On Tue, Aug 01, 2017 at 07:24:56PM +0200, Salvatore Bonaccorso wrote: > Source: libmad > Version: 0.15.1b-7 > Severity: important > Tags: security upstream > > Hi, > > the following vulnerability was published for libmad. > > CVE-2017-11552[0]: > | The mad_decoder_run function in decoder.c in libmad 0.15.1b allows > | remote attackers to cause a denial of service (memory corruption) via a > | crafted MP3 file. > > If you fix the vulnerability please also make sure to include the > CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
I guess you don't have any patch for this? Kurt
