On Sun, Jan 25, 2015 at 06:35:14PM +0100, Martin Steghöfer wrote:
> retitle 776086 CVE-2014-9638 CVE-2014-9639
> thanks
>
>
> Dear Salvatore,
>
> thank you for reporting this!
>
>
> Salvatore Bonaccorso wrote:
> >CVE-2014-9638[0]:
> >Oggenc division by zero issue
>
> Confirmed with 1.4.0-6 as well as with the current git head. There
> doesn't seem to be a fix yet, so I am going to look into it.
>
> >CVE-2014-9639[1]:
> >Oggenc channel integer overflow
>
> Confirmed with 1.4.0-6 as well as with the current git head. There
> doesn't seem to be a fix yet, so I am going to look into it.
Did you contact upstream, are fixes available for these?
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
