Mandriva Linux Security Advisory : flac (MDVSA-2014:239)
High Nessus Plugin ID 79984
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionUpdated flac packages fix security vulnerabilities :
In libFLAC before 1.3.1, a stack overflow (CVE-2014-8962) and a heap overflow (CVE-2014-9028), which may result in arbitrary code execution, can be triggered by passing a maliciously crafted .flac file to the libFLAC decoder.
SolutionUpdate the affected packages.