oss-sec mailing list archives
CVE request: opus codec before 1.0.2
From: Hanno Böck <hanno () hboeck de>
Date: Tue, 11 Dec 2012 13:32:25 +0100
http://lists.xiph.org/pipermail/opus/2012-December/001846.html sounds like a low-severity security issue: "Opus 1.0.2 fixes an out-of-bounds read that could be triggered by a malicious Opus packet by causing an integer wrap-around in the padding code. Considering that the packet would have to be at least 16 MB in size and that no out-of-bounds write is possible, the severity is very low." Fixed in opus 1.0.2. -- Hanno Böck mail/jabber: hanno () hboeck de GPG: BBB51E42 http://www.hboeck.de/
Attachment:
signature.asc
Description:
Current thread:
- CVE request: opus codec before 1.0.2 Hanno Böck (Dec 11)
- Re: CVE request: opus codec before 1.0.2 Kurt Seifried (Dec 11)
- Re: CVE request: opus codec before 1.0.2 Hanno Böck (Dec 13)
- Re: CVE request: opus codec before 1.0.2 Kurt Seifried (Dec 13)
- Re: CVE request: opus codec before 1.0.2 Hanno Böck (Dec 13)
- Re: CVE request: opus codec before 1.0.2 Kurt Seifried (Dec 11)