CVE-2008-2009 as candidate for spu/ospu
Michael S. Gilbert
michael.s.gilbert at gmail.com
Mon May 4 19:38:32 UTC 2009
CVE-2008-2009 looks like a good candidate for an spu/ospu. Patches were
added to the unstable packages to harden against attacks similar to
this. It would be useful to have these patches in the stable releases to
provide added protection for users. See bug report [1] and mailing list
discussion [2].
Please coordinate with the release and security teams if you plan to
work on this.
[1] http://bugs.debian.org/482039
[2]
http://lists.alioth.debian.org/pipermail/pkg-xiph-maint/2009-April/001511.html
More information about the pkg-xiph-maint
mailing list