CVE-2017-15267by Jeremyin Security Bulletinson Posted on October 11, 2017 In GNU Libextractor 1.4, there is a NULL Pointer Dereference in flac_metadata in flac_extractor.c.