Details at $URL.
@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
CVE ID: CVE-2017-5665
Summary: The splt_cue_export_to_file function in cue.c in libmp3splt 0.9.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.
> Hi, unfortunately I fail to reproduce the crash as the reproducer file
> is not accepted as input by mp3splt [...]
no news from upstream for over a year, should we consider this as invalid?