Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2019:1797-1

Опубликовано: 23 июл. 2019
Источник: suse-cvrf

Описание

Security update for live555

This update for live555 fixes the following issues:

  • CVE-2019-9215: Malformed headers could have lead to invalid memory access in the parseAuthorizationHeader function. (boo#1127341)

  • CVE-2019-7314: Mishandled termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up could have lead to a Use-After-Free error causing the RTSP server to crash or possibly have unspecified other impact. (boo#1124159)

  • Update to version 2019.06.28,

  • Convert to dynamic libraries (boo#1121995):

    • Use make ilinux-with-shared-libraries: build the dynamic libs instead of the static one.
    • Use make install instead of a manual file copy script: this also reveals that we missed quite a bit of code to be installed before.
    • Split out shared library packages according the SLPP.

  • Use FAT LTO objects in order to provide proper static library.

Список пакетов

SUSE Package Hub 15
libBasicUsageEnvironment1-2019.06.28-bp150.12.1
libUsageEnvironment3-2019.06.28-bp150.12.1
libgroupsock8-2019.06.28-bp150.12.1
libliveMedia66-2019.06.28-bp150.12.1
live555-2019.06.28-bp150.12.1
live555-devel-2019.06.28-bp150.12.1
openSUSE Leap 15.0
libBasicUsageEnvironment1-2019.06.28-bp150.12.1
libUsageEnvironment3-2019.06.28-bp150.12.1
libgroupsock8-2019.06.28-bp150.12.1
libliveMedia66-2019.06.28-bp150.12.1
live555-2019.06.28-bp150.12.1
live555-devel-2019.06.28-bp150.12.1
openSUSE Leap 15.1
libBasicUsageEnvironment1-2019.06.28-bp150.12.1
libUsageEnvironment3-2019.06.28-bp150.12.1
libgroupsock8-2019.06.28-bp150.12.1
libliveMedia66-2019.06.28-bp150.12.1
live555-2019.06.28-bp150.12.1
live555-devel-2019.06.28-bp150.12.1

Ссылки

Описание

liblivemedia in Live555 before 2019.02.03 mishandles the termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up, which could lead to a Use-After-Free error that causes the RTSP server to crash (Segmentation fault) or possibly have unspecified other impact.

Затронутые продукты
SUSE Package Hub 15:libBasicUsageEnvironment1-2019.06.28-bp150.12.1
SUSE Package Hub 15:libUsageEnvironment3-2019.06.28-bp150.12.1
SUSE Package Hub 15:libgroupsock8-2019.06.28-bp150.12.1
SUSE Package Hub 15:libliveMedia66-2019.06.28-bp150.12.1
Ссылки

Описание

In Live555 before 2019.02.27, malformed headers lead to invalid memory access in the parseAuthorizationHeader function.

Затронутые продукты
SUSE Package Hub 15:libBasicUsageEnvironment1-2019.06.28-bp150.12.1
SUSE Package Hub 15:libUsageEnvironment3-2019.06.28-bp150.12.1
SUSE Package Hub 15:libgroupsock8-2019.06.28-bp150.12.1
SUSE Package Hub 15:libliveMedia66-2019.06.28-bp150.12.1
Ссылки
Уязвимость openSUSE-SU-2019:1797-1