Multiple Vulnerabilities In FLAC


They found 14 vulnerabilities in the processing of FLAC.

See http://research.eeye.com/html/advisories/published/AD20071115.html
ikarus
Does any of this mean anything to it's ability to perform lossless compression, though? Take a WAV, convert it to FLAC, convert it back to WAV, convert it back to FLAC, repeat 100 times and compare the last WAV with the original with software specifically designed for comparing WAVs. It's going to be identical to the original WAV. What are the actual problems associated with the "vulnerabilities." I don't understand a lot of the mumbo jumbo written in the article and am doubtful that any of it means anything to the audiophile. Does anybody here understand the article who can put it simply?
Isn't the article about security, not fidelity. Who is going to bother trying to hack FLAC files? Hackers go after the big users like Microsoft programs and maybe Itunes.
the risk is if you aren't locally processing your collection from CD's to FLAC.

The risk is if you download FLAC files off the internet they could be loaded with an extra virus payload.

So in otherwords it is not relevant to people on this forum, except to update to the newer libFLAC version 1.2.1 which will help with some of these...

Thanks Ikarus for posting that detailed link!
Thanks for the clarification, guys!
I agree that most people aren't going to bother hacking FLAC files. Anyone willing to deal with the bandwidth associated with such large files aren't doing it for the sake of distributing viruses, but for the sake of distributing high quality music!