Kevin Backhouse discovered an out-of-bounds array access in Libcue, a library for parsing CD metadata, which could result in the execution of arbitrary code. For the oldstable distribution (bullseye), this problem has been fixed in version 2.2.1-3+deb11u1. For the stable distribution (bookworm), this problem has been fixed in version 2.2.1-4+deb12u1. We recommend that you upgrade your libcue packages. For the detailed security status of libcue please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libcue
Kevin Backhouse discovered an out-of-bounds array access in Libcue, a library for parsing CD metadata, which could result in the execution of arbitrary code.
For the oldstable distribution (bullseye), this problem has been fixed in version 2.2.1-3+deb11u1.
For the stable distribution (bookworm), this problem has been fixed in version 2.2.1-4+deb12u1.
We recommend that you upgrade your libcue packages.
For the detailed security status of libcue please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libcue