[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FD] libao memory corruption vulnerability



On Mon, Jul 31, 2017 at 02:26:36PM +0800, qflb.wu wrote:
> libao memory corruption vulnerability
> 
> ./mpg321 libao_1.2.0_memory_corruption.mp3
>
> CVE-2017-11548

Did you also test this with the latest version of the library? Issues like
these might not be fixed by backporting in distros. Did you report this to the
upstream?

-- 
Henri Salo

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/