[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: CVE-2017-11735 in mp3split / libvorbis

Hi Guido,

On Sat, Sep 30, 2017 at 08:17:50PM +0200, Guido Günther wrote:
> Security team, if the CVE is in mp3splt not libvorbis do we need to give
> back the CVE and request a new one? Is doing this via

If you think the CVE was wrongly assigned, can you please contact
MITRE (via the form method) please? Please give as much details as you
found out (e.g. the above fix in mp3split indicating it actually might
be an issue in mp3split using libvorbis wrongly).


Reply to: