UbuntuUpdates.org

Package "flac"

Name: flac

Description:

Free Lossless Audio Codec - command line tools

Latest version: 1.3.3-1ubuntu0.2
Release: focal (20.04)
Level: security
Repository: universe
Homepage: http://xiph.org/flac/

Links


Download "flac"


Other versions of "flac" in Focal

Repository Area Version
base main 1.3.3-1build1
base universe 1.3.3-1build1
security main 1.3.3-1ubuntu0.2
updates main 1.3.3-1ubuntu0.2
updates universe 1.3.3-1ubuntu0.2

Changelog

Version: 1.3.3-1ubuntu0.2 2023-09-12 19:08:02 UTC

  flac (1.3.3-1ubuntu0.2) focal-security; urgency=medium

  * SECURITY UPDATE: Buffer Overflow in function bitwriter_grow_
    - debian/patches/CVE-2020-22219.patch: add and use _nofree variants of
      safe_realloc functions in include/share/alloc.h, src/flac/encode.c,
      src/flac/foreign_metadata.c, src/libFLAC/bitwriter.c,
      src/libFLAC/metadata_object.c, src/plugin_common/tags.c,
      src/share/utf8/iconvert.c.
    - CVE-2020-22219

 -- Marc Deslauriers <email address hidden> Mon, 11 Sep 2023 14:07:03 -0400

Source diff to previous version
CVE-2020-22219 Buffer Overflow vulnerability in function bitwriter_grow_ in flac before 1.4.0 allows remote attackers to run arbitrary code via crafted input to the

Version: 1.3.3-1ubuntu0.1 2022-11-21 13:07:16 UTC

  flac (1.3.3-1ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: out of bounds read in bitreader.c
    - debian/patches/CVE-2020-0499.patch: fix out-of-bounds read
      (libFLAC/bitreader.c).
    - CVE-2020-0499
  * SECURITY UPDATE: out of bounds write in stream_encoder.c
    - debian/patches/CVE-2021-0561.patch: exit at EOS in verify mode
      (libFLAC).
    - CVE-2021-0561

 -- Camila Camargo de Matos <email address hidden> Thu, 17 Nov 2022 12:53:39 -0300

CVE-2020-0499 In FLAC__bitreader_read_rice_signed_block of bitreader.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to re
CVE-2021-0561 In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to



About   -   Send Feedback to @ubuntu_updates