-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 14 Mar 2019 09:25:20 +0100 Source: liblivemedia Binary: liblivemedia-dev libbasicusageenvironment1 libgroupsock8 liblivemedia57 libusageenvironment3 livemedia-utils Architecture: arm64 Version: 2016.11.28-1+deb9u2 Distribution: stretch-security Urgency: high Maintainer: arm Build Daemon (arm-conova-02) Changed-By: Hugo Lefeuvre Description: libbasicusageenvironment1 - multimedia RTSP streaming library (BasicUsageEnvironment class) libgroupsock8 - multimedia RTSP streaming library (network interfaces and sockets liblivemedia-dev - multimedia RTSP streaming library (development files) liblivemedia57 - multimedia RTSP streaming library libusageenvironment3 - multimedia RTSP streaming library (UsageEnvironment classes) livemedia-utils - multimedia RTSP streaming tools Changes: liblivemedia (2016.11.28-1+deb9u2) stretch-security; urgency=high . * Non-maintainer upload by the Security Team. * CVE-2019-6256: denial of service when processing get and post with identical x-session-cookie within the same tcp session. * CVE-2019-7314: use-after-free during RTSP stream termination. * CVE-2019-9215: malformed headers lead to invalid memory access in the parseAuthorizationHeader function. Checksums-Sha1: 38008cba4c8484eb84bc43e01c701a70f6760a1f 41824 libbasicusageenvironment1-dbgsym_2016.11.28-1+deb9u2_arm64.deb bd5b8c7a8d6054d9b766a5baade6eff862fb6e81 21488 libbasicusageenvironment1_2016.11.28-1+deb9u2_arm64.deb 1edda505cc53d46d67ad91b6f8f9e7be0119ae84 63516 libgroupsock8-dbgsym_2016.11.28-1+deb9u2_arm64.deb efa16fe8806d60a9675aed538a4a4af9b4f58ca9 26530 libgroupsock8_2016.11.28-1+deb9u2_arm64.deb 7d0b426e49b9bc82b2439d1008503aa0f1bc8e52 164696 liblivemedia-dev_2016.11.28-1+deb9u2_arm64.deb 51fd64ba444ce5009e0bbd71bf0bc42e80d2fda3 945574 liblivemedia57-dbgsym_2016.11.28-1+deb9u2_arm64.deb 3bd40d474ca33a24e688ee048be5c337d54fa145 288148 liblivemedia57_2016.11.28-1+deb9u2_arm64.deb 9247c498d3da0395a39d30c82e22905bc39079e0 8688 liblivemedia_2016.11.28-1+deb9u2_arm64.buildinfo a59938dc7b5f2f33fe1fd590981a4a5ce788b814 9762 libusageenvironment3-dbgsym_2016.11.28-1+deb9u2_arm64.deb a41434d4c1938c3570a154144bdaace82e2a6c7e 12652 libusageenvironment3_2016.11.28-1+deb9u2_arm64.deb e9cdfd9f57c0c0156f8a28563d8b820e081b3025 279096 livemedia-utils-dbgsym_2016.11.28-1+deb9u2_arm64.deb 92bd5a30c800c72d3c790d47a69cffaaf35fc095 76584 livemedia-utils_2016.11.28-1+deb9u2_arm64.deb Checksums-Sha256: 3d5ea0a4a7f2f28365eab0073436287ae732ca8e66bc10e84f9af33bf7989265 41824 libbasicusageenvironment1-dbgsym_2016.11.28-1+deb9u2_arm64.deb 7a78ca5f84d1ef62267485b8f40922d425789ae862ce0c4f74a7c70b5c50402a 21488 libbasicusageenvironment1_2016.11.28-1+deb9u2_arm64.deb 8aa63356ce4b41e810a90941f1176cc4f2277a4989bc6142e41c66422abc0ca9 63516 libgroupsock8-dbgsym_2016.11.28-1+deb9u2_arm64.deb dc9cbc5169755995fa2c7cc812536a0e5330d6dd37456dc320b0dc3f6083b0c5 26530 libgroupsock8_2016.11.28-1+deb9u2_arm64.deb a8def549ae0a7c9da4f06c3ab19f5bb7c3d6299b0990b8aaadb304d4a9e1f2e0 164696 liblivemedia-dev_2016.11.28-1+deb9u2_arm64.deb c7c8d5dd719cad0384997a9c42fa5b5145bc95309120ebb106d1dab5d5751269 945574 liblivemedia57-dbgsym_2016.11.28-1+deb9u2_arm64.deb 452a7f65dbef0b89ae045b77c6e9e0f5996449fadf50a00e96fc233921799fe6 288148 liblivemedia57_2016.11.28-1+deb9u2_arm64.deb 9b5fe2a2d9383897a895f78e168dfe8de07586e5a76f0dea5200a0f13c494203 8688 liblivemedia_2016.11.28-1+deb9u2_arm64.buildinfo 62bace39f7cbce0a865be5aa62afa0c0e62ac893f59eac12ac2e972bbc7b0029 9762 libusageenvironment3-dbgsym_2016.11.28-1+deb9u2_arm64.deb 4c1f8555368a619bb847313208847db3842558bb934eafed80afab67fe7a0944 12652 libusageenvironment3_2016.11.28-1+deb9u2_arm64.deb 9d1021a66468cc41c1fe1e0b08d7b9a5de4db981b30cc6ea4dba52e71e45c3db 279096 livemedia-utils-dbgsym_2016.11.28-1+deb9u2_arm64.deb ce86ad217cde6b4eda6be75f4da29e51469746582a89e6367c1162c326901c35 76584 livemedia-utils_2016.11.28-1+deb9u2_arm64.deb Files: cb3272841bde1a7305b5598e5fd3ac1b 41824 debug extra libbasicusageenvironment1-dbgsym_2016.11.28-1+deb9u2_arm64.deb 6451e9824070f0c0ea1187a07126e166 21488 libs optional libbasicusageenvironment1_2016.11.28-1+deb9u2_arm64.deb b709275702a7b243b4c46d124fba9e0c 63516 debug extra libgroupsock8-dbgsym_2016.11.28-1+deb9u2_arm64.deb a7ddbcf2a13477d9ace3bb24b2bdaae3 26530 libs optional libgroupsock8_2016.11.28-1+deb9u2_arm64.deb 0d4dbbde82dbb4bff92ff3c424d84fbd 164696 libdevel optional liblivemedia-dev_2016.11.28-1+deb9u2_arm64.deb a6f7a0828ecf63515e7c2feb7d557788 945574 debug extra liblivemedia57-dbgsym_2016.11.28-1+deb9u2_arm64.deb 97a7e24bde1cdd22837f9aca969b65af 288148 libs optional liblivemedia57_2016.11.28-1+deb9u2_arm64.deb bb8d6eb678f373ef32af7a4bcb8b44cb 8688 libs optional liblivemedia_2016.11.28-1+deb9u2_arm64.buildinfo cfc30073702ebca195990d3623c60daa 9762 debug extra libusageenvironment3-dbgsym_2016.11.28-1+deb9u2_arm64.deb fbebb00fbae74a015015469022e4ac34 12652 libs optional libusageenvironment3_2016.11.28-1+deb9u2_arm64.deb 5bb9846da568a29d22b1bea236e127a1 279096 debug extra livemedia-utils-dbgsym_2016.11.28-1+deb9u2_arm64.deb 5f1d5ccb06208a333be447024e193483 76584 net optional livemedia-utils_2016.11.28-1+deb9u2_arm64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE6I7LAZ94rdGzoRFJgTjochSsEVUFAlyLtB4ACgkQgTjochSs EVXA+g/+MbysYs8fRhawYAeqq9u54LqeyWH6vwK+aOXem+Y9+tned5DwXVWPa4y2 ZubHYAnJM3AZMH8/O3Ok9Sf5qDsrMSHiEf8jLLhV/hzy7HufKUmhIiXdg9k1kN93 QS7lXV5z2b0AloKkoXa9pnZdW4lzYc5aEG7BIlySVeMxuvS4LmvCZ4yl1Tz8AeRM ZmojYBWjge1YKIRjIIy5qkby4Fh++w6p7xKRcmtTJpRUNK/hDkBxIhJ9e+BPPCyx 88Eu6NIdAKzDj2s/yDgDpl+QCoefa+LkS2wd1RUrLaOEfssIvIMtW93b7HhIB93s 8mYo+wiIxnF559E1pbK8SBlvpgt5itLUuXVgB0yGA7zsB7l0rLEUmZtq5EKtrNcn GLjcZsVvE2HBC5YCR1D4QF9GxwFTJKLpKyTY8C74sA79p6T0Sm4cpE8M8INvQbnM iLX+0x+9LGhu3tkj0q26wD5kQG/ka8RNI78xnCqcXCKuDLxGkRAeEu98m/eI+9Jh sGWB0FiPNS3q0q5UQfgyi0Z0zWAJ8Eo4p52keK3x8mZtAv0+sm4r+shscW7cuCGY 67fP+1T6+lfwVDwcQ8gGpCpdpqriB31y5yBBMACxJ89W0/b5EQmSQyWIfFkuEyr+ 7CP+XAy6fHR/0byH7Ka56k22FgWihA9KHfgwfjaCuU1sodGuTME= =+nKJ -----END PGP SIGNATURE-----