Date: Tue, 3 Nov 2015 13:47:36 +0100 From: Hanno Böck <hanno@...eck.de> To: oss-security@...ts.openwall.com Subject: Re: CVE request: libsndfile 1.0.25 heap overflow On Tue, 03 Nov 2015 13:36:45 +0100 Martin Prpic <mprpic@...hat.com> wrote: > I also don't see a patch for this issue (or an upstream bug). Any > pointers there would be greatly appreciated. Thanks! Unrelated, but I recently reported an out of bounds triggered by the test suite of libsndfile and got no reply: http://permalink.gmane.org/gmane.comp.audio.libsndfile.devel/681 Seems like a dead / unmaintaned upstream project... -- Hanno Böck http://hboeck.de/ mail/jabber: hanno@...eck.de GPG: BBB51E42 Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.