GNU bug report logs - #49817
[PATCH] gnu: libsndfile: Update to 1.1.0beta1 [fixes CVE-2021-3246].

Previous Next

Package: guix-patches;

Reported by: Leo Famulari <leo <at> famulari.name>

Date: Sun, 1 Aug 2021 22:33:01 UTC

Severity: normal

Tags: patch, security

Done: Andreas Enge <andreas <at> enge.fr>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Felix Lechner <felix.lechner <at> lease-up.com>
To: Andreas Enge <andreas <at> enge.fr>
Cc: guix-devel <at> gnu.org, 49817 <at> debbugs.gnu.org, Leo Famulari <leo <at> famulari.name>
Subject: [bug#49817] [core-updates] It would be nice to fix libsndfile CVE-2021-3246 (arbitrary code execution via crafted WAV file)
Date: Wed, 5 Apr 2023 09:19:43 -0700

Hi everyone,

On Wed, Apr 5, 2023 at 1:46 AM Andreas Enge <andreas <at> enge.fr> wrote:
>
> I would suggest to keep the bug
> open until it is merged to master.

Do we have a hook that closes such bugs automatically via instructions
in commit messages?

If not, I'd be happy to look into writing such a thing. It would also
help to tie commits to bug reports, which can be good for research
after the fact.

Kind regards,
Felix

This bug report was last modified 2 years and 24 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #49817 [PATCH] gnu: libsndfile: Update to 1.1.0beta1 [fixes CVE-2021-3246].

GNU bug report logs - #49817
[PATCH] gnu: libsndfile: Update to 1.1.0beta1 [fixes CVE-2021-3246].