lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 23 Nov 2018 19:05:17 +0000
From: Moritz Muehlenhoff <jmm@...ian.org>
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 4343-1] liblivemedia security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4343-1                   security@...ian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
November 23, 2018                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : liblivemedia
CVE ID         : CVE-2018-4013

It was discovered that a buffer overflow in liveMedia, a set of C++
libraries for multimedia streaming could result in the execution of
arbitrary code when parsing a malformed RTSP stream.

For the stable distribution (stretch), this problem has been fixed in
version 2016.11.28-1+deb9u1.

We recommend that you upgrade your liblivemedia packages.

For the detailed security status of liblivemedia please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/liblivemedia

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlv4TgoACgkQEMKTtsN8
TjanPg/8Cj8emMoNrN0zELbGJWmtTfzGUCbkxPw4j19sKUyt553err/wmuOXRvle
qk2zDdnGSrTqJSKkwbEKg6qc1MiMczFrZaE/pQ4K5E4uw1T7WxJ6ntZOvPrX/KvD
IqUJmn3LPXnvq9/KqTiA5PyWDXxCMez3yVOsqjAYdwDlZTBj193Z+HXBCeOKzihv
iKuKqvBWj5stFcz+1zpMQDyHzyxbrnuxv//FNzH9rAmsF9VE/2nxWKRzqPLkrr2D
M8E0aEfeTRs4kx29EQEkpSYWDOV2pOrD9tJu44I8YSmZ9mtCMpVy6AkhYnomNnne
lRCi6pDL/2XrW2Y+ey75ktgcWmStsnI5TPWAe7LqDmITdZGoyLbqr7zGs8cfd97W
Xfm2zLojTTxC2aa5StKdJ5RMLjD6cM9jDgWWOSf6sdf3PGoRvJSaMpmbFm8zp5/Z
0pfP2+6XpT+wR9NPlnA92qLDfetAmc3MYvuHa6GMSzKgP2C7E84kOQnNyOUe1Px3
DEj14K6nT6fNAd/XHMrutv4CMnAmBapLZPFNcTHK+MfJFjNUuhgzQ8Gzm0a9W3c6
x/QTbkoPRkvlvwzXJuFt8fSJAjdBYO0QI4aZrGZsGGsqGbKuS2oMeV2ts4AI1kU1
vNrFeZsD4mhnJU1x68ICnII4p35+V3mEVfViQNI0oAiXPi4VicM=
=RZP5
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists