Skip to content
Opus release 1.1.4

This release fixes a single bug. A specially-crafted Opus packet could cause
an integer wrap-around in the SILK LSF stabilization code. This would cause
an out-of-bounds read 256 bytes before a constant table. In most circumstances,
the consequences are harmless and the result is simply noise in the audio.

This was reported as CVE-2017-0381. Contrary to that report, we do not believe
that any remote code execution is possible. However, we are making this release
as a precaution.