What Are You Looking For?

Sign Up

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3082-1                   security@debian.org
http://www.debian.org/security/                        Sebastien Delafond
November 30, 2014                      http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : flac
CVE ID         : CVE-2014-8962 CVE-2014-9028
Debian Bug     : 770918

Michele Spagnuolo, of Google Security Team, and Miroslav Lichvar, of
Red Hat, discovered two issues in flac, a library handling Free
Lossless Audio Codec media: by providing a specially crafted FLAC
file, an attacker could execute arbitrary code.

For the stable distribution (wheezy), these problems have been fixed in
version 1.2.1-6+deb7u1.

For the testing distribution (jessie) and unstable distribution (sid),
these problems have been fixed in version 1.3.0-3.

We recommend that you upgrade your flac packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org

Debian: DSA-3082-1: flac security update

November 30, 2014
Michele Spagnuolo, of Google Security Team, and Miroslav Lichvar, of Red Hat, discovered two issues in flac, a library handling Free Lossless Audio Codec media: by providing a spec...

Summary

For the stable distribution (wheezy), these problems have been fixed in
version 1.2.1-6+deb7u1.

For the testing distribution (jessie) and unstable distribution (sid),
these problems have been fixed in version 1.3.0-3.

We recommend that you upgrade your flac packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org

Severity
Michele Spagnuolo, of Google Security Team, and Miroslav Lichvar, of
Red Hat, discovered two issues in flac, a library handling Free
Lossless Audio Codec media: by providing a specially crafted FLAC
file, an attacker could execute arbitrary code.

Related News

Krasue RAT Malware Hides on Linux Servers Using Embedded Rootkits

Dec 7, 2023

Kali vs. ParrotOS: 2 Versatile Linux Distros for Security Pros

Dec 9, 2023

Kali Linux 2023.4 Released With New Hacking Tools

Dec 6, 2023

Severe Firefox, Thunderbird Bugs Could Lead to System Takeover

Dec 2, 2023

News

Advisories

HOWTOs

Features

Password Guessing as an Attack Vector
Using Open Source to Ensure Compliance & Data Integrity through Data Governance
Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management

About Us

Powered By

Footer Logo