Bug#887640: SIGSEGVs in libcdio: double free or corruption

Hi - Both of these issues were addressed in libcdio 2.0.0 and that is the way I would recommend fixing. The reason we went from 1.1 to 2.x was because it was pointed out that it would better follow the guidelines of semantic version since one of the API was changed in an incompatible way. So 1.x s

Bug#891638: libcdio: CVE-2017-18201: double free inget_cdtext_generic() in lib/driver/_cdio_generic.c.

In https://security-tracker.debian.org/tracker/CVE-2017-18201 it claims 0.83 is vulnerable, but I don't believe that this the case. I think that bug was introduced in version 0.92. There was a major change in 0.90 as to how CD-TEXT was handle (and in 0.90 there was memory that was not freed rathe