UbuntuUpdates.org

Package "flac"

Name: flac

Description:

Free Lossless Audio Codec - command line tools
Latest version: 1.3.3-2ubuntu0.2
Release: jammy (22.04)
Level: security
Repository: universe
Homepage: https://xiph.org/flac/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "flac"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "flac" in Jammy

Repository Area Version
base main 1.3.3-2build2
base universe 1.3.3-2build2
security main 1.3.3-2ubuntu0.2
updates main 1.3.3-2ubuntu0.2
updates universe 1.3.3-2ubuntu0.2

Changelog

Version: 1.3.3-2ubuntu0.2 2023-09-12 19:08:09 UTC

  flac (1.3.3-2ubuntu0.2) jammy-security; urgency=medium

  * SECURITY UPDATE: Buffer Overflow in function bitwriter_grow_
    - debian/patches/CVE-2020-22219.patch: add and use _nofree variants of
      safe_realloc functions in include/share/alloc.h, src/flac/encode.c,
      src/flac/foreign_metadata.c, src/libFLAC/bitwriter.c,
      src/libFLAC/metadata_object.c, src/plugin_common/tags.c,
      src/share/utf8/iconvert.c.
    - CVE-2020-22219

 -- Marc Deslauriers <email address hidden> Mon, 11 Sep 2023 14:04:48 -0400
Source diff to previous version
CVE-2020-22219 Buffer Overflow vulnerability in function bitwriter_grow_ in flac before 1.4.0 allows remote attackers to run arbitrary code via crafted input to the

Version: 1.3.3-2ubuntu0.1 2022-11-21 13:07:18 UTC

  flac (1.3.3-2ubuntu0.1) jammy-security; urgency=medium

  * SECURITY UPDATE: out of bounds write in stream_encoder.c
    - debian/patches/CVE-2021-0561.patch: exit at EOS in verify mode
      (libFLAC).
    - CVE-2021-0561

 -- Camila Camargo de Matos <email address hidden> Thu, 17 Nov 2022 12:54:19 -0300
CVE-2021-0561 In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to


About   -   Send Feedback to @ubuntu_updates