FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

flac -- Multiple vulnerabilities

Affected packages
flac < 1.3.0_3
linux-c6-flac < 1.2.1_3

Details

VuXML ID a33addf6-74e6-11e4-a615-f8b156b6dcc8
Discovery 2014-11-25
Entry 2014-11-25
Modified 2015-07-15

Erik de Castro Lopo reports:

Google Security Team member, Michele Spagnuolo, recently found two potential problems in the FLAC code base. They are:

References

CVE Name CVE-2014-8962
CVE Name CVE-2014-9028
URL https://git.xiph.org/?p=flac.git;a=commit;h=5b3033a2b355068c11fe637e14ac742d273f076e
URL https://git.xiph.org/?p=flac.git;a=commit;h=fcf0ba06ae12ccd7c67cee3c8d948df15f946b85