oss-sec mailing list archives

CVE request: libsndfile 1.0.25 heap overflow

From: Martin Prpic <mprpic () redhat com>
Date: Tue, 03 Nov 2015 13:36:45 +0100

Hi,

Has a CVE been assigned to this flaw yet?

http://www.nemux.org/2015/10/13/libsndfile-1-0-25-heap-overflow/
https://packetstormsecurity.com/files/133926/libsndfile-1.0.25-Heap-Overflow.html

The blog post mentions MITRE was notified but I don't see a CVE anywhere
for this issue.

I also don't see a patch for this issue (or an upstream bug). Any pointers
there would be greatly appreciated. Thanks!

--
Martin Prpič / Red Hat Product Security

Current thread:

CVE request: libsndfile 1.0.25 heap overflow Martin Prpic (Nov 03)
- Re: CVE request: libsndfile 1.0.25 heap overflow Hanno Böck (Nov 03)
  - Re: CVE request: libsndfile 1.0.25 heap overflow cve-assign (Nov 03)
    - Re: Re: CVE request: libsndfile 1.0.25 heap overflow gauri (Nov 05)
- Re: CVE request: libsndfile 1.0.25 heap overflow cve-assign (Nov 03)