vulnerabilities have been fixed for some time now. update flac if you need to
Quote:
libFLAC version 1.2.1 was released in September, 2007, fixing these vulnerabilities for most vulnerable applications. Unfortunately, many vendors that were using libFLAC within their media applications or using their own homegrown FLAC file parsers had not been informed that their FLAC file parser was vulnerable. Because of that, the release of this advisory was postponed until all vulnerable vendors were contacted in coordination with US-CERT.
|
http://research.eeye.com/html/adviso...D20071115.html
No members have liked this post.