[ubuntu/vivid-proposed] flac 1.3.0-3 (Accepted)
Logan Rosen
loganrosen at gmail.com
Wed Dec 3 16:21:43 UTC 2014
flac (1.3.0-3) unstable; urgency=high
* Fixes for CVE-2014-8962 and CVE-2014-9028:
+ Backport three patches from upstream GIT repository:
- CVE-2014-8962.patch: Fix a buffer read overflow.
- CVE-2014-9028.patch: Avoid a heap overflow.
- CVE-2014-9028-2.patch: Avoid a heap overflow. Closely related to
the former fix, but strictly speaking not the same vulnerability.
+ Closes: #770918.
+ Thanks Erik de Castro Lopo for the bug report and the upstream fixes!
Date: 2014-11-27 22:13:43.113184+00:00
Changed-By: Debian Multimedia Maintainers <pkg-multimedia-maintainers at lists.alioth.debian.org>
Signed-By: Daniel Holbach <daniel.holbach at ubuntu.com>
https://launchpad.net/ubuntu/+source/flac/1.3.0-3
-------------- next part --------------
Sorry, changesfile not available.
More information about the Vivid-changes
mailing list