Описание
Security update for live555
This update for live555 fixes the following issues:
Update to 2021.05.22:
- Lots of fixes and updates, including the security fix for CVE-2021-28899 (boo#1185874) and CVE-2019-15232 (boo#1146283). See the list in http://live555.com/liveMedia/public/changelog.txt
Список пакетов
openSUSE Leap 15.2
libBasicUsageEnvironment1-2021.05.22-lp152.3.6.1
libUsageEnvironment3-2021.05.22-lp152.3.6.1
libgroupsock30-2021.05.22-lp152.3.6.1
libliveMedia94-2021.05.22-lp152.3.6.1
live555-2021.05.22-lp152.3.6.1
live555-devel-2021.05.22-lp152.3.6.1
Ссылки
- E-Mail link for openSUSE-SU-2021:0915-1
- SUSE Security Ratings
- SUSE Bug 1146283
- SUSE Bug 1185874
- SUSE CVE CVE-2019-15232 page
- SUSE CVE CVE-2021-28899 page
Описание
Live555 before 2019.08.16 has a Use-After-Free because GenericMediaServer::createNewClientSessionWithId can generate the same client session ID in succession, which is mishandled by the MPEG1or2 and Matroska file demultiplexors.
Затронутые продукты
openSUSE Leap 15.2:libBasicUsageEnvironment1-2021.05.22-lp152.3.6.1
openSUSE Leap 15.2:libUsageEnvironment3-2021.05.22-lp152.3.6.1
openSUSE Leap 15.2:libgroupsock30-2021.05.22-lp152.3.6.1
openSUSE Leap 15.2:libliveMedia94-2021.05.22-lp152.3.6.1
Ссылки
- CVE-2019-15232
- SUSE Bug 1146283
Описание
Vulnerability in the AC3AudioFileServerMediaSubsession, ADTSAudioFileServerMediaSubsession, and AMRAudioFileServerMediaSubsessionLive OnDemandServerMediaSubsession subclasses in Networks LIVE555 Streaming Media before 2021.3.16.
Затронутые продукты
openSUSE Leap 15.2:libBasicUsageEnvironment1-2021.05.22-lp152.3.6.1
openSUSE Leap 15.2:libUsageEnvironment3-2021.05.22-lp152.3.6.1
openSUSE Leap 15.2:libgroupsock30-2021.05.22-lp152.3.6.1
openSUSE Leap 15.2:libliveMedia94-2021.05.22-lp152.3.6.1
Ссылки
- CVE-2021-28899
- SUSE Bug 1185874