Date: Wed, 21 Jan 2015 13:50:46 +0100 From: Martin Prpic <mprpic@...hat.com> To: oss-security@...ts.openwall.com Subject: CVE request: two issues in vorbis-tools Hi, Two issues were reported in vorbis-tools on Full Disclosure: http://seclists.org/fulldisclosure/2015/Jan/78 Issues in question: https://trac.xiph.org/ticket/2137 -- a divide-by-zero issue leading to a crash https://trac.xiph.org/ticket/2136 -- an integer overflow leading to an out-of-bounds memory read Thank you! -- Martin Prpič / Red Hat Product Security
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ