Mandriva Linux Security Advisory - An array index vulnerability found in the FLAC audio demuxer might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow. Although originally an MPlayer issue, it also affects xine-lib due to code similarity. The previous update used a bad patch which made Amarok interface very unresponsive while playing FLAC files. This new update fixes the security issue with a better patch.
9bc0709c3e2253a5ac2e2ccc843d6ce054400307d2d10e372a45a5d2dd099f59