PDA

View Full Version : libflac vulnerabilities - Squeebox products affected?



skate
2014-12-07, 10:46
The libflac changelog (https://www.xiph.org/flac/changelog.html) mentions several security vulnerabilities were recently fixed in FLAC 1.3.1 (25-Nov-2014):

Fix CVE-2014-9028 (heap write overflow) and CVE-2014-8962 (heap read overflow)

Are Squeezebox products in any way affected by this, and if so, is there a patch?