[Bug 1146283] VUL-1: CVE-2019-15232: live555: before 2019.08.16 has a Use-After-Free because GenericMediaServer:createNewClientSessionWithId can generate the same client session ID in succession, which is mishandled by the MPEG1or2 and Matroska demuxer

8 Jul 2021


      https://bugzilla.suse.com/show_bug.cgi?id=1146283
https://bugzilla.suse.com/show_bug.cgi?id=1146283#c7

--- Comment #7 from Swamp Workflow Management  ---
openSUSE-SU-2021:1004-1: An update that fixes two vulnerabilities is now
available.

Category: security (moderate)
Bug References: 1146283,1185874
CVE References: CVE-2019-15232,CVE-2021-28899
JIRA References: 
Sources used:
openSUSE Backports SLE-15-SP3 (src):    live555-2021.05.22-bp153.2.3.1

-- 
You are receiving this mail because:
You are on the CC list for the bug.

bugzilla_noreply＠suse.com

tags

participants (1)