[vlc-devel] [PACKAGERS] libmodplug is teh suxxor
Laurent Aimar
fenrir at elivagar.org
Sat May 7 17:29:14 CEST 2011
Hi,
On Sat, May 07, 2011 at 05:36:00PM +0300, Rémi Denis-Courmont wrote:
> Hello,
>
> As foretold by Nico Golde a month ago (
> http://mailman.videolan.org/pipermail/vlc-devel/2011-April/079653.html ),
> another security bug has been found in libmodplug:
> http://www.exploit-db.com/exploits/17222/
> Upstream has yet to provide a fix for this. And if I trust other code
> reviewer, this may only be the beginning of a cat & mouse game.
FYI, I have already provided libmodplug maintainer with a lot of patches fixing
security issues. They should probably merged soon (some have already been merged).
--
fenrir
More information about the vlc-devel
mailing list