Source: liblivemedia
Version: 2018.11.26-1
Severity: normal
Tags: security upstream
Hi,
The following vulnerability was published for liblivemedia.
CVE-2019-7314[0]:
liblivemedia in Live555 before 2019.02.03 mishandles the termination of an
RTSP stream after RTP/RTCP-over-RTSP has been set up, which could lead to a
Use-After-Free error that causes the RTSP server to crash (Segmentation
fault) or possibly have unspecified other impact.
We might want to fix this in Buster, the patch is straightforward. I can
provide a debdiff if needed, already uploaded fixes for stretch and jessie.
regards,
Hugo
[0] https://security-tracker.debian.org/tracker/CVE-2019-7314
--
Hugo Lefeuvre (hle) | www.owl.eu.com
RSA4096_ 360B 03B3 BF27 4F4D 7A3F D5E8 14AA 1EB8 A247 3DFD
ed25519_ 37B2 6D38 0B25 B8A2 6B9F 3A65 A36F 5357 5F2D DC4C
Attachment:
signature.asc
Description: PGP signature