UbuntuUpdates.org

Package "libflac++6v5"

Name: libflac++6v5

Description:

Free Lossless Audio Codec - C++ runtime library

Latest version: 1.3.3-2ubuntu0.2
Release: jammy (22.04)
Level: security
Repository: main
Head package: flac
Homepage: https://xiph.org/flac/

Links


Download "libflac++6v5"


Other versions of "libflac++6v5" in Jammy

Repository Area Version
base main 1.3.3-2build2
updates main 1.3.3-2ubuntu0.2

Changelog

Version: 1.3.3-2ubuntu0.2 2023-09-12 19:08:05 UTC

  flac (1.3.3-2ubuntu0.2) jammy-security; urgency=medium

  * SECURITY UPDATE: Buffer Overflow in function bitwriter_grow_
    - debian/patches/CVE-2020-22219.patch: add and use _nofree variants of
      safe_realloc functions in include/share/alloc.h, src/flac/encode.c,
      src/flac/foreign_metadata.c, src/libFLAC/bitwriter.c,
      src/libFLAC/metadata_object.c, src/plugin_common/tags.c,
      src/share/utf8/iconvert.c.
    - CVE-2020-22219

 -- Marc Deslauriers <email address hidden> Mon, 11 Sep 2023 14:04:48 -0400

Source diff to previous version
CVE-2020-22219 Buffer Overflow vulnerability in function bitwriter_grow_ in flac before 1.4.0 allows remote attackers to run arbitrary code via crafted input to the

Version: 1.3.3-2ubuntu0.1 2022-11-21 13:07:17 UTC

  flac (1.3.3-2ubuntu0.1) jammy-security; urgency=medium

  * SECURITY UPDATE: out of bounds write in stream_encoder.c
    - debian/patches/CVE-2021-0561.patch: exit at EOS in verify mode
      (libFLAC).
    - CVE-2021-0561

 -- Camila Camargo de Matos <email address hidden> Thu, 17 Nov 2022 12:54:19 -0300

CVE-2021-0561 In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to



About   -   Send Feedback to @ubuntu_updates