oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE Request: null ptr deref in lame v3.99.5

From: Moritz Muehlenhoff <jmm () debian org>
Date: Thu, 26 Feb 2015 19:16:53 +0100
On Thu, Feb 26, 2015 at 12:08:25PM -0600, Brian Carpenter wrote:

Bug reports:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777160
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777161

Fixed by Debian patch here:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775959

Tracker:
https://tracker.debian.org/news/672916

Issue appears to be fixed in the Debian repos and in the upstream source,
however, no upstream release has been made yet (3.99.5 is still available
for download on Sourceforge).


This has already been requested two weeks ago:
http://www.openwall.com/lists/oss-security/2015/02/12/8

Cheers,
        Moritz
Previous By Date Next
Previous By Thread Next

Current thread: