Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:5045: Red Hat Security Advisory: flac security update

An update for flac is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2020-22219: A flaw was found in the libeconf library. This issue occurs due to a buffer overflow vulnerability in the bitwriter_grow_ function in FLAC that allows remote attackers to run arbitrary code via crafted input to the encoder.
Red Hat Security Data
#vulnerability#linux#red_hat#rce#buffer_overflow#ibm#sap#ssl

Synopsis

Important: flac security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for flac is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files.

Security Fix(es):

  • flac: Remote Code Execution (RCE) via the bitwriter_grow_ function, by supplying crafted input to the encoder (CVE-2020-22219)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.6 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.6 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64
  • Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.6 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.6 ppc64le
  • Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.6 s390x
  • Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.6 aarch64

Fixes

  • BZ - 2235489 - CVE-2020-22219 flac: Remote Code Execution (RCE) via the bitwriter_grow_ function, by supplying crafted input to the encoder

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6

SRPM

flac-1.3.2-9.el8_6.1.src.rpm

SHA-256: cbdecefbe10686614295a09364fad9496f62671692d3590648df4aca9c8a7c60

x86_64

flac-debuginfo-1.3.2-9.el8_6.1.i686.rpm

SHA-256: 05578fc3b7cc760e3a5e3f30cc605e826c5a52e199548bc3f70cde40172a3f50

flac-debuginfo-1.3.2-9.el8_6.1.x86_64.rpm

SHA-256: 8f6dfc756a6e83e6722d5703534c68c1afb0da4a51757adf9f1393b27ba59aae

flac-debugsource-1.3.2-9.el8_6.1.i686.rpm

SHA-256: c71b51c3eb771df3746a5e3bf5206f827b107f53ad2a82da3d928f72aa4eae10

flac-debugsource-1.3.2-9.el8_6.1.x86_64.rpm

SHA-256: 0df076a6b62c44f44a79c5bce6cd283b65ca2e2e6fa45c57ac55de07a8c82d6f

flac-libs-1.3.2-9.el8_6.1.i686.rpm

SHA-256: 32696687cffdedef0f7672fcc77046c2eaaeee216ccd6f63242ae61fe5c15d97

flac-libs-1.3.2-9.el8_6.1.x86_64.rpm

SHA-256: 68660e3d4a814862d372344f5296b18661c483373fdb9470538bdbfefdbb6355

flac-libs-debuginfo-1.3.2-9.el8_6.1.i686.rpm

SHA-256: 23027ff26985e4f459ddaeae5d17df8ee80c2a3a9a6db2886ad0c9bcb02cc7d8

flac-libs-debuginfo-1.3.2-9.el8_6.1.x86_64.rpm

SHA-256: 477dab3997f7a75b044aef1efa98790dc41d8f2fdd40ccab636e19ab67599b7e

Red Hat Enterprise Linux Server - AUS 8.6

SRPM

flac-1.3.2-9.el8_6.1.src.rpm

SHA-256: cbdecefbe10686614295a09364fad9496f62671692d3590648df4aca9c8a7c60

x86_64

flac-debuginfo-1.3.2-9.el8_6.1.i686.rpm

SHA-256: 05578fc3b7cc760e3a5e3f30cc605e826c5a52e199548bc3f70cde40172a3f50

flac-debuginfo-1.3.2-9.el8_6.1.x86_64.rpm

SHA-256: 8f6dfc756a6e83e6722d5703534c68c1afb0da4a51757adf9f1393b27ba59aae

flac-debugsource-1.3.2-9.el8_6.1.i686.rpm

SHA-256: c71b51c3eb771df3746a5e3bf5206f827b107f53ad2a82da3d928f72aa4eae10

flac-debugsource-1.3.2-9.el8_6.1.x86_64.rpm

SHA-256: 0df076a6b62c44f44a79c5bce6cd283b65ca2e2e6fa45c57ac55de07a8c82d6f

flac-libs-1.3.2-9.el8_6.1.i686.rpm

SHA-256: 32696687cffdedef0f7672fcc77046c2eaaeee216ccd6f63242ae61fe5c15d97

flac-libs-1.3.2-9.el8_6.1.x86_64.rpm

SHA-256: 68660e3d4a814862d372344f5296b18661c483373fdb9470538bdbfefdbb6355

flac-libs-debuginfo-1.3.2-9.el8_6.1.i686.rpm

SHA-256: 23027ff26985e4f459ddaeae5d17df8ee80c2a3a9a6db2886ad0c9bcb02cc7d8

flac-libs-debuginfo-1.3.2-9.el8_6.1.x86_64.rpm

SHA-256: 477dab3997f7a75b044aef1efa98790dc41d8f2fdd40ccab636e19ab67599b7e

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6

SRPM

flac-1.3.2-9.el8_6.1.src.rpm

SHA-256: cbdecefbe10686614295a09364fad9496f62671692d3590648df4aca9c8a7c60

s390x

flac-debuginfo-1.3.2-9.el8_6.1.s390x.rpm

SHA-256: 88d81850df12bbf27adc2388741fc8f9a503428582a53f7f1f475282af1f2090

flac-debugsource-1.3.2-9.el8_6.1.s390x.rpm

SHA-256: ef33f8aca456e61aed5e561ae5bb2d5da23d990ac12b67c6c99ff984aee10702

flac-libs-1.3.2-9.el8_6.1.s390x.rpm

SHA-256: e876ae4586c0479614563aa6a4f12783ac0a8330bad89a40c43f9c8d49a37e41

flac-libs-debuginfo-1.3.2-9.el8_6.1.s390x.rpm

SHA-256: f3b659b9c03d68e812bee29a7ac64e32584c058113f0c71d2a43b477f3d899d9

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6

SRPM

flac-1.3.2-9.el8_6.1.src.rpm

SHA-256: cbdecefbe10686614295a09364fad9496f62671692d3590648df4aca9c8a7c60

ppc64le

flac-debuginfo-1.3.2-9.el8_6.1.ppc64le.rpm

SHA-256: 276cdb8fd80a3f79339081a91916705c463d4fd5ef11dc3cbd0b99634bd6f105

flac-debugsource-1.3.2-9.el8_6.1.ppc64le.rpm

SHA-256: 71732b03d4c9c9bad9c9c373b29973b1a54fd7d20ec89d3e06e04ff31df117c1

flac-libs-1.3.2-9.el8_6.1.ppc64le.rpm

SHA-256: da3de56a213beba2af245cc306a2901ffadab8684756ebcd92888b7b13e6f060

flac-libs-debuginfo-1.3.2-9.el8_6.1.ppc64le.rpm

SHA-256: 41b5c1e7c697d4cfe5b526669137fb922a5ba986931e3315b3d191ba4b6b1c49

Red Hat Enterprise Linux Server - TUS 8.6

SRPM

flac-1.3.2-9.el8_6.1.src.rpm

SHA-256: cbdecefbe10686614295a09364fad9496f62671692d3590648df4aca9c8a7c60

x86_64

flac-debuginfo-1.3.2-9.el8_6.1.i686.rpm

SHA-256: 05578fc3b7cc760e3a5e3f30cc605e826c5a52e199548bc3f70cde40172a3f50

flac-debuginfo-1.3.2-9.el8_6.1.x86_64.rpm

SHA-256: 8f6dfc756a6e83e6722d5703534c68c1afb0da4a51757adf9f1393b27ba59aae

flac-debugsource-1.3.2-9.el8_6.1.i686.rpm

SHA-256: c71b51c3eb771df3746a5e3bf5206f827b107f53ad2a82da3d928f72aa4eae10

flac-debugsource-1.3.2-9.el8_6.1.x86_64.rpm

SHA-256: 0df076a6b62c44f44a79c5bce6cd283b65ca2e2e6fa45c57ac55de07a8c82d6f

flac-libs-1.3.2-9.el8_6.1.i686.rpm

SHA-256: 32696687cffdedef0f7672fcc77046c2eaaeee216ccd6f63242ae61fe5c15d97

flac-libs-1.3.2-9.el8_6.1.x86_64.rpm

SHA-256: 68660e3d4a814862d372344f5296b18661c483373fdb9470538bdbfefdbb6355

flac-libs-debuginfo-1.3.2-9.el8_6.1.i686.rpm

SHA-256: 23027ff26985e4f459ddaeae5d17df8ee80c2a3a9a6db2886ad0c9bcb02cc7d8

flac-libs-debuginfo-1.3.2-9.el8_6.1.x86_64.rpm

SHA-256: 477dab3997f7a75b044aef1efa98790dc41d8f2fdd40ccab636e19ab67599b7e

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6

SRPM

flac-1.3.2-9.el8_6.1.src.rpm

SHA-256: cbdecefbe10686614295a09364fad9496f62671692d3590648df4aca9c8a7c60

aarch64

flac-debuginfo-1.3.2-9.el8_6.1.aarch64.rpm

SHA-256: 6606e7dd05229ae9264b81199abe8edd3feae4d8327476930c4756a25c94eae4

flac-debugsource-1.3.2-9.el8_6.1.aarch64.rpm

SHA-256: be60966a6811c1d3f0057de583a162729a6f8038c284649ce9206df0e0546ae4

flac-libs-1.3.2-9.el8_6.1.aarch64.rpm

SHA-256: e309a0e24d14f1249001417af37ca257adeed56f6e7a1c8d50ac46438a18e711

flac-libs-debuginfo-1.3.2-9.el8_6.1.aarch64.rpm

SHA-256: 826f184adc0ad316c11478f612cc2be92752466ee3583d961a887c5f177993d0

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6

SRPM

flac-1.3.2-9.el8_6.1.src.rpm

SHA-256: cbdecefbe10686614295a09364fad9496f62671692d3590648df4aca9c8a7c60

ppc64le

flac-debuginfo-1.3.2-9.el8_6.1.ppc64le.rpm

SHA-256: 276cdb8fd80a3f79339081a91916705c463d4fd5ef11dc3cbd0b99634bd6f105

flac-debugsource-1.3.2-9.el8_6.1.ppc64le.rpm

SHA-256: 71732b03d4c9c9bad9c9c373b29973b1a54fd7d20ec89d3e06e04ff31df117c1

flac-libs-1.3.2-9.el8_6.1.ppc64le.rpm

SHA-256: da3de56a213beba2af245cc306a2901ffadab8684756ebcd92888b7b13e6f060

flac-libs-debuginfo-1.3.2-9.el8_6.1.ppc64le.rpm

SHA-256: 41b5c1e7c697d4cfe5b526669137fb922a5ba986931e3315b3d191ba4b6b1c49

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6

SRPM

flac-1.3.2-9.el8_6.1.src.rpm

SHA-256: cbdecefbe10686614295a09364fad9496f62671692d3590648df4aca9c8a7c60

x86_64

flac-debuginfo-1.3.2-9.el8_6.1.i686.rpm

SHA-256: 05578fc3b7cc760e3a5e3f30cc605e826c5a52e199548bc3f70cde40172a3f50

flac-debuginfo-1.3.2-9.el8_6.1.x86_64.rpm

SHA-256: 8f6dfc756a6e83e6722d5703534c68c1afb0da4a51757adf9f1393b27ba59aae

flac-debugsource-1.3.2-9.el8_6.1.i686.rpm

SHA-256: c71b51c3eb771df3746a5e3bf5206f827b107f53ad2a82da3d928f72aa4eae10

flac-debugsource-1.3.2-9.el8_6.1.x86_64.rpm

SHA-256: 0df076a6b62c44f44a79c5bce6cd283b65ca2e2e6fa45c57ac55de07a8c82d6f

flac-libs-1.3.2-9.el8_6.1.i686.rpm

SHA-256: 32696687cffdedef0f7672fcc77046c2eaaeee216ccd6f63242ae61fe5c15d97

flac-libs-1.3.2-9.el8_6.1.x86_64.rpm

SHA-256: 68660e3d4a814862d372344f5296b18661c483373fdb9470538bdbfefdbb6355

flac-libs-debuginfo-1.3.2-9.el8_6.1.i686.rpm

SHA-256: 23027ff26985e4f459ddaeae5d17df8ee80c2a3a9a6db2886ad0c9bcb02cc7d8

flac-libs-debuginfo-1.3.2-9.el8_6.1.x86_64.rpm

SHA-256: 477dab3997f7a75b044aef1efa98790dc41d8f2fdd40ccab636e19ab67599b7e

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.6

SRPM

x86_64

flac-1.3.2-9.el8_6.1.x86_64.rpm

SHA-256: 55d2190c2f1b9e85d4ea00250a7b00f5bcbc59ff71750e26d6834c08201b0124

flac-debuginfo-1.3.2-9.el8_6.1.i686.rpm

SHA-256: 05578fc3b7cc760e3a5e3f30cc605e826c5a52e199548bc3f70cde40172a3f50

flac-debuginfo-1.3.2-9.el8_6.1.x86_64.rpm

SHA-256: 8f6dfc756a6e83e6722d5703534c68c1afb0da4a51757adf9f1393b27ba59aae

flac-debugsource-1.3.2-9.el8_6.1.i686.rpm

SHA-256: c71b51c3eb771df3746a5e3bf5206f827b107f53ad2a82da3d928f72aa4eae10

flac-debugsource-1.3.2-9.el8_6.1.x86_64.rpm

SHA-256: 0df076a6b62c44f44a79c5bce6cd283b65ca2e2e6fa45c57ac55de07a8c82d6f

flac-devel-1.3.2-9.el8_6.1.i686.rpm

SHA-256: e1b9ae3f1dd43b75cc2ae2777d84f4f160eb09a35557bdc8b111b4eba72c9a9e

flac-devel-1.3.2-9.el8_6.1.x86_64.rpm

SHA-256: 5abb5f649b4cb3d7270811df65fd05fea86b82c0946e09d9c8e96be3e1343fed

flac-libs-debuginfo-1.3.2-9.el8_6.1.i686.rpm

SHA-256: 23027ff26985e4f459ddaeae5d17df8ee80c2a3a9a6db2886ad0c9bcb02cc7d8

flac-libs-debuginfo-1.3.2-9.el8_6.1.x86_64.rpm

SHA-256: 477dab3997f7a75b044aef1efa98790dc41d8f2fdd40ccab636e19ab67599b7e

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.6

SRPM

ppc64le

flac-1.3.2-9.el8_6.1.ppc64le.rpm

SHA-256: 40d42d5d3153a3fc8ca5e7dbac5ce13366659275fb42dd3cd82db4dd4e41a313

flac-debuginfo-1.3.2-9.el8_6.1.ppc64le.rpm

SHA-256: 276cdb8fd80a3f79339081a91916705c463d4fd5ef11dc3cbd0b99634bd6f105

flac-debugsource-1.3.2-9.el8_6.1.ppc64le.rpm

SHA-256: 71732b03d4c9c9bad9c9c373b29973b1a54fd7d20ec89d3e06e04ff31df117c1

flac-devel-1.3.2-9.el8_6.1.ppc64le.rpm

SHA-256: b5a9e25c7740ba394858ff363dc6339a2fe768c50e8f727941b2f9f7cba4580c

flac-libs-debuginfo-1.3.2-9.el8_6.1.ppc64le.rpm

SHA-256: 41b5c1e7c697d4cfe5b526669137fb922a5ba986931e3315b3d191ba4b6b1c49

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.6

SRPM

s390x

flac-1.3.2-9.el8_6.1.s390x.rpm

SHA-256: c1fefa8e104a44ffce1b38d422ae6af7b5807b8a7fd7966930b409d9be4d91d4

flac-debuginfo-1.3.2-9.el8_6.1.s390x.rpm

SHA-256: 88d81850df12bbf27adc2388741fc8f9a503428582a53f7f1f475282af1f2090

flac-debugsource-1.3.2-9.el8_6.1.s390x.rpm

SHA-256: ef33f8aca456e61aed5e561ae5bb2d5da23d990ac12b67c6c99ff984aee10702

flac-devel-1.3.2-9.el8_6.1.s390x.rpm

SHA-256: 0526f8d7d92d738401a366e9158243e98ba39c27a255147f617f2790a92dd3bb

flac-libs-debuginfo-1.3.2-9.el8_6.1.s390x.rpm

SHA-256: f3b659b9c03d68e812bee29a7ac64e32584c058113f0c71d2a43b477f3d899d9

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.6

SRPM

aarch64

flac-1.3.2-9.el8_6.1.aarch64.rpm

SHA-256: 2306ab46e77c45fa04b4c82ccd31d52d8dbf2da117d6e15afadfb6f6bd35e3ba

flac-debuginfo-1.3.2-9.el8_6.1.aarch64.rpm

SHA-256: 6606e7dd05229ae9264b81199abe8edd3feae4d8327476930c4756a25c94eae4

flac-debugsource-1.3.2-9.el8_6.1.aarch64.rpm

SHA-256: be60966a6811c1d3f0057de583a162729a6f8038c284649ce9206df0e0546ae4

flac-devel-1.3.2-9.el8_6.1.aarch64.rpm

SHA-256: f7daac106b20e5c879941189f055bd0749a469113e7287b4a0ea65cd739e06f3

flac-libs-debuginfo-1.3.2-9.el8_6.1.aarch64.rpm

SHA-256: 826f184adc0ad316c11478f612cc2be92752466ee3583d961a887c5f177993d0

Related news

Ubuntu Security Notice USN-6360-2

Ubuntu Security Notice 6360-2 - USN-6360-1 fixed a vulnerability in FLAC. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. It was discovered that FLAC incorrectly handled encoding certain files. A remote attacker could use this issue to cause FLAC to crash, resulting in a denial of service, or possibly execute arbitrary code.

Red Hat Security Advisory 2023-5155-01

Red Hat Security Advisory 2023-5155-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.13. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-5044-01

Red Hat Security Advisory 2023-5044-01 - FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2023-5046-01

Red Hat Security Advisory 2023-5046-01 - FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2023-5047-01

Red Hat Security Advisory 2023-5047-01 - FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2023-5045-01

Red Hat Security Advisory 2023-5045-01 - FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2023-5042-01

Red Hat Security Advisory 2023-5042-01 - FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2023-5043-01

Red Hat Security Advisory 2023-5043-01 - FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Issues addressed include a code execution vulnerability.

RHSA-2023:5046: Red Hat Security Advisory: flac security update

An update for flac is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-22219: A flaw was found in the libeconf library. This issue occurs due to a buffer overflow vulnerability in the bitwriter_grow_ function in FLAC that allows remote attackers to run arbitrary code via crafted input to the encoder.

RHSA-2023:5044: Red Hat Security Advisory: flac security update

An update for flac is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-22219: A flaw was found in the libeconf library. This issue occurs due to a buffer overflow vulnerability in the bitwriter_grow_ function in FLAC that allows remote attackers to run ...

RHSA-2023:5047: Red Hat Security Advisory: flac security update

An update for flac is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-22219: A flaw was found in the libeconf library. This issue occurs due to a buffer overflow vulnerability in the bitwriter_grow_ function in FLAC that allows remote attackers to run arbitrary code via crafted input to the encoder.

RHSA-2023:5042: Red Hat Security Advisory: flac security update

An update for flac is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-22219: A flaw was found in the libeconf library. This issue occurs due to a buffer overflow vulnerability in the bitwriter_grow_ function in FLAC that allows remote attackers to run arbitrary code via crafted input to the encoder.

RHSA-2023:5043: Red Hat Security Advisory: flac security update

An update for flac is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-22219: A flaw was found in the libeconf library. This issue occurs due to a buffer overflow vulnerability in the bitwriter_grow_ function in FLAC that allows remote attackers to run arbitrary code vi...

CVE-2020-22219: wild-addr-write found by fuzz · Issue #215 · xiph/flac

Buffer Overflow vulnerability in function bitwriter_grow_ in flac before 1.4.0 allows remote attackers to run arbitrary code via crafted input to the encoder.