Tags: security patch upstream
the following vulnerability was published for taglib.
| In TagLib 1.11.1, the rebuildAggregateFrames function in
| id3v2framefactory.cpp has a pointer to cast vulnerability, which allows
| remote attackers to cause a denial of service or possibly have
| unspecified other impact via a crafted audio file.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
Please adjust the affected versions in the BTS as needed.
Secure-testing-team mailing list