FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

wavpack -- integer overflow in pack_utils.c

Affected packages
wavpack < 5.4.0

Details

VuXML ID 6d554d6e-5638-11eb-9d36-5404a68ad561
Discovery 2020-12-29
Entry 2021-01-14

The wavpack project reports:

src/pack_utils.c - issue #91: fix integer overflows resulting in buffer overruns (CVE-2020-35738) - sanitize configuration parameters better (improves clarity and aids debugging)

References

CVE Name CVE-2020-35738
URL https://github.com/dbry/WavPack/blob/733616993d53cc1f9a7ffb88a858447ba51eb0ee/ChangeLog