ALT Linux Team

Package flac update in sisyphus on 2024-02-08

ALT-PU-2024-1901-2

Package flac updated to version 1.4.3-alt1 for branch sisyphus in task 339776.

Closed vulnerabilities

Published: 2020-06-02

BDU:2023-06152

Уязвимость функции bitwriter_grow_ in() аудиокодека FLAC, позволяющая нарушителю выполнить произвольный код

Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: MEDIUM (6.8) Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C
References:
Published: 2023-08-22
Modified: 2024-11-21

CVE-2020-22219

Buffer Overflow vulnerability in function bitwriter_grow_ in flac before 1.4.0 allows remote attackers to run arbitrary code via crafted input to the encoder.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.2
Back to top