Date: Tue, 3 Nov 2015 13:47:36 +0100 From: Hanno Böck <hanno@...eck.de> To: oss-security@...ts.openwall.com Subject: Re: CVE request: libsndfile 1.0.25 heap overflow On Tue, 03 Nov 2015 13:36:45 +0100 Martin Prpic <mprpic@...hat.com> wrote: > I also don't see a patch for this issue (or an upstream bug). Any > pointers there would be greatly appreciated. Thanks! Unrelated, but I recently reported an out of bounds triggered by the test suite of libsndfile and got no reply: http://permalink.gmane.org/gmane.comp.audio.libsndfile.devel/681 Seems like a dead / unmaintaned upstream project... -- Hanno Böck http://hboeck.de/ mail/jabber: hanno@...eck.de GPG: BBB51E42 Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ