-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 14 Mar 2019 09:25:20 +0100 Source: liblivemedia Binary: liblivemedia-dev libbasicusageenvironment1 libgroupsock8 liblivemedia57 libusageenvironment3 livemedia-utils Architecture: i386 Version: 2016.11.28-1+deb9u2 Distribution: stretch-security Urgency: high Maintainer: i386 Build Daemon (x86-grnet-01) Changed-By: Hugo Lefeuvre Description: libbasicusageenvironment1 - multimedia RTSP streaming library (BasicUsageEnvironment class) libgroupsock8 - multimedia RTSP streaming library (network interfaces and sockets liblivemedia-dev - multimedia RTSP streaming library (development files) liblivemedia57 - multimedia RTSP streaming library libusageenvironment3 - multimedia RTSP streaming library (UsageEnvironment classes) livemedia-utils - multimedia RTSP streaming tools Changes: liblivemedia (2016.11.28-1+deb9u2) stretch-security; urgency=high . * Non-maintainer upload by the Security Team. * CVE-2019-6256: denial of service when processing get and post with identical x-session-cookie within the same tcp session. * CVE-2019-7314: use-after-free during RTSP stream termination. * CVE-2019-9215: malformed headers lead to invalid memory access in the parseAuthorizationHeader function. Checksums-Sha1: 81cbad5a299ebe773814beaf891010bf7cccc715 37350 libbasicusageenvironment1-dbgsym_2016.11.28-1+deb9u2_i386.deb 9b0fc258e1af96f2972c5fe7ce93a882ead8fa5d 23144 libbasicusageenvironment1_2016.11.28-1+deb9u2_i386.deb 1a5b8ec027e535ef96064d2aaa51afcdbd76a4df 55950 libgroupsock8-dbgsym_2016.11.28-1+deb9u2_i386.deb 5ae7f6938e9bcc1affc3206990b739311443ea19 29518 libgroupsock8_2016.11.28-1+deb9u2_i386.deb 2192ce31ce6e4b2df01946c16ad02050a9ddb772 164692 liblivemedia-dev_2016.11.28-1+deb9u2_i386.deb 14c133a35d920ac3688df98361f3e0ba40ad6e69 794104 liblivemedia57-dbgsym_2016.11.28-1+deb9u2_i386.deb 15fd55890decb9cab4513a5947bce55c5dc7fe60 339216 liblivemedia57_2016.11.28-1+deb9u2_i386.deb 40f17b509939a51c117b19e82eaa1c3416837d3e 8752 liblivemedia_2016.11.28-1+deb9u2_i386.buildinfo f8b91aa5b49c6a66194424f891ccbe18e36c887f 8996 libusageenvironment3-dbgsym_2016.11.28-1+deb9u2_i386.deb 14ae56ef59f0497c64e4d30249340b5f2ee4b2a1 12824 libusageenvironment3_2016.11.28-1+deb9u2_i386.deb 867c55a82c9d70125cce01071617c75b5eab8524 256636 livemedia-utils-dbgsym_2016.11.28-1+deb9u2_i386.deb 7f48410c967a9d9589d6695f1e06802a2feba0e4 76662 livemedia-utils_2016.11.28-1+deb9u2_i386.deb Checksums-Sha256: 358410fd06ceb08b1096e1a0f37dca62f884bd7aa4ac44747fe23e963594061d 37350 libbasicusageenvironment1-dbgsym_2016.11.28-1+deb9u2_i386.deb 8623d2d53121dd26dd85dec42dfad632ee0451995cce234223a0631e649b56b3 23144 libbasicusageenvironment1_2016.11.28-1+deb9u2_i386.deb 9d95dd41f6eb116cfb324eb7d25fb942e882a97b99689c7ef5f782ee2a958454 55950 libgroupsock8-dbgsym_2016.11.28-1+deb9u2_i386.deb ad07484ee1108c5e69123f0cedc9e808db85819848cbcbe71879e0e77933f739 29518 libgroupsock8_2016.11.28-1+deb9u2_i386.deb d3894cfea72ea4359e2be7a0e17cc60071b9369e3295f0468b95076b2607712b 164692 liblivemedia-dev_2016.11.28-1+deb9u2_i386.deb 96c936cc9e33c69ed8bfbfb35a2abdba19fe2d5517ebf3b9d9b8bd2f9c187814 794104 liblivemedia57-dbgsym_2016.11.28-1+deb9u2_i386.deb 1a273bc5793d7cc0b084a862e538aff0b93ae3680a3f4b27626d0fc51a1308ce 339216 liblivemedia57_2016.11.28-1+deb9u2_i386.deb d996e459ac06174ba4fa5fbbbeeaf4f9a196c1b59e7da45d3c1f78d345297d32 8752 liblivemedia_2016.11.28-1+deb9u2_i386.buildinfo 5f213e2f9884f27dd4df5ade900c45596ce0e4b83afcc20dd5b58339eb1ae91f 8996 libusageenvironment3-dbgsym_2016.11.28-1+deb9u2_i386.deb 25b332d9fbd8f789370470a7e8d6150e6a6fa54d1fa9e2203d4753c970540797 12824 libusageenvironment3_2016.11.28-1+deb9u2_i386.deb 1f5950abcdecb6f632860c57c326d7bd4723594c1dd49194c8ed9e40bb7dc9e5 256636 livemedia-utils-dbgsym_2016.11.28-1+deb9u2_i386.deb f20e8b3e2b50b8fdab9655ad2943294134238f51fb51455a4b2eecf50200d02e 76662 livemedia-utils_2016.11.28-1+deb9u2_i386.deb Files: 83378e502d775a9ecf18783531354393 37350 debug extra libbasicusageenvironment1-dbgsym_2016.11.28-1+deb9u2_i386.deb 05a547c2520416f2ae2b5da1204eeece 23144 libs optional libbasicusageenvironment1_2016.11.28-1+deb9u2_i386.deb fbf71df813e062ffba3caf0771a869f2 55950 debug extra libgroupsock8-dbgsym_2016.11.28-1+deb9u2_i386.deb b706f6165dd24460e2eb4d90cf3a975d 29518 libs optional libgroupsock8_2016.11.28-1+deb9u2_i386.deb 3874c7586d58e88686aed6635f288a82 164692 libdevel optional liblivemedia-dev_2016.11.28-1+deb9u2_i386.deb 2f7d5d10d0751c74072f631523262d9a 794104 debug extra liblivemedia57-dbgsym_2016.11.28-1+deb9u2_i386.deb 04e13b57e77407d31025e4dcfd4b9f11 339216 libs optional liblivemedia57_2016.11.28-1+deb9u2_i386.deb c0ab3f7e644fa4e138bec4438bf3512c 8752 libs optional liblivemedia_2016.11.28-1+deb9u2_i386.buildinfo f1ac81683ec9318f24fb157390874836 8996 debug extra libusageenvironment3-dbgsym_2016.11.28-1+deb9u2_i386.deb 18babc4cb243c11e9d78e3b7eecdcc13 12824 libs optional libusageenvironment3_2016.11.28-1+deb9u2_i386.deb 6166d29699129611bf759eb0e3ac4369 256636 debug extra livemedia-utils-dbgsym_2016.11.28-1+deb9u2_i386.deb e3d174e157f4c87c191234e15e855211 76662 net optional livemedia-utils_2016.11.28-1+deb9u2_i386.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE56RkdImmGnu/qTMEtnmMmMOJfQ0FAlyL0CEACgkQtnmMmMOJ fQ3CbQ/9GxX34cHBZEGgPyRmzJrdk3G+ntHiixpbZDMnQLpxeyKQ9nuWJ0KGrnC8 G/YuLj/0tLMScXFPPXvlIixwx5SLqwIt4V90ynGI4pqStNv8CX6QLtG+orsADXTK sAEy+a68muZn/BhbiMVwvY5RjjB3tFvyjEYKTCLRL/K/x2vRp5x3Dz9QyWnO+C/K 9tJk/QFGtIILLklVMWTJFy1bOi2f46h+x97cfvgIsuQBfDpIUS0KG8ziytJ5MDAX vJRCS0/7zox7HSPT3B1QYv4+H5LsSdGNZhWXNY+Mbqn48s2VQ6zy0WIATBUk4KDH 81teLIjXpQK5L2ZhnH8LDLu40jUYR66IYHR3MPJNFwfXfw5gSiwHAiAen4sr+4WR KxKEoGkeBGLCAycPez8PKU2qYvEw/tLfoaKcYZ273jyNM2YjkHrmKz9ShD2Wj038 u2tyS+YVUoWjdofu/0BNGOkt34ngfoPDhYrRvp3EP5x7OYcPnC30qsVanBPyqgon O3ZeeqjaQrwtAC6FUrkgG7Y5+1aB7/EWT9Vz/Veg+l/o+7EDOWGif/0MdOx2yqfy SM408vXPlJUqTf7cay+ENNIfyvoecm3D0uenIsXefFhkyyIPCrHYcSAcg4WCgPta 8fHYZxkzbS+AwmFhUntLmvJ5LlJAmpBWtm3qv68smt9nZF16s88= =KukJ -----END PGP SIGNATURE-----