Bug#838960: denial of service with crafted id3v2 tags in all mpg123 versions since 0.60

Thomas Orgis thomas-forum at orgis.org
Wed Oct 5 21:34:02 UTC 2016

Am Wed, 5 Oct 2016 21:34:49 +0200
schrieb Salvatore Bonaccorso <carnil at debian.org>: 

> Any news from the DWF project on the assigned CVE?

Nothing. I got the initial request to accept the MITRE Terms of Use for
CVE from the person handling my case (I assume). I replied to the mail
at 2016-09-30. Nothing came back. I don't know what is the usual
duration here. Maybe my reply got dropped as it was sent from the
account behind maintainer at mpg123.org, wich is only a forwarder.

Dunno how to proceed.

Alrighty then,

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: Digitale Signatur von OpenPGP
URL: <http://lists.alioth.debian.org/pipermail/pkg-multimedia-maintainers/attachments/20161005/ce256ed6/attachment.sig>

More information about the pkg-multimedia-maintainers mailing list