Headline
RHSA-2023:5045: Red Hat Security Advisory: flac security update
An update for flac is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2020-22219: A flaw was found in the libeconf library. This issue occurs due to a buffer overflow vulnerability in the bitwriter_grow_ function in FLAC that allows remote attackers to run arbitrary code via crafted input to the encoder.
Synopsis
Important: flac security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for flac is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files.
Security Fix(es):
- flac: Remote Code Execution (RCE) via the bitwriter_grow_ function, by supplying crafted input to the encoder (CVE-2020-22219)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
- Red Hat Enterprise Linux Server - AUS 8.6 x86_64
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6 s390x
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le
- Red Hat Enterprise Linux Server - TUS 8.6 x86_64
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6 aarch64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64
- Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.6 x86_64
- Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.6 ppc64le
- Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.6 s390x
- Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.6 aarch64
Fixes
- BZ - 2235489 - CVE-2020-22219 flac: Remote Code Execution (RCE) via the bitwriter_grow_ function, by supplying crafted input to the encoder
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6
SRPM
flac-1.3.2-9.el8_6.1.src.rpm
SHA-256: cbdecefbe10686614295a09364fad9496f62671692d3590648df4aca9c8a7c60
x86_64
flac-debuginfo-1.3.2-9.el8_6.1.i686.rpm
SHA-256: 05578fc3b7cc760e3a5e3f30cc605e826c5a52e199548bc3f70cde40172a3f50
flac-debuginfo-1.3.2-9.el8_6.1.x86_64.rpm
SHA-256: 8f6dfc756a6e83e6722d5703534c68c1afb0da4a51757adf9f1393b27ba59aae
flac-debugsource-1.3.2-9.el8_6.1.i686.rpm
SHA-256: c71b51c3eb771df3746a5e3bf5206f827b107f53ad2a82da3d928f72aa4eae10
flac-debugsource-1.3.2-9.el8_6.1.x86_64.rpm
SHA-256: 0df076a6b62c44f44a79c5bce6cd283b65ca2e2e6fa45c57ac55de07a8c82d6f
flac-libs-1.3.2-9.el8_6.1.i686.rpm
SHA-256: 32696687cffdedef0f7672fcc77046c2eaaeee216ccd6f63242ae61fe5c15d97
flac-libs-1.3.2-9.el8_6.1.x86_64.rpm
SHA-256: 68660e3d4a814862d372344f5296b18661c483373fdb9470538bdbfefdbb6355
flac-libs-debuginfo-1.3.2-9.el8_6.1.i686.rpm
SHA-256: 23027ff26985e4f459ddaeae5d17df8ee80c2a3a9a6db2886ad0c9bcb02cc7d8
flac-libs-debuginfo-1.3.2-9.el8_6.1.x86_64.rpm
SHA-256: 477dab3997f7a75b044aef1efa98790dc41d8f2fdd40ccab636e19ab67599b7e
Red Hat Enterprise Linux Server - AUS 8.6
SRPM
flac-1.3.2-9.el8_6.1.src.rpm
SHA-256: cbdecefbe10686614295a09364fad9496f62671692d3590648df4aca9c8a7c60
x86_64
flac-debuginfo-1.3.2-9.el8_6.1.i686.rpm
SHA-256: 05578fc3b7cc760e3a5e3f30cc605e826c5a52e199548bc3f70cde40172a3f50
flac-debuginfo-1.3.2-9.el8_6.1.x86_64.rpm
SHA-256: 8f6dfc756a6e83e6722d5703534c68c1afb0da4a51757adf9f1393b27ba59aae
flac-debugsource-1.3.2-9.el8_6.1.i686.rpm
SHA-256: c71b51c3eb771df3746a5e3bf5206f827b107f53ad2a82da3d928f72aa4eae10
flac-debugsource-1.3.2-9.el8_6.1.x86_64.rpm
SHA-256: 0df076a6b62c44f44a79c5bce6cd283b65ca2e2e6fa45c57ac55de07a8c82d6f
flac-libs-1.3.2-9.el8_6.1.i686.rpm
SHA-256: 32696687cffdedef0f7672fcc77046c2eaaeee216ccd6f63242ae61fe5c15d97
flac-libs-1.3.2-9.el8_6.1.x86_64.rpm
SHA-256: 68660e3d4a814862d372344f5296b18661c483373fdb9470538bdbfefdbb6355
flac-libs-debuginfo-1.3.2-9.el8_6.1.i686.rpm
SHA-256: 23027ff26985e4f459ddaeae5d17df8ee80c2a3a9a6db2886ad0c9bcb02cc7d8
flac-libs-debuginfo-1.3.2-9.el8_6.1.x86_64.rpm
SHA-256: 477dab3997f7a75b044aef1efa98790dc41d8f2fdd40ccab636e19ab67599b7e
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6
SRPM
flac-1.3.2-9.el8_6.1.src.rpm
SHA-256: cbdecefbe10686614295a09364fad9496f62671692d3590648df4aca9c8a7c60
s390x
flac-debuginfo-1.3.2-9.el8_6.1.s390x.rpm
SHA-256: 88d81850df12bbf27adc2388741fc8f9a503428582a53f7f1f475282af1f2090
flac-debugsource-1.3.2-9.el8_6.1.s390x.rpm
SHA-256: ef33f8aca456e61aed5e561ae5bb2d5da23d990ac12b67c6c99ff984aee10702
flac-libs-1.3.2-9.el8_6.1.s390x.rpm
SHA-256: e876ae4586c0479614563aa6a4f12783ac0a8330bad89a40c43f9c8d49a37e41
flac-libs-debuginfo-1.3.2-9.el8_6.1.s390x.rpm
SHA-256: f3b659b9c03d68e812bee29a7ac64e32584c058113f0c71d2a43b477f3d899d9
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6
SRPM
flac-1.3.2-9.el8_6.1.src.rpm
SHA-256: cbdecefbe10686614295a09364fad9496f62671692d3590648df4aca9c8a7c60
ppc64le
flac-debuginfo-1.3.2-9.el8_6.1.ppc64le.rpm
SHA-256: 276cdb8fd80a3f79339081a91916705c463d4fd5ef11dc3cbd0b99634bd6f105
flac-debugsource-1.3.2-9.el8_6.1.ppc64le.rpm
SHA-256: 71732b03d4c9c9bad9c9c373b29973b1a54fd7d20ec89d3e06e04ff31df117c1
flac-libs-1.3.2-9.el8_6.1.ppc64le.rpm
SHA-256: da3de56a213beba2af245cc306a2901ffadab8684756ebcd92888b7b13e6f060
flac-libs-debuginfo-1.3.2-9.el8_6.1.ppc64le.rpm
SHA-256: 41b5c1e7c697d4cfe5b526669137fb922a5ba986931e3315b3d191ba4b6b1c49
Red Hat Enterprise Linux Server - TUS 8.6
SRPM
flac-1.3.2-9.el8_6.1.src.rpm
SHA-256: cbdecefbe10686614295a09364fad9496f62671692d3590648df4aca9c8a7c60
x86_64
flac-debuginfo-1.3.2-9.el8_6.1.i686.rpm
SHA-256: 05578fc3b7cc760e3a5e3f30cc605e826c5a52e199548bc3f70cde40172a3f50
flac-debuginfo-1.3.2-9.el8_6.1.x86_64.rpm
SHA-256: 8f6dfc756a6e83e6722d5703534c68c1afb0da4a51757adf9f1393b27ba59aae
flac-debugsource-1.3.2-9.el8_6.1.i686.rpm
SHA-256: c71b51c3eb771df3746a5e3bf5206f827b107f53ad2a82da3d928f72aa4eae10
flac-debugsource-1.3.2-9.el8_6.1.x86_64.rpm
SHA-256: 0df076a6b62c44f44a79c5bce6cd283b65ca2e2e6fa45c57ac55de07a8c82d6f
flac-libs-1.3.2-9.el8_6.1.i686.rpm
SHA-256: 32696687cffdedef0f7672fcc77046c2eaaeee216ccd6f63242ae61fe5c15d97
flac-libs-1.3.2-9.el8_6.1.x86_64.rpm
SHA-256: 68660e3d4a814862d372344f5296b18661c483373fdb9470538bdbfefdbb6355
flac-libs-debuginfo-1.3.2-9.el8_6.1.i686.rpm
SHA-256: 23027ff26985e4f459ddaeae5d17df8ee80c2a3a9a6db2886ad0c9bcb02cc7d8
flac-libs-debuginfo-1.3.2-9.el8_6.1.x86_64.rpm
SHA-256: 477dab3997f7a75b044aef1efa98790dc41d8f2fdd40ccab636e19ab67599b7e
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6
SRPM
flac-1.3.2-9.el8_6.1.src.rpm
SHA-256: cbdecefbe10686614295a09364fad9496f62671692d3590648df4aca9c8a7c60
aarch64
flac-debuginfo-1.3.2-9.el8_6.1.aarch64.rpm
SHA-256: 6606e7dd05229ae9264b81199abe8edd3feae4d8327476930c4756a25c94eae4
flac-debugsource-1.3.2-9.el8_6.1.aarch64.rpm
SHA-256: be60966a6811c1d3f0057de583a162729a6f8038c284649ce9206df0e0546ae4
flac-libs-1.3.2-9.el8_6.1.aarch64.rpm
SHA-256: e309a0e24d14f1249001417af37ca257adeed56f6e7a1c8d50ac46438a18e711
flac-libs-debuginfo-1.3.2-9.el8_6.1.aarch64.rpm
SHA-256: 826f184adc0ad316c11478f612cc2be92752466ee3583d961a887c5f177993d0
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6
SRPM
flac-1.3.2-9.el8_6.1.src.rpm
SHA-256: cbdecefbe10686614295a09364fad9496f62671692d3590648df4aca9c8a7c60
ppc64le
flac-debuginfo-1.3.2-9.el8_6.1.ppc64le.rpm
SHA-256: 276cdb8fd80a3f79339081a91916705c463d4fd5ef11dc3cbd0b99634bd6f105
flac-debugsource-1.3.2-9.el8_6.1.ppc64le.rpm
SHA-256: 71732b03d4c9c9bad9c9c373b29973b1a54fd7d20ec89d3e06e04ff31df117c1
flac-libs-1.3.2-9.el8_6.1.ppc64le.rpm
SHA-256: da3de56a213beba2af245cc306a2901ffadab8684756ebcd92888b7b13e6f060
flac-libs-debuginfo-1.3.2-9.el8_6.1.ppc64le.rpm
SHA-256: 41b5c1e7c697d4cfe5b526669137fb922a5ba986931e3315b3d191ba4b6b1c49
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6
SRPM
flac-1.3.2-9.el8_6.1.src.rpm
SHA-256: cbdecefbe10686614295a09364fad9496f62671692d3590648df4aca9c8a7c60
x86_64
flac-debuginfo-1.3.2-9.el8_6.1.i686.rpm
SHA-256: 05578fc3b7cc760e3a5e3f30cc605e826c5a52e199548bc3f70cde40172a3f50
flac-debuginfo-1.3.2-9.el8_6.1.x86_64.rpm
SHA-256: 8f6dfc756a6e83e6722d5703534c68c1afb0da4a51757adf9f1393b27ba59aae
flac-debugsource-1.3.2-9.el8_6.1.i686.rpm
SHA-256: c71b51c3eb771df3746a5e3bf5206f827b107f53ad2a82da3d928f72aa4eae10
flac-debugsource-1.3.2-9.el8_6.1.x86_64.rpm
SHA-256: 0df076a6b62c44f44a79c5bce6cd283b65ca2e2e6fa45c57ac55de07a8c82d6f
flac-libs-1.3.2-9.el8_6.1.i686.rpm
SHA-256: 32696687cffdedef0f7672fcc77046c2eaaeee216ccd6f63242ae61fe5c15d97
flac-libs-1.3.2-9.el8_6.1.x86_64.rpm
SHA-256: 68660e3d4a814862d372344f5296b18661c483373fdb9470538bdbfefdbb6355
flac-libs-debuginfo-1.3.2-9.el8_6.1.i686.rpm
SHA-256: 23027ff26985e4f459ddaeae5d17df8ee80c2a3a9a6db2886ad0c9bcb02cc7d8
flac-libs-debuginfo-1.3.2-9.el8_6.1.x86_64.rpm
SHA-256: 477dab3997f7a75b044aef1efa98790dc41d8f2fdd40ccab636e19ab67599b7e
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.6
SRPM
x86_64
flac-1.3.2-9.el8_6.1.x86_64.rpm
SHA-256: 55d2190c2f1b9e85d4ea00250a7b00f5bcbc59ff71750e26d6834c08201b0124
flac-debuginfo-1.3.2-9.el8_6.1.i686.rpm
SHA-256: 05578fc3b7cc760e3a5e3f30cc605e826c5a52e199548bc3f70cde40172a3f50
flac-debuginfo-1.3.2-9.el8_6.1.x86_64.rpm
SHA-256: 8f6dfc756a6e83e6722d5703534c68c1afb0da4a51757adf9f1393b27ba59aae
flac-debugsource-1.3.2-9.el8_6.1.i686.rpm
SHA-256: c71b51c3eb771df3746a5e3bf5206f827b107f53ad2a82da3d928f72aa4eae10
flac-debugsource-1.3.2-9.el8_6.1.x86_64.rpm
SHA-256: 0df076a6b62c44f44a79c5bce6cd283b65ca2e2e6fa45c57ac55de07a8c82d6f
flac-devel-1.3.2-9.el8_6.1.i686.rpm
SHA-256: e1b9ae3f1dd43b75cc2ae2777d84f4f160eb09a35557bdc8b111b4eba72c9a9e
flac-devel-1.3.2-9.el8_6.1.x86_64.rpm
SHA-256: 5abb5f649b4cb3d7270811df65fd05fea86b82c0946e09d9c8e96be3e1343fed
flac-libs-debuginfo-1.3.2-9.el8_6.1.i686.rpm
SHA-256: 23027ff26985e4f459ddaeae5d17df8ee80c2a3a9a6db2886ad0c9bcb02cc7d8
flac-libs-debuginfo-1.3.2-9.el8_6.1.x86_64.rpm
SHA-256: 477dab3997f7a75b044aef1efa98790dc41d8f2fdd40ccab636e19ab67599b7e
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.6
SRPM
ppc64le
flac-1.3.2-9.el8_6.1.ppc64le.rpm
SHA-256: 40d42d5d3153a3fc8ca5e7dbac5ce13366659275fb42dd3cd82db4dd4e41a313
flac-debuginfo-1.3.2-9.el8_6.1.ppc64le.rpm
SHA-256: 276cdb8fd80a3f79339081a91916705c463d4fd5ef11dc3cbd0b99634bd6f105
flac-debugsource-1.3.2-9.el8_6.1.ppc64le.rpm
SHA-256: 71732b03d4c9c9bad9c9c373b29973b1a54fd7d20ec89d3e06e04ff31df117c1
flac-devel-1.3.2-9.el8_6.1.ppc64le.rpm
SHA-256: b5a9e25c7740ba394858ff363dc6339a2fe768c50e8f727941b2f9f7cba4580c
flac-libs-debuginfo-1.3.2-9.el8_6.1.ppc64le.rpm
SHA-256: 41b5c1e7c697d4cfe5b526669137fb922a5ba986931e3315b3d191ba4b6b1c49
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.6
SRPM
s390x
flac-1.3.2-9.el8_6.1.s390x.rpm
SHA-256: c1fefa8e104a44ffce1b38d422ae6af7b5807b8a7fd7966930b409d9be4d91d4
flac-debuginfo-1.3.2-9.el8_6.1.s390x.rpm
SHA-256: 88d81850df12bbf27adc2388741fc8f9a503428582a53f7f1f475282af1f2090
flac-debugsource-1.3.2-9.el8_6.1.s390x.rpm
SHA-256: ef33f8aca456e61aed5e561ae5bb2d5da23d990ac12b67c6c99ff984aee10702
flac-devel-1.3.2-9.el8_6.1.s390x.rpm
SHA-256: 0526f8d7d92d738401a366e9158243e98ba39c27a255147f617f2790a92dd3bb
flac-libs-debuginfo-1.3.2-9.el8_6.1.s390x.rpm
SHA-256: f3b659b9c03d68e812bee29a7ac64e32584c058113f0c71d2a43b477f3d899d9
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.6
SRPM
aarch64
flac-1.3.2-9.el8_6.1.aarch64.rpm
SHA-256: 2306ab46e77c45fa04b4c82ccd31d52d8dbf2da117d6e15afadfb6f6bd35e3ba
flac-debuginfo-1.3.2-9.el8_6.1.aarch64.rpm
SHA-256: 6606e7dd05229ae9264b81199abe8edd3feae4d8327476930c4756a25c94eae4
flac-debugsource-1.3.2-9.el8_6.1.aarch64.rpm
SHA-256: be60966a6811c1d3f0057de583a162729a6f8038c284649ce9206df0e0546ae4
flac-devel-1.3.2-9.el8_6.1.aarch64.rpm
SHA-256: f7daac106b20e5c879941189f055bd0749a469113e7287b4a0ea65cd739e06f3
flac-libs-debuginfo-1.3.2-9.el8_6.1.aarch64.rpm
SHA-256: 826f184adc0ad316c11478f612cc2be92752466ee3583d961a887c5f177993d0
Related news
Ubuntu Security Notice 6360-2 - USN-6360-1 fixed a vulnerability in FLAC. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. It was discovered that FLAC incorrectly handled encoding certain files. A remote attacker could use this issue to cause FLAC to crash, resulting in a denial of service, or possibly execute arbitrary code.
Red Hat Security Advisory 2023-5155-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.13. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5044-01 - FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2023-5046-01 - FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2023-5047-01 - FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2023-5045-01 - FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2023-5042-01 - FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2023-5043-01 - FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Issues addressed include a code execution vulnerability.
An update for flac is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-22219: A flaw was found in the libeconf library. This issue occurs due to a buffer overflow vulnerability in the bitwriter_grow_ function in FLAC that allows remote attackers to run arbitrary code via crafted input to the encoder.
An update for flac is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-22219: A flaw was found in the libeconf library. This issue occurs due to a buffer overflow vulnerability in the bitwriter_grow_ function in FLAC that allows remote attackers to run ...
An update for flac is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-22219: A flaw was found in the libeconf library. This issue occurs due to a buffer overflow vulnerability in the bitwriter_grow_ function in FLAC that allows remote attackers to run arbitrary code via crafted input to the encoder.
An update for flac is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-22219: A flaw was found in the libeconf library. This issue occurs due to a buffer overflow vulnerability in the bitwriter_grow_ function in FLAC that allows remote attackers to run arbitrary code via crafted input to the encoder.
An update for flac is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-22219: A flaw was found in the libeconf library. This issue occurs due to a buffer overflow vulnerability in the bitwriter_grow_ function in FLAC that allows remote attackers to run arbitrary code vi...
Buffer Overflow vulnerability in function bitwriter_grow_ in flac before 1.4.0 allows remote attackers to run arbitrary code via crafted input to the encoder.