-
-
Notifications
You must be signed in to change notification settings - Fork 457
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
global-buffer-overflow in read_coding_unit #432
Comments
Thank you. Fixed in the above commit. |
CVE-2023-49468 is apparently assigned for this issue. |
Hello. I am still getting a block pipeline because of this vulnerability: https://security-tracker.debian.org/tracker/CVE-2023-49468. |
@aiakubovich Can I interpret your comment such that you'd like to have a new release? |
@farindk, I am not familiar with how those fixes work. It seems like this issue has been resolved, but for some reason, it still appears as an unresolved vulnerability on debian.org. This issue is causing blocked deployment pipelines when I try to deploy the application because the container vulnerability scanner indicates that a vulnerability is detected. |
Ok, so you need a new release because these fixes are not in an official release yet. :-) |
Yes, please, a new release is needed. |
New release is waiting for packaging. |
Description
global-buffer-overflow
libde265/libde265/slice.cc:4493
inread_coding_unit(thread_context*, int, int, int, int)
Version
Replay
ASAN
POC
poc
Environment
Credit
Yuchuan Meng (Fudan University)
The text was updated successfully, but these errors were encountered: