On Wed, Aug 09, 2017 at 12:42:12PM +0200, Dr. Tobias Quathamer wrote:
> Dear security team,
> I've just seen <https://bugs.debian.org/871511>.
> I have now inspected the code of the embedded copy of taglib in my
> package silverjuke. From what I can tell, the embedded copy does not
> contain the vulnerability.
> The code in question is not included in silverjuke, because the embedded
> copy is older than the version of taglib which introduced the vulnerability.

Ok thanks a lot for your analysis. We will update the tracker


  • CVE-2017-12678 Dr. Tobias Quathamer
    • Re: CVE-2017-12678 Salvatore Bonaccorso

Reply via email to