Issued:: 2022-11-08
Updated:: 2022-11-08

RHSA-2022:7558 - Security Advisory

Overview
Updated Packages

Synopsis

Low: wavpack security update

Type/Severity

Security Advisory: Low

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for wavpack is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

WavPack is a completely open audio compression format providing lossless, high-quality lossy and a unique hybrid compression mode.

Security Fix(es):

wavpack: Heap out-of-bounds read in WavpackPackSamples() (CVE-2021-44269)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8 ppc64le
Red Hat Enterprise Linux Server - TUS 8.8 x86_64
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8 aarch64
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64
Red Hat CodeReady Linux Builder for x86_64 8 x86_64
Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.8 x86_64
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.8 ppc64le
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.8 s390x
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.8 aarch64

Fixes

BZ - 2064457 - CVE-2021-44269 wavpack: Heap out-of-bounds read in WavpackPackSamples()

CVEs

CVE-2021-44269

References

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 8

SRPM
wavpack-5.1.0-16.el8.src.rpm	SHA-256: 7cbc8f885534a9679733e9d8b8f387fdad6ef6836ed0f7f3a2ac96903e7461bf
x86_64
wavpack-5.1.0-16.el8.i686.rpm	SHA-256: 3d4d5b147948d8db50107ce92b31426f79a77811fe529144a0815fd360dd83fe
wavpack-5.1.0-16.el8.x86_64.rpm	SHA-256: f5e5daf2859758a44819e22ff9ae3f68acd919648db7685a27c6f19de55776a9
wavpack-debuginfo-5.1.0-16.el8.i686.rpm	SHA-256: 8494ae44b057277ea6a0215255e0c7e694b3f0d8a7103c3ac5f64686cdfb7c74
wavpack-debuginfo-5.1.0-16.el8.x86_64.rpm	SHA-256: 5cd3c99b39a9b036661e7a4481a3309d3f32a5e3449d340bbdcca2bafd82ecc4
wavpack-debugsource-5.1.0-16.el8.i686.rpm	SHA-256: 31ffe5d611830ccc10d3fa5f91e996ed4c892c759e418f3678c8aeebc90d790a
wavpack-debugsource-5.1.0-16.el8.x86_64.rpm	SHA-256: 0202ea4e841917913fa314e056120060d3a4eb4e2f1ceb469eb9a69162dcfedc

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8

SRPM
wavpack-5.1.0-16.el8.src.rpm	SHA-256: 7cbc8f885534a9679733e9d8b8f387fdad6ef6836ed0f7f3a2ac96903e7461bf
x86_64
wavpack-5.1.0-16.el8.i686.rpm	SHA-256: 3d4d5b147948d8db50107ce92b31426f79a77811fe529144a0815fd360dd83fe
wavpack-5.1.0-16.el8.x86_64.rpm	SHA-256: f5e5daf2859758a44819e22ff9ae3f68acd919648db7685a27c6f19de55776a9
wavpack-debuginfo-5.1.0-16.el8.i686.rpm	SHA-256: 8494ae44b057277ea6a0215255e0c7e694b3f0d8a7103c3ac5f64686cdfb7c74
wavpack-debuginfo-5.1.0-16.el8.x86_64.rpm	SHA-256: 5cd3c99b39a9b036661e7a4481a3309d3f32a5e3449d340bbdcca2bafd82ecc4
wavpack-debugsource-5.1.0-16.el8.i686.rpm	SHA-256: 31ffe5d611830ccc10d3fa5f91e996ed4c892c759e418f3678c8aeebc90d790a
wavpack-debugsource-5.1.0-16.el8.x86_64.rpm	SHA-256: 0202ea4e841917913fa314e056120060d3a4eb4e2f1ceb469eb9a69162dcfedc

Red Hat Enterprise Linux for IBM z Systems 8

SRPM
wavpack-5.1.0-16.el8.src.rpm	SHA-256: 7cbc8f885534a9679733e9d8b8f387fdad6ef6836ed0f7f3a2ac96903e7461bf
s390x
wavpack-5.1.0-16.el8.s390x.rpm	SHA-256: 92d1c61ad6883af19377bd4d717cb1b088528452089c99a2e158fa927b472bc1
wavpack-debuginfo-5.1.0-16.el8.s390x.rpm	SHA-256: 67d6b58b4e0becf2ce23e06daa30c2719678e4749c2526377c9762de70e572ba
wavpack-debugsource-5.1.0-16.el8.s390x.rpm	SHA-256: a6f794fff17e98b395550d89ec92bc31979a962cabb70cc8263e252364c13996

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8

SRPM
wavpack-5.1.0-16.el8.src.rpm	SHA-256: 7cbc8f885534a9679733e9d8b8f387fdad6ef6836ed0f7f3a2ac96903e7461bf
s390x
wavpack-5.1.0-16.el8.s390x.rpm	SHA-256: 92d1c61ad6883af19377bd4d717cb1b088528452089c99a2e158fa927b472bc1
wavpack-debuginfo-5.1.0-16.el8.s390x.rpm	SHA-256: 67d6b58b4e0becf2ce23e06daa30c2719678e4749c2526377c9762de70e572ba
wavpack-debugsource-5.1.0-16.el8.s390x.rpm	SHA-256: a6f794fff17e98b395550d89ec92bc31979a962cabb70cc8263e252364c13996

Red Hat Enterprise Linux for Power, little endian 8

SRPM
wavpack-5.1.0-16.el8.src.rpm	SHA-256: 7cbc8f885534a9679733e9d8b8f387fdad6ef6836ed0f7f3a2ac96903e7461bf
ppc64le
wavpack-5.1.0-16.el8.ppc64le.rpm	SHA-256: 2e6aa29de652a0d3fdad3f372ec4114d32c1d7fcb36908e8a440a1a7f4828be0
wavpack-debuginfo-5.1.0-16.el8.ppc64le.rpm	SHA-256: 267e1ead7d4f94567076328ff4cf9cd5daab1acaf50d88d612631141cf33eb06
wavpack-debugsource-5.1.0-16.el8.ppc64le.rpm	SHA-256: 5c396fd1c36f238178aec58af66c13ed8c9f732a2b92fdf9da5e065a58bd0372

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8

SRPM
wavpack-5.1.0-16.el8.src.rpm	SHA-256: 7cbc8f885534a9679733e9d8b8f387fdad6ef6836ed0f7f3a2ac96903e7461bf
ppc64le
wavpack-5.1.0-16.el8.ppc64le.rpm	SHA-256: 2e6aa29de652a0d3fdad3f372ec4114d32c1d7fcb36908e8a440a1a7f4828be0
wavpack-debuginfo-5.1.0-16.el8.ppc64le.rpm	SHA-256: 267e1ead7d4f94567076328ff4cf9cd5daab1acaf50d88d612631141cf33eb06
wavpack-debugsource-5.1.0-16.el8.ppc64le.rpm	SHA-256: 5c396fd1c36f238178aec58af66c13ed8c9f732a2b92fdf9da5e065a58bd0372

Red Hat Enterprise Linux Server - TUS 8.8

SRPM
wavpack-5.1.0-16.el8.src.rpm	SHA-256: 7cbc8f885534a9679733e9d8b8f387fdad6ef6836ed0f7f3a2ac96903e7461bf
x86_64
wavpack-5.1.0-16.el8.i686.rpm	SHA-256: 3d4d5b147948d8db50107ce92b31426f79a77811fe529144a0815fd360dd83fe
wavpack-5.1.0-16.el8.x86_64.rpm	SHA-256: f5e5daf2859758a44819e22ff9ae3f68acd919648db7685a27c6f19de55776a9
wavpack-debuginfo-5.1.0-16.el8.i686.rpm	SHA-256: 8494ae44b057277ea6a0215255e0c7e694b3f0d8a7103c3ac5f64686cdfb7c74
wavpack-debuginfo-5.1.0-16.el8.x86_64.rpm	SHA-256: 5cd3c99b39a9b036661e7a4481a3309d3f32a5e3449d340bbdcca2bafd82ecc4
wavpack-debugsource-5.1.0-16.el8.i686.rpm	SHA-256: 31ffe5d611830ccc10d3fa5f91e996ed4c892c759e418f3678c8aeebc90d790a
wavpack-debugsource-5.1.0-16.el8.x86_64.rpm	SHA-256: 0202ea4e841917913fa314e056120060d3a4eb4e2f1ceb469eb9a69162dcfedc

Red Hat Enterprise Linux for ARM 64 8

SRPM
wavpack-5.1.0-16.el8.src.rpm	SHA-256: 7cbc8f885534a9679733e9d8b8f387fdad6ef6836ed0f7f3a2ac96903e7461bf
aarch64
wavpack-5.1.0-16.el8.aarch64.rpm	SHA-256: 39c4cfa1643f44939f09e383f99367e8bb10ba82291aa68d3b6e2c6a9e1f303f
wavpack-debuginfo-5.1.0-16.el8.aarch64.rpm	SHA-256: 86a19fef88d6905e5cbc4765defec6ef920bdbbf386c6809409669dca0bff9ed
wavpack-debugsource-5.1.0-16.el8.aarch64.rpm	SHA-256: ad59b884b96db15d0f535748f7ca569839751113843b5fc7c7bfa8bd9d2dadae

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8

SRPM
wavpack-5.1.0-16.el8.src.rpm	SHA-256: 7cbc8f885534a9679733e9d8b8f387fdad6ef6836ed0f7f3a2ac96903e7461bf
aarch64
wavpack-5.1.0-16.el8.aarch64.rpm	SHA-256: 39c4cfa1643f44939f09e383f99367e8bb10ba82291aa68d3b6e2c6a9e1f303f
wavpack-debuginfo-5.1.0-16.el8.aarch64.rpm	SHA-256: 86a19fef88d6905e5cbc4765defec6ef920bdbbf386c6809409669dca0bff9ed
wavpack-debugsource-5.1.0-16.el8.aarch64.rpm	SHA-256: ad59b884b96db15d0f535748f7ca569839751113843b5fc7c7bfa8bd9d2dadae

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8

SRPM
wavpack-5.1.0-16.el8.src.rpm	SHA-256: 7cbc8f885534a9679733e9d8b8f387fdad6ef6836ed0f7f3a2ac96903e7461bf
ppc64le
wavpack-5.1.0-16.el8.ppc64le.rpm	SHA-256: 2e6aa29de652a0d3fdad3f372ec4114d32c1d7fcb36908e8a440a1a7f4828be0
wavpack-debuginfo-5.1.0-16.el8.ppc64le.rpm	SHA-256: 267e1ead7d4f94567076328ff4cf9cd5daab1acaf50d88d612631141cf33eb06
wavpack-debugsource-5.1.0-16.el8.ppc64le.rpm	SHA-256: 5c396fd1c36f238178aec58af66c13ed8c9f732a2b92fdf9da5e065a58bd0372

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8

SRPM
wavpack-5.1.0-16.el8.src.rpm	SHA-256: 7cbc8f885534a9679733e9d8b8f387fdad6ef6836ed0f7f3a2ac96903e7461bf
x86_64
wavpack-5.1.0-16.el8.i686.rpm	SHA-256: 3d4d5b147948d8db50107ce92b31426f79a77811fe529144a0815fd360dd83fe
wavpack-5.1.0-16.el8.x86_64.rpm	SHA-256: f5e5daf2859758a44819e22ff9ae3f68acd919648db7685a27c6f19de55776a9
wavpack-debuginfo-5.1.0-16.el8.i686.rpm	SHA-256: 8494ae44b057277ea6a0215255e0c7e694b3f0d8a7103c3ac5f64686cdfb7c74
wavpack-debuginfo-5.1.0-16.el8.x86_64.rpm	SHA-256: 5cd3c99b39a9b036661e7a4481a3309d3f32a5e3449d340bbdcca2bafd82ecc4
wavpack-debugsource-5.1.0-16.el8.i686.rpm	SHA-256: 31ffe5d611830ccc10d3fa5f91e996ed4c892c759e418f3678c8aeebc90d790a
wavpack-debugsource-5.1.0-16.el8.x86_64.rpm	SHA-256: 0202ea4e841917913fa314e056120060d3a4eb4e2f1ceb469eb9a69162dcfedc

Red Hat CodeReady Linux Builder for x86_64 8

SRPM
x86_64
wavpack-debuginfo-5.1.0-16.el8.i686.rpm	SHA-256: 8494ae44b057277ea6a0215255e0c7e694b3f0d8a7103c3ac5f64686cdfb7c74
wavpack-debuginfo-5.1.0-16.el8.x86_64.rpm	SHA-256: 5cd3c99b39a9b036661e7a4481a3309d3f32a5e3449d340bbdcca2bafd82ecc4
wavpack-debugsource-5.1.0-16.el8.i686.rpm	SHA-256: 31ffe5d611830ccc10d3fa5f91e996ed4c892c759e418f3678c8aeebc90d790a
wavpack-debugsource-5.1.0-16.el8.x86_64.rpm	SHA-256: 0202ea4e841917913fa314e056120060d3a4eb4e2f1ceb469eb9a69162dcfedc
wavpack-devel-5.1.0-16.el8.i686.rpm	SHA-256: ea1e740f20a4a281e60e2a3adf516725e1664d417f5bce8d0689e0cc9e835d07
wavpack-devel-5.1.0-16.el8.x86_64.rpm	SHA-256: 67816a427a0599d8f6e8ca06ae93def4bca8856ba21aa6e7807cad8db9342ca2

Red Hat CodeReady Linux Builder for Power, little endian 8

SRPM
ppc64le
wavpack-debuginfo-5.1.0-16.el8.ppc64le.rpm	SHA-256: 267e1ead7d4f94567076328ff4cf9cd5daab1acaf50d88d612631141cf33eb06
wavpack-debugsource-5.1.0-16.el8.ppc64le.rpm	SHA-256: 5c396fd1c36f238178aec58af66c13ed8c9f732a2b92fdf9da5e065a58bd0372
wavpack-devel-5.1.0-16.el8.ppc64le.rpm	SHA-256: 00552b3d2d1eb6aed450220da832f572a90cbfd5d211900f0fc0231ea99f8235

Red Hat CodeReady Linux Builder for ARM 64 8

SRPM
aarch64
wavpack-debuginfo-5.1.0-16.el8.aarch64.rpm	SHA-256: 86a19fef88d6905e5cbc4765defec6ef920bdbbf386c6809409669dca0bff9ed
wavpack-debugsource-5.1.0-16.el8.aarch64.rpm	SHA-256: ad59b884b96db15d0f535748f7ca569839751113843b5fc7c7bfa8bd9d2dadae
wavpack-devel-5.1.0-16.el8.aarch64.rpm	SHA-256: f604df0b738d84260a1d571caf190c4f7bdbc12228290fcc94d72202eb38141a

Red Hat CodeReady Linux Builder for IBM z Systems 8

SRPM
s390x
wavpack-debuginfo-5.1.0-16.el8.s390x.rpm	SHA-256: 67d6b58b4e0becf2ce23e06daa30c2719678e4749c2526377c9762de70e572ba
wavpack-debugsource-5.1.0-16.el8.s390x.rpm	SHA-256: a6f794fff17e98b395550d89ec92bc31979a962cabb70cc8263e252364c13996
wavpack-devel-5.1.0-16.el8.s390x.rpm	SHA-256: 472429fe2a7367d909bca334035a52da9bd18fac38fe86e5a53aca632d2842d3

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.8

SRPM
x86_64
wavpack-debuginfo-5.1.0-16.el8.i686.rpm	SHA-256: 8494ae44b057277ea6a0215255e0c7e694b3f0d8a7103c3ac5f64686cdfb7c74
wavpack-debuginfo-5.1.0-16.el8.x86_64.rpm	SHA-256: 5cd3c99b39a9b036661e7a4481a3309d3f32a5e3449d340bbdcca2bafd82ecc4
wavpack-debugsource-5.1.0-16.el8.i686.rpm	SHA-256: 31ffe5d611830ccc10d3fa5f91e996ed4c892c759e418f3678c8aeebc90d790a
wavpack-debugsource-5.1.0-16.el8.x86_64.rpm	SHA-256: 0202ea4e841917913fa314e056120060d3a4eb4e2f1ceb469eb9a69162dcfedc
wavpack-devel-5.1.0-16.el8.i686.rpm	SHA-256: ea1e740f20a4a281e60e2a3adf516725e1664d417f5bce8d0689e0cc9e835d07
wavpack-devel-5.1.0-16.el8.x86_64.rpm	SHA-256: 67816a427a0599d8f6e8ca06ae93def4bca8856ba21aa6e7807cad8db9342ca2

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.8

SRPM
ppc64le
wavpack-debuginfo-5.1.0-16.el8.ppc64le.rpm	SHA-256: 267e1ead7d4f94567076328ff4cf9cd5daab1acaf50d88d612631141cf33eb06
wavpack-debugsource-5.1.0-16.el8.ppc64le.rpm	SHA-256: 5c396fd1c36f238178aec58af66c13ed8c9f732a2b92fdf9da5e065a58bd0372
wavpack-devel-5.1.0-16.el8.ppc64le.rpm	SHA-256: 00552b3d2d1eb6aed450220da832f572a90cbfd5d211900f0fc0231ea99f8235

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.8

SRPM
s390x
wavpack-debuginfo-5.1.0-16.el8.s390x.rpm	SHA-256: 67d6b58b4e0becf2ce23e06daa30c2719678e4749c2526377c9762de70e572ba
wavpack-debugsource-5.1.0-16.el8.s390x.rpm	SHA-256: a6f794fff17e98b395550d89ec92bc31979a962cabb70cc8263e252364c13996
wavpack-devel-5.1.0-16.el8.s390x.rpm	SHA-256: 472429fe2a7367d909bca334035a52da9bd18fac38fe86e5a53aca632d2842d3

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.8

SRPM
aarch64
wavpack-debuginfo-5.1.0-16.el8.aarch64.rpm	SHA-256: 86a19fef88d6905e5cbc4765defec6ef920bdbbf386c6809409669dca0bff9ed
wavpack-debugsource-5.1.0-16.el8.aarch64.rpm	SHA-256: ad59b884b96db15d0f535748f7ca569839751113843b5fc7c7bfa8bd9d2dadae
wavpack-devel-5.1.0-16.el8.aarch64.rpm	SHA-256: f604df0b738d84260a1d571caf190c4f7bdbc12228290fcc94d72202eb38141a

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.