Date: Tue, 03 Nov 2015 13:36:45 +0100 From: Martin Prpic <mprpic@...hat.com> To: "OSS Security Mailinglist" <oss-security@...ts.openwall.com> Subject: CVE request: libsndfile 1.0.25 heap overflow Hi, Has a CVE been assigned to this flaw yet? http://www.nemux.org/2015/10/13/libsndfile-1-0-25-heap-overflow/ https://packetstormsecurity.com/files/133926/libsndfile-1.0.25-Heap-Overflow.html The blog post mentions MITRE was notified but I don't see a CVE anywhere for this issue. I also don't see a patch for this issue (or an upstream bug). Any pointers there would be greatly appreciated. Thanks! -- Martin Prpič / Red Hat Product Security
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ