[blfs-book] [BLFS Trac] #14852: flac security fix

BLFS Trac via blfs-book Fri, 02 Apr 2021 08:14:45 -0700

#14852: flac security fix
-------------------------+-----------------------
 Reporter:  ken@…        |      Owner:  blfs-book
     Type:  enhancement  |     Status:  new
 Priority:  normal       |  Milestone:  10.2
Component:  BOOK         |    Version:  SVN
 Severity:  normal       |   Keywords:
-------------------------+-----------------------
 In FLAC__bitreader_read_rice_signed_block of bitreader.c, there is a
 possible out of bounds read due to a heap buffer overflow. This could lead
 to remote information disclosure with no additional execution privileges
 needed. User interaction is needed for exploitation.


 Fixed upstream but no new release.

 CVE-2020-0490

--
Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/14852>
BLFS Trac <http://wiki.linuxfromscratch.org/blfs>
Beyond Linux From Scratch
-- 
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page

[blfs-book] [BLFS Trac] #14852: flac security fix

Reply via email to