On Mon, Mar 05, 2012 at 10:46:11PM +0100, Yves-Alexis Perez wrote: > Source: taglib > Severity: serious > > Hi, > > multiple vulnerabilities were found in taglib 1.7 (not sure about > Squeeze status). Two of theme were already allocated CVEs (CVE-2012-1107 > and CVE-2012-1108_ and two should have them allocated soon. > > More details can be found on the oss-sec thread at > http://www.openwall.com/lists/oss-security/2012/03/04/2 and in the > taglib mail at > http://mail.kde.org/pipermail/taglib-devel/2012-March/002186.html
One additional issue, CVE-2012-1584: Patch is here: https://github.com/taglib/taglib/commit/dcdf4fd954e3213c355746fa15b7480461972308 Cheers, Moritz -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
