Hi! On Wed, Aug 09, 2017 at 12:42:12PM +0200, Dr. Tobias Quathamer wrote: > Dear security team, > > I've just seen <https://bugs.debian.org/871511>. > > I have now inspected the code of the embedded copy of taglib in my > package silverjuke. From what I can tell, the embedded copy does not > contain the vulnerability. > > The code in question is not included in silverjuke, because the embedded > copy is older than the version of taglib which introduced the vulnerability.
Ok thanks a lot for your analysis. We will update the tracker information! Regards, Salvatore