Synopsis: Important: flac security update
Issue date: 2007-10-22
CVE Names: CVE-2007-4619
A security flaw was found in the way flac processed audio data. An
attacker could create a carefully crafted FLAC audio file in such a way that
it could cause an application linked with flac libraries to crash or execute
arbitrary code when it was opened. (CVE-2007-4619)
This update actually went out yesterday. We apologize for getting this e-mail
out late.
SL 4.x
SRPMS:
flac-1.1.0-7.2.src.rpm
i386:
flac-1.1.0-7.2.i386.rpm
flac-devel-1.1.0-7.2.i386.rpm
xmms-flac-1.1.0-7.2.i386.rpm
x86_64:
flac-1.1.0-7.2.i386.rpm
flac-1.1.0-7.2.x86_64.rpm
flac-devel-1.1.0-7.2.x86_64.rpm
xmms-flac-1.1.0-7.2.x86_64.rpm
SL 5.x
SRPMS:
flac-1.1.2-28.el5.1.src.rpm
i386:
flac-1.1.2-28.el5.1.i386.rpm
flac-1.1.2-28.el5.1.src.rpm
flac-devel-1.1.2-28.el5.1.i386.rpm
x86_64:
flac-1.1.2-28.el5.1.i386.rpm
flac-1.1.2-28.el5.1.src.rpm
flac-1.1.2-28.el5.1.x86_64.rpm
flac-devel-1.1.2-28.el5.1.i386.rpm
flac-devel-1.1.2-28.el5.1.x86_64.rpm
-Connie Sieh
-Troy Dawson