oss-sec mailing list archives
Re: [oCERT 2008-02] libfishsound insufficient boundary
From: Andrea Barisani <lcars () ocert org>
Date: Mon, 7 Apr 2008 13:01:59 +0000
Hi, it turned out that Speex shares the same code that affects libfishsound, so versions <= 1.1.12 are vulnerable. Speex 1.2beta contains the fix. The advisory at http://www.ocert.org/advisories/ocert-2008-2.html has been updated. Cheers! -- Andrea Barisani | Founder & Project Coordinator oCERT | Open Source Computer Emergency Response Team <lcars () ocert org> http://www.ocert.org 0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E "Pluralitas non est ponenda sine necessitate"
Current thread:
- Re: [oCERT 2008-02] libfishsound insufficient boundary Andrea Barisani (Apr 07)