flac-1.2.1-7.AXS4

エラータID: AXSA:2015-100:01

Release date: 
Tuesday, April 14, 2015 - 11:05
Subject: 
flac-1.2.1-7.AXS4
Affected Channels: 
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity: 
High
Description: 

Description:
The flac packages contain a decoder and an encoder for the FLAC (Free
Lossless Audio Codec) audio file format.

Security issues fixed with this release:

CVE-2014-9028
Heap-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file.

CVE-2014-8962
Stack-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file.

Solution: 

Update package.

CVEs: 
CVE-2014-9028
Heap-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file.
CVE-2014-8962
Stack-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file.
Additional Info: 

N/A

Download: 

SRPMS
  1. flac-1.2.1-7.AXS4.src.rpm
    MD5: 6f1f98599d4826a6c7eafd41dc7f0438
    SHA-256: fb1565a5b6d04f05b0159b18dd400c607671cebfd519f1e3c011de266f920f14
    Size: 1.92 MB

Asianux Server 4 for x86
  1. flac-1.2.1-7.AXS4.i686.rpm
    MD5: 02722e925026df449f48a461a87caa26
    SHA-256: 0bcf5ede9f7e06458c0d4ed01facbd6e1d9cfda7eb8dbd4a55c44624fb53699b
    Size: 252.85 kB

Asianux Server 4 for x86_64
  1. flac-1.2.1-7.AXS4.x86_64.rpm
    MD5: b3ccc2d69ef6553ad3eb26d5a400294f
    SHA-256: 370593cc342ba4afdbc14ea906d4fb2d2462e8bf7478cdbd2beca34bc8cda64c
    Size: 241.52 kB
  2. flac-1.2.1-7.AXS4.i686.rpm
    MD5: 02722e925026df449f48a461a87caa26
    SHA-256: 0bcf5ede9f7e06458c0d4ed01facbd6e1d9cfda7eb8dbd4a55c44624fb53699b
    Size: 252.85 kB