On Wed, Jan 11, 2017 at 09:14:52PM +0100, Hugo Lefeuvre wrote:
> > > I've had a look at the new CVEs reported for libav. I managed to
> > > reproduce CVE-2016-98{21,22} (avconv crashes with segfault), but
> > > cherry picking the fix[0,1,2] for these issues doesn't seem to fix
> > > the problem.
> >
> > It would help me to know which problem is CVE 21 and which is 22 so
> > that I can mark the fixing commits correctly in Git.
>
> See https://marc.info/?l=oss-security&m=148090747301705&w=2
>
> By the way, what about the patches I submitted here[0] ?
> [0] https://lists.debian.org/debian-lts/2016/12/msg00058.htmlUnfortunately it is hard or impossible to evaluate those patches since they have been created for/with secret samples... Diego
signature.asc
Description: Digital signature
