oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE id request: faad2

From: Josh Bressers <bressers () redhat com>
Date: Fri, 26 Sep 2008 08:49:55 -0400 (EDT)

----- "Steffen Joeris" <steffen.joeris () skolelinux de> wrote:

Hi

There is a heap overflow in faad2.
Upstream announcement:
http://www.audiocoding.com/

Gentoo Bugreport:
http://bugs.gentoo.org/show_bug.cgi?id=238445

Debian Bugreport:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=499899

Upstream patch:
http://www.audiocoding.com/patch/main_overflow.diff

Could I please get a CVE id for this?



This has already been assigned CVE-2008-4201
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4201

It's not live on the MITRE site yet though.

-- 
    JB
Previous By Date Next
Previous By Thread Next

Current thread: