Source: lame Version: 3.99.5+repack1-7 Severity: important Tags: security upstream Forwarded: https://sourceforge.net/p/lame/bugs/460/
Hi, the following vulnerability was published for lame. CVE-2017-11720[0]: | There is a division-by-zero vulnerability in LAME 3.99.5, caused by a | malformed input file. This should be/is almost surely a the same as reported in [2]. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2017-11720 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11720 [1] https://sourceforge.net/p/lame/bugs/460/ [2] https://blogs.gentoo.org/ago/2017/06/17/lame-divide-by-zero-in-parse_wave_header-get_audio-c/ Regards, Salvatore
