Описание
ELSA-2015-0767: flac security update (IMPORTANT)
[1.3.0-5]
- fix buffer overflow when processing ID3v2 metadata (CVE-2014-8962)
- fix buffer overflow with invalid blocksize (CVE-2014-9028)
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
flac
1.2.1-7.el6_6
flac-devel
1.2.1-7.el6_6
Oracle Linux i686
flac
1.2.1-7.el6_6
flac-devel
1.2.1-7.el6_6
Oracle Linux sparc64
flac
1.2.1-7.el6_6
flac-devel
1.2.1-7.el6_6
Oracle Linux 7
Oracle Linux aarch64
flac
1.3.0-5.el7_1
flac-devel
1.3.0-5.el7_1
flac-libs
1.3.0-5.el7_1
Oracle Linux x86_64
flac
1.3.0-5.el7_1
flac-devel
1.3.0-5.el7_1
flac-libs
1.3.0-5.el7_1
Связанные CVE
Связанные уязвимости
Heap-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file.
Heap-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file.
Heap-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file.
Heap-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 ...
Stack-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file.