Security Issue with FLAC Audio Codec
Loss free audio codecs are gaining in popularity with device manufacturers; right now, a vulnerability in the Free Lossless Audio Codec (FLAC) spoils users listening pleasure.
Security researchers with iDefense have identified vulnerabilities that could cause heap-based overflows in several of the Flac codec’s components. To exploit the security holes an attacker would need to send a carefully crafted audio file to the user. If successful, the attacker would be able to execute arbitrary code and thus compromise the machine.
The bug, which is rated as moderately critical by security reviewers Secunia, affects all systems and applications that use the free codec. An update for Flac to version 1.2.1 resolves the issue. Binaries and source code packages are available from the project website, and software vendors are already starting to update their applications.
Issue 236/2020
Buy this issue as a PDF
News
-
Lenovo Upping Their Linux Support
Lenovo is now offering full certification and Linux preinstalled hardware.
-
LPI Launches FOSSlife Website
Linux Professional Institute launches FOSSlife, a website for the FOSS community.
-
Tuxedo Computers Joins the Ryzen Bandwagon
Tuxedo Computers has released the Tuxedo Boot BA15 with an AMD Ryzen 3500 CPU.
-
Linux Apps on Windows Is Coming
Linux GUI apps will be coming to Windows Subsystem for Linux.
-
Linux Usage Is on the Rise
According to NetMarketShare, Linux saw a significant bump in usage during April.
-
Lenovo is Jumping on the Linux Laptop Bandwagon
PC and laptop maker Lenovo is set to release ThinkPad laptops pre-installed with Fedora Linux.
-
A New Linux Laptop Is in the Making
Manjaro Linux and TUXEDO computers have joined forces to develop the InfinityBook Manjaro.
-
Ubuntu 20.04 Has Been Released
The latest iteration of the user-friendly Linux distribution is now available.
-
Nextcloud Partners with IONOS
Nextcloud has partnered with Germany’s largest cloud provider, IONOS, to provide a safe haven for your data within the cloud.
-
Linux to Get High Resolution Wheel Scrolling
Work on high resolution wheel scrolling for the Linux desktop is being completed.