Scientific Linux Security Update : flac on SL5.x, SL4.x i386/x86_64
High Nessus Plugin ID 60271
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionA security flaw was found in the way flac processed audio data. An attacker could create a carefully crafted FLAC audio file in such a way that it could cause an application linked with flac libraries to crash or execute arbitrary code when it was opened. (CVE-2007-4619)
This update actually went out yesterday. We apologize for getting this e-mail out late.
SolutionUpdate the affected flac, flac-devel and / or xmms-flac packages.