Dear security team,

I've just seen <>.

I have now inspected the code of the embedded copy of taglib in my
package silverjuke. From what I can tell, the embedded copy does not
contain the vulnerability.

The code in question is not included in silverjuke, because the embedded
copy is older than the version of taglib which introduced the vulnerability.

HTH, best regards,

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to