The remote host is affected by the vulnerability described in GLSA-200711-15
(FLAC: Buffer overflow)
Sean de Regge reported multiple integer overflows when processing FLAC
media files that could lead to improper memory allocations resulting in
heap-based buffer overflows.
Impact
A remote attacker could entice a user to open a specially crafted FLAC
file or network stream with an application using FLAC. This might lead
to the execution of arbitrary code with privileges of the user playing
the file.
Solution:
All FLAC users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-libs/flac-1.2.1-r1"
You should also run revdep-rebuild to rebuild any packages that depend
on older versions of FLAC:
# revdep-rebuild --library=libFLAC.*
