CVE-2023-47466:
TagLib before 2.0 allows a segmentation violation and application crash during tag writing via a crafted WAV file in which an id3 chunk is the only valid chunk.
CVE-2023-47466:
TagLib before 2.0 allows a segmentation violation and application crash during tag writing via a crafted WAV file in which an id3 chunk is the only valid chunk.
Depends on packages which need a new maintainer
normal
The packages that taglib depends on which need a new maintainer are:
Among the 1 debian patch
available in version 2.0.2-2 of the package,
we noticed the following issues:
1 patch
where the metadata indicates that the patch has not yet been forwarded
upstream. You should either forward the patch upstream or update the
metadata to document its real status.