Hide Forgot
Libass released a new 0.13.4 version which fixes multiple issues. CVE-2016-7971 remains unfixed for now. CVE-2016-7969 upstream patch: https://github.com/libass/libass/pull/240/commits/b72b283b936a600c730e00875d7d067bded3fc26 CVE-2016-7970 upstream patch: https://github.com/libass/libass/pull/240/commits/08e754612019ed84d1db0d1fc4f5798248decd75 CVE-2016-7972 upstream patch: https://github.com/libass/libass/pull/240/commits/aa54e0b59200a994d50a346b5d7ac818ebcf2d4b External References: https://github.com/libass/libass/releases/tag/0.13.4
Created libass tracking bugs for this issue: Affects: fedora-all [bug 1381961] Affects: epel-all [bug 1381962]
CVE-2016-7971 was rejected: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.