Package "flac"

  flac (1.3.3-1ubuntu0.2) focal-security; urgency=medium

  * SECURITY UPDATE: Buffer Overflow in function bitwriter_grow_
    - debian/patches/CVE-2020-22219.patch: add and use _nofree variants of
      safe_realloc functions in include/share/alloc.h, src/flac/encode.c,
      src/flac/foreign_metadata.c, src/libFLAC/bitwriter.c,
      src/libFLAC/metadata_object.c, src/plugin_common/tags.c,
      src/share/utf8/iconvert.c.
    - CVE-2020-22219

 -- Marc Deslauriers <email address hidden> Mon, 11 Sep 2023 14:07:03 -0400

  flac (1.3.3-1ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: out of bounds read in bitreader.c
    - debian/patches/CVE-2020-0499.patch: fix out-of-bounds read
      (libFLAC/bitreader.c).
    - CVE-2020-0499
  * SECURITY UPDATE: out of bounds write in stream_encoder.c
    - debian/patches/CVE-2021-0561.patch: exit at EOS in verify mode
      (libFLAC).
    - CVE-2021-0561

 -- Camila Camargo de Matos <email address hidden> Thu, 17 Nov 2022 12:53:39 -0300