关键信息 USN-2426-1: FLAC vulnerabilities Publication date: 27 November 2014 Overview: FLAC could be made to crash or run programs as your login if it opened a specially crafted file. Releases: 14.10, 14.04 LTS, 12.04, 10.04 Details: Michele Spagnuolo discovered that FLAC incorrectly handled certain malformed audio files. An attacker could use this issue to cause FLAC to crash, resulting in a denial of service, or possibly execute arbitrary code. Update instructions: In general, a standard system update will make all the necessary changes. Learn more about how to get the fixes. Package versions for correction: References: - CVE-2014-9028 - CVE-2014-8962