Hi Ola, > I guess it depends on how large the memory leak is and how often it would > occur. > A small memory leak is not a security problem. But if it occurs often > and/or it is a very large thing seldom then it could cause DoS and > then it is a security problem. > > I do not have the details to judge that.
I'll investigate further.
By the way, I've marked CVE-2016-9923 as no-dsa. It is a minor issue,
and the upstream patch implies a substantial amount of changes.
Cheers,
Hugo
--
Hugo Lefeuvre (hle) | www.owl.eu.com
4096/ ACB7 B67F 197F 9B32 1533 431C AC90 AC3E C524 065E
signature.asc
Description: PGP signature
