flac is vulnerable to information disclosure, An out-of-bounds read due to a heap-based buffer overflow in FLAC__bitreader_read_rice_signed_block
in bitreader.c
leads to remote information disclosure.
lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
lists.debian.org/debian-lts-announce/2021/01/msg00001.html
lists.fedoraproject.org/archives/list/[email protected]/message/33W6XZAAEJYRGU3XYHRO7XSYEA7YACUB/
lists.fedoraproject.org/archives/list/[email protected]/message/KNZYTAU5UWBVXVJ4VHDWPR66ZVDLQZRE/
lists.fedoraproject.org/archives/list/[email protected]/message/VPA5GAEKPXKAHGHHBI4X7AFNI4BMOVG3/
security-tracker.debian.org/tracker/CVE-2020-0499
source.android.com/security/bulletin/pixel/2020-12-01