Tweet
FLAC 1.2.1 security release missing
FLAC 1.2.1 was released in September of last year. It has security fixes against buffer overflow attacks, ie. it fixes some security vulnerabilities. See:
http://flac.sourceforge.net/changelog.html#flac_1_2_1
The latest FLAC release in the CODEC central is 1.2.0, which is insecure (and old).
Could there please be a new release of FLAC on CODEC central very soon? It's high time.
(I know that the buffer overflows will not be remotely exploitable, as I'm not running a network service/server using them. But still, on general principle, it's not the right thing to have old software installed with known vulnerabilities. It doesn't feel right.)
TIA,
SSD
http://flac.sourceforge.net/changelog.html#flac_1_2_1
The latest FLAC release in the CODEC central is 1.2.0, which is insecure (and old).
Could there please be a new release of FLAC on CODEC central very soon? It's high time.
(I know that the buffer overflows will not be remotely exploitable, as I'm not running a network service/server using them. But still, on general principle, it's not the right thing to have old software installed with known vulnerabilities. It doesn't feel right.)
TIA,
SSD
Comment