UbuntuUpdates.org

Package "flac"

Name: flac

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Free Lossless Audio Codec - C++ development library
  • Free Lossless Audio Codec - C++ runtime library
  • Free Lossless Audio Codec - C development library
  • Free Lossless Audio Codec - library documentation

Latest version: 1.3.2-1ubuntu0.1
Release: bionic (18.04)
Level: security
Repository: main

Links



Other versions of "flac" in Bionic

Repository Area Version
base main 1.3.2-1
base universe 1.3.2-1
security universe 1.3.2-1ubuntu0.1
updates main 1.3.2-1ubuntu0.1
updates universe 1.3.2-1ubuntu0.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.3.2-1ubuntu0.1 2022-11-21 13:07:12 UTC

  flac (1.3.2-1ubuntu0.1) bionic-security; urgency=medium

  * SECURITY UPDATE: memory leak in stream_decoder.c
    - debian/patches/CVE-2017-6888.patch: fix a memory leak
      (stream_decoder.c).
    - CVE-2017-6888
  * SECURITY UPDATE: out of bounds read in bitreader.c
    - debian/patches/CVE-2020-0499.patch: fix out-of-bounds read
      (libFLAC/bitreader.c).
    - CVE-2020-0499
  * SECURITY UPDATE: out of bounds write in stream_encoder.c
    - debian/patches/CVE-2021-0561.patch: exit at EOS in verify mode
      (libFLAC).
    - CVE-2021-0561

 -- Camila Camargo de Matos <email address hidden> Thu, 17 Nov 2022 12:53:03 -0300

CVE-2017-6888 An error in the "read_metadata_vorbiscomment_()" function (src/libFLAC/stream_decoder.c) in FLAC version 1.3.2 can be exploited to cause a memory lea
CVE-2020-0499 In FLAC__bitreader_read_rice_signed_block of bitreader.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to re
CVE-2021-0561 In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to



About   -   Send Feedback to @ubuntu_updates