Advisories ยป MGASA-2014-0499

Updated flac packages fix security vulnerabilities

Publication date: 29 Nov 2014
Type: security
Affected Mageia releases : 4
CVE: CVE-2014-8962 , CVE-2014-9028

Description

In libFLAC before 1.3.1, a stack overflow (CVE-2014-8962) and a heap overflow
(CVE-2014-9028), which may result in arbitrary code execution, can be
triggered by passing a maliciously crafted .flac file to the libFLAC decoder.
                

References

SRPMS

4/core