Sami Liedes wrote:

> I have discovered six different SIGFPE crashes with crafted input
> files in libsndfile. Triggering input files are attached.

Seems the debian bug tracker filtered them out. Can you please  send
them directly to me?

> I don't know what the security impact is, but since I assume
> libsndfile is used by lots of applications for data obtained from
> untrusted sources, I thought I'd tag this security. In any case it
> should be at most denial of service. Untag if you think it's not
> securitywise important.

Denial of service but not much else.

Erik
-- 
----------------------------------------------------------------------
Erik de Castro Lopo
http://www.mega-nerd.com/



-- 
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Reply via email to