Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 03 Nov 2015 13:36:45 +0100
From: Martin Prpic <mprpic@...hat.com>
To: "OSS Security Mailinglist" <oss-security@...ts.openwall.com>
Subject: CVE request: libsndfile 1.0.25 heap overflow

Hi,

Has a CVE been assigned to this flaw yet?

http://www.nemux.org/2015/10/13/libsndfile-1-0-25-heap-overflow/
https://packetstormsecurity.com/files/133926/libsndfile-1.0.25-Heap-Overflow.html

The blog post mentions MITRE was notified but I don't see a CVE anywhere
for this issue.

I also don't see a patch for this issue (or an upstream bug). Any pointers
there would be greatly appreciated. Thanks!

--
Martin Prpič / Red Hat Product Security

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ