Alerts This Week
Warning Icon 1 687
Alerts This Week
Warning Icon 1 687

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -4 articles for you...
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorybuffer overflowsoftware patch

openSUSE: 2023:3678-1 Moderate: MP3 Decoder Buffer Overflow Resolution

This update for flac fixes the following issues: CVE-2020-22219: Fixed a buffer overflow in function bitwriter_grow_ which might allow a remote attacker to run arbitrary code via crafted input to the. # Security update for flac Announcement ID: SUSE-SU-2023:3635-1 Rating: moderate References: * #1214615 Cross-References: * CVE-2020-22219 CVSS scores: * CVE-2020-22219 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2020-22219 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP4 * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP4 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for flac fixes the following issues: * CVE-2020-22219: Fixed a buffer overflow in function bitwriter_grow_ which might allow a remote attacker to run arbitrary code via crafted input to the encoder. (bsc#1214615) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2023-3635=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2023-3635=1 * Basesystem Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-3635=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2023-3635=1 * SUSE Package Hub 15 15-SP4 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-3635=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2023-3635=1 * SUSE Manager Proxy 4.2 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-3635=1 * SUSE Manager Retail Branch Server 4.2 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.2-2023-3635=1 * SUSE Manager Server 4.2 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-3635=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * flac-devel-1.3.2-150000.3.14.1 * libFLAC8-debuginfo-1.3.2-150000.3.14.1 * flac-1.3.2-150000.3.14.1 * libFLAC8-1.3.2-150000.3.14.1 * libFLAC++6-1.3.2-150000.3.14.1 * flac-debuginfo-1.3.2-150000.3.14.1 * flac-debugsource-1.3.2-150000.3.14.1 * libFLAC++6-debuginfo-1.3.2-150000.3.14.1 * openSUSE Leap 15.4 (x86_64) * flac-devel-32bit-1.3.2-150000.3.14.1 * libFLAC++6-32bit-1.3.2-150000.3.14.1 * libFLAC++6-32bit-debuginfo-1.3.2-150000.3.14.1 * libFLAC8-32bit-debuginfo-1.3.2-150000.3.14.1 * libFLAC8-32bit-1.3.2-150000.3.14.1 * openSUSE Leap 15.4 (noarch) * flac-doc-1.3.2-150000.3.14.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * flac-devel-1.3.2-150000.3.14.1 * libFLAC8-debuginfo-1.3.2-150000.3.14.1 * flac-1.3.2-150000.3.14.1 * libFLAC8-1.3.2-150000.3.14.1 * libFLAC++6-1.3.2-150000.3.14.1 * flac-debuginfo-1.3.2-150000.3.14.1 * flac-debugsource-1.3.2-150000.3.14.1 * libFLAC++6-debuginfo-1.3.2-150000.3.14.1 * openSUSE Leap 15.5(x86_64) * flac-devel-32bit-1.3.2-150000.3.14.1 * libFLAC++6-32bit-1.3.2-150000.3.14.1 * libFLAC++6-32bit-debuginfo-1.3.2-150000.3.14.1 * libFLAC8-32bit-debuginfo-1.3.2-150000.3.14.1 * libFLAC8-32bit-1.3.2-150000.3.14.1 * openSUSE Leap 15.5 (noarch) * flac-doc-1.3.2-150000.3.14.1 * Basesystem Module 15-SP4 (aarch64 ppc64le s390x x86_64) * flac-devel-1.3.2-150000.3.14.1 * libFLAC8-debuginfo-1.3.2-150000.3.14.1 * libFLAC8-1.3.2-150000.3.14.1 * libFLAC++6-1.3.2-150000.3.14.1 * flac-debuginfo-1.3.2-150000.3.14.1 * flac-debugsource-1.3.2-150000.3.14.1 * libFLAC++6-debuginfo-1.3.2-150000.3.14.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * flac-devel-1.3.2-150000.3.14.1 * libFLAC8-debuginfo-1.3.2-150000.3.14.1 * libFLAC8-1.3.2-150000.3.14.1 * libFLAC++6-1.3.2-150000.3.14.1 * flac-debuginfo-1.3.2-150000.3.14.1 * flac-debugsource-1.3.2-150000.3.14.1 * libFLAC++6-debuginfo-1.3.2-150000.3.14.1 * SUSE Package Hub 15 15-SP4 (aarch64 ppc64le s390x x86_64) * flac-debugsource-1.3.2-150000.3.14.1 * flac-1.3.2-150000.3.14.1 * flac-debuginfo-1.3.2-150000.3.14.1 * SUSE Package Hub 15 15-SP4 (x86_64) * libFLAC8-32bit-debuginfo-1.3.2-150000.3.14.1 * libFLAC8-32bit-1.3.2-150000.3.14.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * flac-debugsource-1.3.2-150000.3.14.1 * flac-1.3.2-150000.3.14.1 * flac-debuginfo-1.3.2-150000.3.14.1 * SUSE Package Hub 15 15-SP5 (x86_64) * libFLAC8-32bit-debuginfo-1.3.2-150000.3.14.1 * libFLAC8-32bit-1.3.2-150000.3.14.1 * SUSE Manager Proxy 4.2 (x86_64) * flac-devel-1.3.2-150000.3.14.1 * libFLAC8-debuginfo-1.3.2-150000.3.14.1 * libFLAC8-1.3.2-150000.3.14.1 * libFLAC++6-1.3.2-150000.3.14.1 * flac-debuginfo-1.3.2-150000.3.14.1 * flac-debugsource-1.3.2-150000.3.14.1 * libFLAC++6-debuginfo-1.3.2-150000.3.14.1 * SUSE Manager Retail Branch Server 4.2 (x86_64) * flac-devel-1.3.2-150000.3.14.1 *libFLAC8-debuginfo-1.3.2-150000.3.14.1 * libFLAC8-1.3.2-150000.3.14.1 * libFLAC++6-1.3.2-150000.3.14.1 * flac-debuginfo-1.3.2-150000.3.14.1 * flac-debugsource-1.3.2-150000.3.14.1 * libFLAC++6-debuginfo-1.3.2-150000.3.14.1 * SUSE Manager Server 4.2 (ppc64le s390x x86_64) * flac-devel-1.3.2-150000.3.14.1 * libFLAC8-debuginfo-1.3.2-150000.3.14.1 * libFLAC8-1.3.2-150000.3.14.1 * libFLAC++6-1.3.2-150000.3.14.1 * flac-debuginfo-1.3.2-150000.3.14.1 * flac-debugsource-1.3.2-150000.3.14.1 * libFLAC++6-debuginfo-1.3.2-150000.3.14.1 ## References: * https://www.suse.com/security/cve/CVE-2020-22219.html * https://bugzilla.suse.com/show_bug.cgi?id=1214615 . A new security patch for Flac addresses problems linked to buffer overflow vulnerabilities and includes detailed guidance for openSUSE users on how to apply the update.. Flac Security Fix, buffer Overflow Issue, openSUSE Patch Instructions. . LinuxSecurity.com Team

Calendar 2 Sep 18, 2023 OpenSUSE
217
Ls Advisories Oracle Esm H240
Price Tag 1security advisorysecurity updatesoftware patch

Oracle Linux 8 ELSA-2023-5046 Important Memory Fix for Flac

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2023-5046 https://linux.oracle.com/errata/ELSA-2023-5046.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: flac-libs-1.3.2-9.el8_8.1.i686.rpm flac-libs-1.3.2-9.el8_8.1.x86_64.rpm flac-1.3.2-9.el8_8.1.x86_64.rpm flac-devel-1.3.2-9.el8_8.1.i686.rpm flac-devel-1.3.2-9.el8_8.1.x86_64.rpm aarch64: flac-libs-1.3.2-9.el8_8.1.aarch64.rpm flac-1.3.2-9.el8_8.1.aarch64.rpm flac-devel-1.3.2-9.el8_8.1.aarch64.rpm SRPMS: https://oss.oracle.com:443/ol8/SRPMS-updates//flac-1.3.2-9.el8_8.1.src.rpm Related CVEs: CVE-2020-22219 Description of changes: [1.3.2-9.el8_8.1] - don't free memory that is still used after realloc() error (CVE-2020-22219) _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Crucial notice regarding Oracle Linux 8 which resolves a memory issue in flac. Information about the security advisory ELSA-2023-5046.. Oracle Linux Security, Flac Update, Memory Fix, Security Advisory, Flac Library Fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Sep 14, 2023 Important Oracle
Banner 3 1028x280 1708121785 1771599793
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorycriticalremote code execution

RedHat: RHSA-2023-5047-01 Critical: Flac Remote Code Execution Risk

An update for flac is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: flac security update Advisory ID: RHSA-2023:5047-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:5047 Issue date: 2023-09-11 CVE Names: CVE-2020-22219 ===================================================================== 1. Summary: An update for flac is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder EUS (v.9.0) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux AppStream EUS (v.9.0) - aarch64, ppc64le, s390x, x86_64 3. Description: FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Security Fix(es): * flac: Remote Code Execution (RCE) via the bitwriter_grow_ function, by supplying crafted input to the encoder (CVE-2020-22219) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes thechanges described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2235489 - CVE-2020-22219 flac: Remote Code Execution (RCE) via the bitwriter_grow_ function, by supplying crafted input to the encoder 6. Package List: Red Hat Enterprise Linux AppStream EUS (v.9.0): Source: flac-1.3.3-9.el9_0.1.src.rpm aarch64: flac-debuginfo-1.3.3-9.el9_0.1.aarch64.rpm flac-debugsource-1.3.3-9.el9_0.1.aarch64.rpm flac-libs-1.3.3-9.el9_0.1.aarch64.rpm flac-libs-debuginfo-1.3.3-9.el9_0.1.aarch64.rpm ppc64le: flac-debuginfo-1.3.3-9.el9_0.1.ppc64le.rpm flac-debugsource-1.3.3-9.el9_0.1.ppc64le.rpm flac-libs-1.3.3-9.el9_0.1.ppc64le.rpm flac-libs-debuginfo-1.3.3-9.el9_0.1.ppc64le.rpm s390x: flac-debuginfo-1.3.3-9.el9_0.1.s390x.rpm flac-debugsource-1.3.3-9.el9_0.1.s390x.rpm flac-libs-1.3.3-9.el9_0.1.s390x.rpm flac-libs-debuginfo-1.3.3-9.el9_0.1.s390x.rpm x86_64: flac-debuginfo-1.3.3-9.el9_0.1.i686.rpm flac-debuginfo-1.3.3-9.el9_0.1.x86_64.rpm flac-debugsource-1.3.3-9.el9_0.1.i686.rpm flac-debugsource-1.3.3-9.el9_0.1.x86_64.rpm flac-libs-1.3.3-9.el9_0.1.i686.rpm flac-libs-1.3.3-9.el9_0.1.x86_64.rpm flac-libs-debuginfo-1.3.3-9.el9_0.1.i686.rpm flac-libs-debuginfo-1.3.3-9.el9_0.1.x86_64.rpm Red Hat CodeReady Linux Builder EUS(v.9.0): aarch64: flac-1.3.3-9.el9_0.1.aarch64.rpm flac-debuginfo-1.3.3-9.el9_0.1.aarch64.rpm flac-debugsource-1.3.3-9.el9_0.1.aarch64.rpm flac-devel-1.3.3-9.el9_0.1.aarch64.rpm flac-libs-debuginfo-1.3.3-9.el9_0.1.aarch64.rpm ppc64le: flac-1.3.3-9.el9_0.1.ppc64le.rpm flac-debuginfo-1.3.3-9.el9_0.1.ppc64le.rpm flac-debugsource-1.3.3-9.el9_0.1.ppc64le.rpm flac-devel-1.3.3-9.el9_0.1.ppc64le.rpm flac-libs-debuginfo-1.3.3-9.el9_0.1.ppc64le.rpm s390x: flac-1.3.3-9.el9_0.1.s390x.rpm flac-debuginfo-1.3.3-9.el9_0.1.s390x.rpm flac-debugsource-1.3.3-9.el9_0.1.s390x.rpm flac-devel-1.3.3-9.el9_0.1.s390x.rpm flac-libs-debuginfo-1.3.3-9.el9_0.1.s390x.rpm x86_64: flac-1.3.3-9.el9_0.1.x86_64.rpm flac-debuginfo-1.3.3-9.el9_0.1.i686.rpm flac-debuginfo-1.3.3-9.el9_0.1.x86_64.rpm flac-debugsource-1.3.3-9.el9_0.1.i686.rpm flac-debugsource-1.3.3-9.el9_0.1.x86_64.rpm flac-devel-1.3.3-9.el9_0.1.i686.rpm flac-devel-1.3.3-9.el9_0.1.x86_64.rpm flac-libs-debuginfo-1.3.3-9.el9_0.1.i686.rpm flac-libs-debuginfo-1.3.3-9.el9_0.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-22219 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIcBAEBCAAGBQJk/2W0AAoJENzjgjWX9erEVtsQAKPL1XQYvc7K3DR2tWLr1D+O /RWQUK7EmUTP1GRrD0wNt/n1nuZS2/F0ZiKdITNIqPqmHigcYIOB9ztcee8gvfOK +fVek5h/tpHAK5KlEd4dVBbPio4SB9Z4oy0u51KMToFqGWNYfJRvrm4sUv5/RDiG Z4re1WVpYiiWkGxL9I5c+U1m7mKoZYmeirv/N3Uk3jygJgNHuW2qF3JpoiHN/o1N AMJUEChM4FDG3KZ/aEtTb42JDOXBeJqc3H316zgrk0cGIRC3tKcEc0PynikVykMe EAEpCfVRL2CRGhqM2//KG+ddt/cm4rUwk5BeLX3+d9Kz+/XAqrk6e3nvpoMahmfl F3lp7yqSxbPbVU+s2cEwF3bTQKLYlEVXzvtqWTx4byNXwj88N7cmeH6kAeD2kk3B 7pV30urIIvNgN4Ai3M5Ff8X5wQaVC1N0O4DFaqMGwJMc6MP+e8qdeEM6BgTKFddL 8vcFkC4UWnDNRYEx0m2IahbxPL+5VUrE9oODf9qcb7a6qdrlHscHEXtvZNVchxEx WM25p8rneBpWGF+gMO2YnB9iPDPK2qsq2tnWtquonGVbBTG6IfgYpbWBkUszDPYF a1VPbaLNP5LtyBnAJmkWnU5T3Rm9FIlQf5ICF/weWgMfjwhyFvaiQoldgREULxwE ZfIX7D1YfTjGcpruvlYH =eQDr -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Canonical has announced a critical security patch for gstreamer, tackling potential privilege escalation vulnerabilities in Ubuntu 22.04 LTS.. Red Hat Security Update, flac, Important Security Fix, Remote Code Execution. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Sep 11, 2023 Important Red Hat
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryremote code executionRed Hat Enterprise Linux

Red Hat Enterprise Linux 8.6 RHSA-2023-5045-01 Important Flac RCE Fix

An update for flac is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: flac security update Advisory ID: RHSA-2023:5045-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:5045 Issue date: 2023-09-11 CVE Names: CVE-2020-22219 ===================================================================== 1. Summary: An update for flac is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder EUS (v.8.6) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux AppStream EUS (v.8.6) - aarch64, ppc64le, s390x, x86_64 3. Description: FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Security Fix(es): * flac: Remote Code Execution (RCE) via the bitwriter_grow_ function, by supplying crafted input to the encoder (CVE-2020-22219) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes thechanges described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2235489 - CVE-2020-22219 flac: Remote Code Execution (RCE) via the bitwriter_grow_ function, by supplying crafted input to the encoder 6. Package List: Red Hat Enterprise Linux AppStream EUS (v.8.6): Source: flac-1.3.2-9.el8_6.1.src.rpm aarch64: flac-debuginfo-1.3.2-9.el8_6.1.aarch64.rpm flac-debugsource-1.3.2-9.el8_6.1.aarch64.rpm flac-libs-1.3.2-9.el8_6.1.aarch64.rpm flac-libs-debuginfo-1.3.2-9.el8_6.1.aarch64.rpm ppc64le: flac-debuginfo-1.3.2-9.el8_6.1.ppc64le.rpm flac-debugsource-1.3.2-9.el8_6.1.ppc64le.rpm flac-libs-1.3.2-9.el8_6.1.ppc64le.rpm flac-libs-debuginfo-1.3.2-9.el8_6.1.ppc64le.rpm s390x: flac-debuginfo-1.3.2-9.el8_6.1.s390x.rpm flac-debugsource-1.3.2-9.el8_6.1.s390x.rpm flac-libs-1.3.2-9.el8_6.1.s390x.rpm flac-libs-debuginfo-1.3.2-9.el8_6.1.s390x.rpm x86_64: flac-debuginfo-1.3.2-9.el8_6.1.i686.rpm flac-debuginfo-1.3.2-9.el8_6.1.x86_64.rpm flac-debugsource-1.3.2-9.el8_6.1.i686.rpm flac-debugsource-1.3.2-9.el8_6.1.x86_64.rpm flac-libs-1.3.2-9.el8_6.1.i686.rpm flac-libs-1.3.2-9.el8_6.1.x86_64.rpm flac-libs-debuginfo-1.3.2-9.el8_6.1.i686.rpm flac-libs-debuginfo-1.3.2-9.el8_6.1.x86_64.rpm Red Hat CodeReady Linux Builder EUS(v.8.6): aarch64: flac-1.3.2-9.el8_6.1.aarch64.rpm flac-debuginfo-1.3.2-9.el8_6.1.aarch64.rpm flac-debugsource-1.3.2-9.el8_6.1.aarch64.rpm flac-devel-1.3.2-9.el8_6.1.aarch64.rpm flac-libs-debuginfo-1.3.2-9.el8_6.1.aarch64.rpm ppc64le: flac-1.3.2-9.el8_6.1.ppc64le.rpm flac-debuginfo-1.3.2-9.el8_6.1.ppc64le.rpm flac-debugsource-1.3.2-9.el8_6.1.ppc64le.rpm flac-devel-1.3.2-9.el8_6.1.ppc64le.rpm flac-libs-debuginfo-1.3.2-9.el8_6.1.ppc64le.rpm s390x: flac-1.3.2-9.el8_6.1.s390x.rpm flac-debuginfo-1.3.2-9.el8_6.1.s390x.rpm flac-debugsource-1.3.2-9.el8_6.1.s390x.rpm flac-devel-1.3.2-9.el8_6.1.s390x.rpm flac-libs-debuginfo-1.3.2-9.el8_6.1.s390x.rpm x86_64: flac-1.3.2-9.el8_6.1.x86_64.rpm flac-debuginfo-1.3.2-9.el8_6.1.i686.rpm flac-debuginfo-1.3.2-9.el8_6.1.x86_64.rpm flac-debugsource-1.3.2-9.el8_6.1.i686.rpm flac-debugsource-1.3.2-9.el8_6.1.x86_64.rpm flac-devel-1.3.2-9.el8_6.1.i686.rpm flac-devel-1.3.2-9.el8_6.1.x86_64.rpm flac-libs-debuginfo-1.3.2-9.el8_6.1.i686.rpm flac-libs-debuginfo-1.3.2-9.el8_6.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-22219 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIcBAEBCAAGBQJk/2WxAAoJENzjgjWX9erEOXsP/0lMVJOTkfVKKgY9KLp+VH3T k4hTVaEJKIT2hl9twoFNZpS6QIAIRy5qJ9J7g4LgC25H5cWi+6ELFcvUXhwdwiFL vvvQtLwCjjzGfO2aJA4fhBkUTYIpprgIolfWBXi1TVLmeJsNRevm6EGEz08fsAKI UV22rjOX4o5AWymTdvUHGQTeGmpAIAAwmskvEh6s/i+5v+8fhXjVUeXolNRstW8Z kkrNYcAYDHWIMLdnuQr+MjxUusU4C9G1trDIcL61ABEZIdOEdLh0rfOmaSOBGGEM NYpBlDzEtfHbtI17WUfVjwe5Huo7P+N3P3oGeEQk56TUvXSP+saqjV8EJsU4dck9 K4gQCePTK/jtavhFXLlj28Vlp0dg60gVZk5pD2jJc3mIbXC0qC9CGMz0Q6dJTBs5 K4lMp1x25fFktl2d5Ch2j3tpTkMy3FZw5Xe5ZEm88RhZEISkJjxedPSE4W/LGvDL pagrh6VChmRHU9CJORlSWUhec6S72BAaekKdM6O8ZtTL2ed8TQH4ZbJzIX/AGWEP ohDllbhMf92XcmCXK2vxxLD757NxFkYuKN+PT/0Ryk1IZIaZJ0apHSphw3OCNQMa piOS11OCn6aMVnXRFGnQKTXkhEb9MZy/3VswpX6dGhdVuiuzVU0TZ9xZIianPstv hTU1rb/UzGFlbmQMD1Rm =N6/A -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . A significant patch for flac targeting a remote code execution flaw in Red Hat Enterprise Linux has been issued.. Flac Security Update, Remote Code Execution, Red Hat Advisory, Important Security Fix, Linux Update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Sep 11, 2023 Important Red Hat
Banner 3 1028x280 1708121785 1771599793
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryremote code executionred hat enterprise

Red Hat Enterprise Linux 9: RHSA-2023-5048-01 Critical: FLAC RCE Issue

An update for flac is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: flac security update Advisory ID: RHSA-2023:5048-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:5048 Issue date: 2023-09-11 CVE Names: CVE-2020-22219 ===================================================================== 1. Summary: An update for flac is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux CRB (v. 9) - aarch64, ppc64le, s390x, x86_64 3. Description: FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Security Fix(es): * flac: Remote Code Execution (RCE) via the bitwriter_grow_ function, by supplying crafted input to the encoder (CVE-2020-22219) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, whichincludes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2235489 - CVE-2020-22219 flac: Remote Code Execution (RCE) via the bitwriter_grow_ function, by supplying crafted input to the encoder 6. Package List: Red Hat Enterprise Linux AppStream (v. 9): Source: flac-1.3.3-10.el9_2.1.src.rpm aarch64: flac-debuginfo-1.3.3-10.el9_2.1.aarch64.rpm flac-debugsource-1.3.3-10.el9_2.1.aarch64.rpm flac-libs-1.3.3-10.el9_2.1.aarch64.rpm flac-libs-debuginfo-1.3.3-10.el9_2.1.aarch64.rpm ppc64le: flac-debuginfo-1.3.3-10.el9_2.1.ppc64le.rpm flac-debugsource-1.3.3-10.el9_2.1.ppc64le.rpm flac-libs-1.3.3-10.el9_2.1.ppc64le.rpm flac-libs-debuginfo-1.3.3-10.el9_2.1.ppc64le.rpm s390x: flac-debuginfo-1.3.3-10.el9_2.1.s390x.rpm flac-debugsource-1.3.3-10.el9_2.1.s390x.rpm flac-libs-1.3.3-10.el9_2.1.s390x.rpm flac-libs-debuginfo-1.3.3-10.el9_2.1.s390x.rpm x86_64: flac-debuginfo-1.3.3-10.el9_2.1.i686.rpm flac-debuginfo-1.3.3-10.el9_2.1.x86_64.rpm flac-debugsource-1.3.3-10.el9_2.1.i686.rpm flac-debugsource-1.3.3-10.el9_2.1.x86_64.rpm flac-libs-1.3.3-10.el9_2.1.i686.rpm flac-libs-1.3.3-10.el9_2.1.x86_64.rpm flac-libs-debuginfo-1.3.3-10.el9_2.1.i686.rpm flac-libs-debuginfo-1.3.3-10.el9_2.1.x86_64.rpm Red Hat Enterprise Linux CRB (v.9): aarch64: flac-1.3.3-10.el9_2.1.aarch64.rpm flac-debuginfo-1.3.3-10.el9_2.1.aarch64.rpm flac-debugsource-1.3.3-10.el9_2.1.aarch64.rpm flac-devel-1.3.3-10.el9_2.1.aarch64.rpm flac-libs-debuginfo-1.3.3-10.el9_2.1.aarch64.rpm ppc64le: flac-1.3.3-10.el9_2.1.ppc64le.rpm flac-debuginfo-1.3.3-10.el9_2.1.ppc64le.rpm flac-debugsource-1.3.3-10.el9_2.1.ppc64le.rpm flac-devel-1.3.3-10.el9_2.1.ppc64le.rpm flac-libs-debuginfo-1.3.3-10.el9_2.1.ppc64le.rpm s390x: flac-1.3.3-10.el9_2.1.s390x.rpm flac-debuginfo-1.3.3-10.el9_2.1.s390x.rpm flac-debugsource-1.3.3-10.el9_2.1.s390x.rpm flac-devel-1.3.3-10.el9_2.1.s390x.rpm flac-libs-debuginfo-1.3.3-10.el9_2.1.s390x.rpm x86_64: flac-1.3.3-10.el9_2.1.x86_64.rpm flac-debuginfo-1.3.3-10.el9_2.1.i686.rpm flac-debuginfo-1.3.3-10.el9_2.1.x86_64.rpm flac-debugsource-1.3.3-10.el9_2.1.i686.rpm flac-debugsource-1.3.3-10.el9_2.1.x86_64.rpm flac-devel-1.3.3-10.el9_2.1.i686.rpm flac-devel-1.3.3-10.el9_2.1.x86_64.rpm flac-libs-debuginfo-1.3.3-10.el9_2.1.i686.rpm flac-libs-debuginfo-1.3.3-10.el9_2.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-22219 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIcBAEBCAAGBQJk/2WhAAoJENzjgjWX9erE3DYP+wS27lw358et2AX5osfA6VS8 E/1q3v2t/JoCafeDq18wz0scuio5KLVdzxxxv+LJy/bozmkLhyKXIEqj2tTrQF4p /m27rDypksancVGZClu8GhO1fexyzzywhPO1jVdRRzbvL2cbDLoSy1aUL09m8fyf bQCSMtIUIi2GB0j/o2ANU6kGZNeVLIZzN3sBeh+UPCRRWKeazPt1aIgw/X7Lp9Fj HWY2lpSz11SHNYfi+w8zueDREcRrK27K9+IEEtZmYntWJ1HIHucGTFmo3phM80fL RPFeUDQTc9/T+opHXaXgqwXGm2F9h1+UCNhXn8Ce81diTOthGQqA7hn1o1AfPJEw CAcyYZC6koez06KkX8MC4nTpSSBaGZg3qQawYEd/Fvv8AKyrqdQ8j+SW91rro87i BV8unUKfk/85ae/4z+zxDGAEwKqGF1Oq0IkZNPHGw6pyRXXtn8y2zpTGROd6Ovce nVLVr1OP9rUdPJ5LQkr6AC0avwRNakOTaoqxrIrS8ZWho436w44+Q2ba3uHbP/t+ 1JG2w+ckAw8eU9bzY5k9i0yjeTYBDJfAC9FLSjc+MkzbUh+jtS+ODIOch6Ef0zqY nVjvrOI4a9p/giLKEnJJA851tQ4Pik7/KtJx0mE81I4ibBNOYbqHtWEDQA42tDPN 1c72yatovuF8qIjLkBbY =s/9A -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Major flac patch for CentOS 8 bolsters protection and mitigates vulnerabilities related to remote command execution threats.. Red Hat Enterprise, flac Security Update, Important Fix, Remote Code Execution, Security Advisory. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Sep 11, 2023 Important Red Hat
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here