Security Issue with FLAC Audio Codec
Loss free audio codecs are gaining in popularity with device manufacturers; right now, a vulnerability in the Free Lossless Audio Codec (FLAC) spoils users listening pleasure.
Security researchers with iDefense have identified vulnerabilities that could cause heap-based overflows in several of the Flac codec’s components. To exploit the security holes an attacker would need to send a carefully crafted audio file to the user. If successful, the attacker would be able to execute arbitrary code and thus compromise the machine.
The bug, which is rated as moderately critical by security reviewers Secunia, affects all systems and applications that use the free codec. An update for Flac to version 1.2.1 resolves the issue. Binaries and source code packages are available from the project website, and software vendors are already starting to update their applications.
Issue 231/2020
Buy this issue as a PDF
News
-
Thanks to Linux, Google and Valve are Bringing Steam to Chromebooks
In yet another win for desktop Linux, Google and Steam are about to up the Chromebook gaming field.
-
Kubuntu Focus Laptop Now Ready for Preorder
If you’ve ever wanted a KDE-specific, Linux-powered laptop, now’s your chance.
-
Dell Adds a Much-Requested Feature to the New XPS Developer Edition Laptop
Linux users are in for a treat when Dell releases the next iteration of the Ubuntu-powered XPS Developer Edition laptop.
-
Bonsai Promises to Make Syncing Gnome Devices Easier
Red Hat developer, Christian Hergert has been working on a GNOME desktop syncing project with lots of promise.
-
Elementary OS 5.1 Has Arrived
One of the most highly regarded Linux desktop distributions has released its next iteration.
-
Linux Mint 19.3 Will be Released by Christmas
The developers behind Linux Mint have announced 19.3 will be released by Christmas 2019.
-
Linux Kernel 5.4 Released
A number of new changes and improvements have reached the Linux kernel.
-
System76 To Design And Build Laptops In-House
In-house designed and built laptops coming from System76.
-
News and views on the GPU revolution in HPC and Big Data:
-
The PinePhone Pre-Order has Arrived
Anyone looking to finally get their hands on an early release of the PinePhone can do so as of November 15.