.9.1 SUSE Enterprise Storage 6:wavpack-5.4.0-4.9.1 SUSE Enterprise Storage 6:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15-ESPOS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Module for Basesystem 15 SP2:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15:libwavpack1-5.4.0-4.9.1 SUSE Manager Proxy 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Proxy 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Proxy 4.0:wavpack-devel-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:wavpack-devel-5.4.0-4.9.1 SUSE Manager Server 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Server 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Server 4.0:wavpack-devel-5.4.0-4.9.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210186-1/ https://www.suse.com/security/cve/CVE-2019-1010319.html CVE-2019-1010319 https://bugzilla.suse.com/1141334 SUSE Bug 1141334 WavpackSetConfiguration64 in pack_utils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised value" condition, which might allow attackers to cause a denial of service (application crash) via a DFF file that lacks valid sample-rate data. CVE-2019-11498 Image SLES15-SP3-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 SUSE Enterprise Storage 6:libwavpack1-5.4.0-4.9.1 SUSE Enterprise Storage 6:wavpack-5.4.0-4.9.1 SUSE Enterprise Storage 6:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15-ESPOS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Module for Basesystem 15 SP2:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15:libwavpack1-5.4.0-4.9.1 SUSE Manager Proxy 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Proxy 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Proxy 4.0:wavpack-devel-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:wavpack-devel-5.4.0-4.9.1 SUSE Manager Server 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Server 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Server 4.0:wavpack-devel-5.4.0-4.9.1 low 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210186-1/ https://www.suse.com/security/cve/CVE-2019-11498.html CVE-2019-11498 https://bugzilla.suse.com/1133384 SUSE Bug 1133384 WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c because of an integer overflow in a malloc argument. NOTE: some third-parties claim that there are later "unofficial" releases through 5.3.2, which are also affected. CVE-2020-35738 Image SLES15-SP3-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-EC2-HVM:libwavpack1-5.4.0-4.9.1 Image SLES15-SP3-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAP:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP4-SAPCAL:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP5-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAP:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 Image SLES15-SP6-SAPCAL:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-Azure:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-EC2:libwavpack1-5.4.0-4.9.1 Image SLES15-SP7-SAPCAL-GCE:libwavpack1-5.4.0-4.9.1 SUSE Enterprise Storage 6:libwavpack1-5.4.0-4.9.1 SUSE Enterprise Storage 6:wavpack-5.4.0-4.9.1 SUSE Enterprise Storage 6:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15-ESPOS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise High Performance Computing 15-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Module for Basesystem 15 SP2:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-BCL:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server 15 SP1-LTSS:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server 15-LTSS:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:libwavpack1-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:wavpack-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:wavpack-devel-5.4.0-4.9.1 SUSE Linux Enterprise Server for SAP Applications 15:libwavpack1-5.4.0-4.9.1 SUSE Manager Proxy 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Proxy 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Proxy 4.0:wavpack-devel-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Retail Branch Server 4.0:wavpack-devel-5.4.0-4.9.1 SUSE Manager Server 4.0:libwavpack1-5.4.0-4.9.1 SUSE Manager Server 4.0:wavpack-5.4.0-4.9.1 SUSE Manager Server 4.0:wavpack-devel-5.4.0-4.9.1 moderate 5.8 AV:N/AC:M/Au:N/C:N/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210186-1/ https://www.suse.com/security/cve/CVE-2020-35738.html CVE-2020-35738 https://bugzilla.suse.com/1180414 SUSE Bug 1180414