It was reported [1] that a specially crafted ape media file with the sampleRate set to "0" could lead to an application crash due to a division by zero error. This has been fixed in upstream git [2]. The relevant code is not present in taglib 1.6.1 or earlier, so this flaw only affects taglib as shipped with Fedora. [1] http://mail.kde.org/pipermail/taglib-devel/2012-March/002186.html [2] https://github.com/taglib/taglib/commit/77d61c6eca4d08b9b025738acf6b926cc750db23 Statement: Not vulnerable. This issue did not affect the versions of taglib as shipped with Red Hat Enterprise Linux 6.
Created taglib tracking bugs for this issue Affects: fedora-all [bug 800564]
taglib-1.7.1-1.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report.
taglib-1.7.1-1.fc15 has been pushed to the Fedora 15 stable repository. If problems still persist, please make note of it in this bug report.
taglib-1.7.1-1.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report.