Ubuntu
libusrsctp package

  1. Bug #2015448
  2. Comment #8

Comment 8 for bug 2015448

Revision history for this message
Seth Arnold (seth-arnold) wrote : Re: libusrsctp (0.9.3.0+20190901-1) vulnerabilty

Hello Alexandre, thanks for trying to address this issue.

This debdiff looks broken, however. 1.2 megabytes is way too large for us to review, and there's loads of lines like this in the output:

Binary files /tmp/YQmq31NfW8/libusrsctp-0.9.3.0+20190901/fuzzer/CORPUS_CONNECT/addip-000000 and /tmp/ew3w5N9rtN/libusrsctp-0.9.3.0+20201102/fuzzer/CORPUS_CONNECT/addip-000000 differ

The debdiff ought to be only a little bit larger than whatever the specific security fix is.

Thanks