Re: CVE-2017-12678
Hi!
On Wed, Aug 09, 2017 at 12:42:12PM +0200, Dr. Tobias Quathamer wrote:
> Dear security team,
>
> I've just seen <https://bugs.debian.org/871511>.
>
> I have now inspected the code of the embedded copy of taglib in my
> package silverjuke. From what I can tell, the embedded copy does not
> contain the vulnerability.
>
> The code in question is not included in silverjuke, because the embedded
> copy is older than the version of taglib which introduced the vulnerability.
Ok thanks a lot for your analysis. We will update the tracker
information!
Regards,
Salvatore
Reply to: