[vlc-devel] CVE-2019-13602 Heap Based Buffer Overflow Vulnerability
tmatth at videolan.org
Tue Jul 16 22:03:33 CEST 2019
On Tue, Jul 16, 2019 at 3:50 PM Thomas Guillem <thomas at gllm.fr> wrote:
> On Tue, Jul 16, 2019, at 18:23, Rémi Denis-Courmont wrote:
> > Le tiistaina 16. heinäkuuta 2019, 10.35.12 EEST Francois Cartegnie a écrit :
> > > https://www.securityfocus.com/bid/109158/references
> > >
> > > So now we create a new CVE for the out of bound access introduced by the
> > > CVE fix ?
> > You had several weeks to fix this bug better, also plenty of time to comment
> > before it was backported (unlike a recent certain commit from a certain
> > somebody), and you still have time to fix it before it gets released.
> Who is this certain guy ? Which certain commit ?
> I don't understand this mail thread, and indirect references don't help me.
+1, I'm all for airing grievances but without citations it's really
hard to tell who has a problem with what.
More information about the vlc-devel