| Release | Version |
|---|---|
| jessie | 1.3.0-3+deb8u3 |
| stretch | 1.3.2-2+deb9u3 |
| stretch (security) | 1.3.2-2+deb9u2 |
| buster | 1.3.2-3+deb10u3 |
| bullseye | 1.3.3-2+deb11u2 |
| bookworm | 1.4.2+ds-2 |
| trixie | 1.4.3+ds-2.1 |
| sid | 1.4.3+ds-2.1 |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-6888 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | fixed | An error in the "read_metadata_vorbiscomment_()" function (src/libFLAC ... |
| Bug | Description |
|---|---|
| CVE-2021-0561 | In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a ... |
| CVE-2020-22219 | Buffer Overflow vulnerability in function bitwriter_grow_ in flac befo ... |
| CVE-2020-0499 | In FLAC__bitreader_read_rice_signed_block of bitreader.c, there is a p ... |
| CVE-2014-9028 | Heap-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 ... |
| CVE-2014-8962 | Stack-based buffer overflow in stream_decoder.c in libFLAC before 1.3. ... |
| CVE-2007-6279 | Multiple double free vulnerabilities in Free Lossless Audio Codec (FLA ... |
| CVE-2007-6278 | Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 allows user-assi ... |
| CVE-2007-6277 | Multiple buffer overflows in Free Lossless Audio Codec (FLAC) libFLAC ... |
| CVE-2007-4619 | Multiple integer overflows in Free Lossless Audio Codec (FLAC) libFLAC ... |
| DSA / DLA | Description |
|---|---|
| DLA-3581-1 | flac - security update |
| ELA-954-1 | flac - security update |
| DSA-5500-1 | flac - security update |
| DLA-3094-1 | flac - security update |
| DLA-2951-1 | flac - security update |
| ELA-578-1 | flac - security update |
| DLA-2514-1 | flac - security update |
| ELA-335-1 | flac - security update |
| DLA-99-1 | flac - security update |
| DSA-3082-1 | flac - security update |
| DSA-1469-1 | flac |