On Tue, Jan 20, 2015 at 09:47:26PM +0100, Yves-Alexis Perez wrote:
> * The potential invalid writes in modules/services_discovery/sap.c and
> modules/access/ftp.c were not fixed as I did not provide a
> trigger. Note, that the code looks very similar to the confirmed bug
> in rtp_packetize_xiph_config, and so I leave it to you to decide
> whether you want to patch this.
These have been assigned CVE-2015-1202 and CVE-2015-1203, could you contact
upstream for the status of an upstream fix?
Cheers,
Moritz
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
