Date: Sat, 3 Jan 2015 19:08:52 -0500 (EST) From: cve-assign@...re.org To: Yury German <yury@...hnologysecure.com> cc: oss-security@...ts.openwall.com, cve-assign@...re.org Subject: Re: mpg123 CVE Assignment? > Did a CVE ever get assigned to mpg123 (Version 1.18.0) > (http://mpg123.org/cgi-bin/news.cgi > <http://mpg123.org/cgi-bin/news.cgi>). I have searched but can not find > any, it is a regression bug, but I could not find any assigned to the > original bug as well. > > http://sourceforge.net/p/mpg123/bugs/201/ > > If none are assigned can we get one assigned? > > === Text from Site === > 2014-01-31 Thomas: mpg123 1.18.0 fixing regressions from 1.14.x > Regression fix: Ensure decoder reinitialization on combination of seek and resync (buffer overflow bug 201, introduced in 1.14.1). Use CVE-2014-9497. --- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ]
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ