A heap-based buffer over-read was found in the function decompileIF in
util/decompile.c in Ming 0.4.8, which allows attackers to cause a
denial of service via a crafted file.
Created ming tracking bugs for this issue:
Affects: fedora-all [bug 1476183]
This was actually fixed in 69985e2be596a36a106862d2b82a6d2703654b54, builds:
You didn't open a separate bug for each CVE ID, though.