[Buildroot] [PATCH 2/2] package/taglib: fix CVE-2018-11439

Peter Korsgaard peter at korsgaard.com
Sun Mar 15 09:22:52 UTC 2020


>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:

 > The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib
 > 1.11.1 allows remote attackers to cause information disclosure
 > (heap-based buffer over-read) via a crafted audio file.

 > Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>

Committed to 2019.02.x and 2019.11.x, thanks.

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list