Hi Brian,
my two cents
> - CVE-2019-1010315: divide by zero
This can only be used to trigger DoS, I don't think it is relevant in the
case of wavpack. I would triage it no-dsa.
> - CVE-2019-1010317: use of uninitialized memory.
> - CVE-2019-1010319: use of uninitialized memory.
>
> All three i
Hi,
On 22/07/19 1:13 pm, Brian May wrote:
> I am a bit unclear when we should be some issues, and when we should be
> marking them as no-DSA (or similar).
>
> For example, webpack was three issues:
>
> - CVE-2019-1010315: divide by zero
> - CVE-2019-1010317: use of uninitialized memory.
> - CVE-
