ALSA-2023:5048

[ALSA-2023:5048] Important: flac security update

Type:

security

Severity:

important

Release date:

2023-09-12

Description:

FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files.

Security Fix(es):

* flac: Remote Code Execution (RCE) via the bitwriter_grow_ function, by supplying crafted input to the encoder (CVE-2020-22219)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	flac-libs-1.3.3-10.el9_2.1.aarch64.rpm	1bd0ee897ea2909d31ca29e7a8251f8edb97bb64b2e90241fcc314aca6c982c7
aarch64	flac-devel-1.3.3-10.el9_2.1.aarch64.rpm	591f4838bf4930208fc51df86a85600c0e46c283d2aa4f8ae6e3991959dd8ac0
aarch64	flac-1.3.3-10.el9_2.1.aarch64.rpm	96a143cb2d55c0ef0bf9eaf3f6a499b5fdbba12191cfb2f0acfa6fee1deac018
i686	flac-devel-1.3.3-10.el9_2.1.i686.rpm	45034fb7bcb8be17d66fcf390e92312aec1cb6928cee37e0ee763901d6a253dd
i686	flac-libs-1.3.3-10.el9_2.1.i686.rpm	ea365e953fa5fd40129ea306f0aad3a3935b45079574d697614469b8842aac64
ppc64le	flac-libs-1.3.3-10.el9_2.1.ppc64le.rpm	034f7b5dfd16f5ce5b47a075726cb0c576304c9d0522942b088493697577ce63
ppc64le	flac-1.3.3-10.el9_2.1.ppc64le.rpm	3ae9f8759c11ff8997c01a7e45e40eaa41dd2c2bb4b261d8efc3b5046817a54f
ppc64le	flac-devel-1.3.3-10.el9_2.1.ppc64le.rpm	a4b319ba5d501332159be44df344f76552bd3a62d1b05f347c471fe99c840623
s390x	flac-1.3.3-10.el9_2.1.s390x.rpm	77b7b7fc4ec7f32a551eaa76354794069c4556a50e9484c25f305f2866cbae68
s390x	flac-devel-1.3.3-10.el9_2.1.s390x.rpm	c52d8e39a1347474098d8d80a557046fa78a8840fbd63585db6010c289c5780b
s390x	flac-libs-1.3.3-10.el9_2.1.s390x.rpm	e1a97f4cdf3f37f2fe30c92a495aaab1c57b68e79c81ce95f6da803ba3c181e2
x86_64	flac-1.3.3-10.el9_2.1.x86_64.rpm	1a34ff52a57a62960170651fd4f2bcbaea2b2893adfc6a44efcacb3e69e95890
x86_64	flac-libs-1.3.3-10.el9_2.1.x86_64.rpm	2e49709324253ebf6526fa54fe0c3ecc5ec11ce2b10b970ed41220e7e963290c
x86_64	flac-devel-1.3.3-10.el9_2.1.x86_64.rpm	620333478f2201fac645990897a120418c6c67add18b716ba5578b2a4478672e

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.