Arch Linux

Please read this before reporting a bug:

Do NOT report bugs when a package is just outdated, or it is in Unsupported. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!

FS#55889 - [lame] [Security] denial of service (CVE-2017-15018)

Attached to Project: Arch Linux
Opened by Santiago Torres (sangy) - Friday, 06 October 2017, 17:05 GMT
Last edited by Antonio Rojas (arojas) - Friday, 06 October 2017, 22:23 GMT
Task Type Bug Report
Category Security
Status Closed
Assigned To No-one
Architecture All
Severity Medium
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No



The package lame is vulnerable to denial of service via CVE-2017-15018.


It seems that a fix for this issue will take a little bit to be tagged. For your convenience, backporting the following patch would mitigate the issue

This task depends upon

Closed by  Antonio Rojas (arojas)
Friday, 06 October 2017, 22:23 GMT
Reason for closing:  Fixed
Additional comments about closing:  lame 3.99.5-4