bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a heap-based buffer overflow (with a resultant invalid free) and crash when processing a malformed CUE (.cue) file.Referenceshttps://github.com/hessu/bchunk/issues/1https://lists.debian.org/debian-lts-announce/2017/11/msg00001.htmlhttps://www.debian.org/security/2017/dsa-4026https://github.com/extramaster/bchunk/issues/3
