[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] CVE request: libsndfile 1.0.25 heap overflow
From:       Martin Prpic <mprpic () redhat ! com>
Date:       2015-11-03 12:36:45
Message-ID: 87y4ef9s4i.fsf () redhat ! com
[Download RAW message or body]

Hi,

Has a CVE been assigned to this flaw yet?

http://www.nemux.org/2015/10/13/libsndfile-1-0-25-heap-overflow/
https://packetstormsecurity.com/files/133926/libsndfile-1.0.25-Heap-Overflow.html

The blog post mentions MITRE was notified but I don't see a CVE anywhere
for this issue.

I also don't see a patch for this issue (or an upstream bug). Any pointers
there would be greatly appreciated. Thanks!

--
Martin Prpič / Red Hat Product Security
[prev in list] [next in list] [prev in thread] [next in thread]