-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 14 Mar 2019 09:25:20 +0100 Source: liblivemedia Binary: liblivemedia-dev libbasicusageenvironment1 libgroupsock8 liblivemedia57 libusageenvironment3 livemedia-utils Architecture: s390x Version: 2016.11.28-1+deb9u2 Distribution: stretch-security Urgency: high Maintainer: s390x Build Daemon (zani) Changed-By: Hugo Lefeuvre Description: libbasicusageenvironment1 - multimedia RTSP streaming library (BasicUsageEnvironment class) libgroupsock8 - multimedia RTSP streaming library (network interfaces and sockets liblivemedia-dev - multimedia RTSP streaming library (development files) liblivemedia57 - multimedia RTSP streaming library libusageenvironment3 - multimedia RTSP streaming library (UsageEnvironment classes) livemedia-utils - multimedia RTSP streaming tools Changes: liblivemedia (2016.11.28-1+deb9u2) stretch-security; urgency=high . * Non-maintainer upload by the Security Team. * CVE-2019-6256: denial of service when processing get and post with identical x-session-cookie within the same tcp session. * CVE-2019-7314: use-after-free during RTSP stream termination. * CVE-2019-9215: malformed headers lead to invalid memory access in the parseAuthorizationHeader function. Checksums-Sha1: 4af83e57346d5d054d223b597a1a554bcfd60d3d 42332 libbasicusageenvironment1-dbgsym_2016.11.28-1+deb9u2_s390x.deb 238fff45e37c4b53ab652dee33e6e7d9c0ee8a74 21890 libbasicusageenvironment1_2016.11.28-1+deb9u2_s390x.deb 8a19c5335d3f042fe964043b7dd7d232ddc96563 65888 libgroupsock8-dbgsym_2016.11.28-1+deb9u2_s390x.deb e12bbba1b1b6a5aaf517bac08dc49ad0886eeef9 27228 libgroupsock8_2016.11.28-1+deb9u2_s390x.deb 388189d53cd4acaa5bf0679863d1fa8e6c670d30 164696 liblivemedia-dev_2016.11.28-1+deb9u2_s390x.deb 8a7922140d2637b2f28cb8dbb2caa2e4ecec3d26 979934 liblivemedia57-dbgsym_2016.11.28-1+deb9u2_s390x.deb c78c27816bbb3a997ed123c52214410ec11b76ae 301244 liblivemedia57_2016.11.28-1+deb9u2_s390x.deb b9921eaaf9647ed695d7d519eb0696f044ce44c3 8625 liblivemedia_2016.11.28-1+deb9u2_s390x.buildinfo 2652040921d9ea357c39a02335af490b7c5905e7 9628 libusageenvironment3-dbgsym_2016.11.28-1+deb9u2_s390x.deb d5efd2a610a148264fc326d441bc4615c8af38fa 12568 libusageenvironment3_2016.11.28-1+deb9u2_s390x.deb 3617c1d42bf9ba89415e75bfac330a21ca41c93c 282894 livemedia-utils-dbgsym_2016.11.28-1+deb9u2_s390x.deb bdc6ab9290b164515ab0f736ab32b6d21923ab66 77240 livemedia-utils_2016.11.28-1+deb9u2_s390x.deb Checksums-Sha256: ee156699b12f19399b84963c59f1a860875d988ba59380c4207bc070b637cb4d 42332 libbasicusageenvironment1-dbgsym_2016.11.28-1+deb9u2_s390x.deb 5835f7192be8987268133cea9405ec69dd5bf2b9bd9fdfd9bd6a7b0c7530cee3 21890 libbasicusageenvironment1_2016.11.28-1+deb9u2_s390x.deb 9aee87e477d73fa48b9f1aeb19261b7d59cc8bd671509195a2f4e01ad4a36206 65888 libgroupsock8-dbgsym_2016.11.28-1+deb9u2_s390x.deb dc75294c6a9282300ec5bb10988d29624c11c0656031e2bc312c0803c7709166 27228 libgroupsock8_2016.11.28-1+deb9u2_s390x.deb f3f43c7a8bb80fdda03b0fe0a1eb393efb1bf25eb3203c86e496351c46556d8c 164696 liblivemedia-dev_2016.11.28-1+deb9u2_s390x.deb b576c58ad774f2373948c3612a09ed908f68c60c15f5a8005d26dcf9047d4345 979934 liblivemedia57-dbgsym_2016.11.28-1+deb9u2_s390x.deb 6c490f0b68801783bd0bf97515d427801310d0fa0e3c3287f4cd4ccd1b021afe 301244 liblivemedia57_2016.11.28-1+deb9u2_s390x.deb f0289da5b852e8d3319ad053215ce59af295091bbb16f97ec8f7ceb1c4380c57 8625 liblivemedia_2016.11.28-1+deb9u2_s390x.buildinfo 19e6323989bdd8af766a644301e569f322c2f74496ed344d15d780ad365fb74d 9628 libusageenvironment3-dbgsym_2016.11.28-1+deb9u2_s390x.deb 194c94c14fe9b18e6b584b47e6227393d4f57519e2ae963af0594b1e497f0f09 12568 libusageenvironment3_2016.11.28-1+deb9u2_s390x.deb 5198b80e269669e45df8bd4e3717924dc1aa8e51fb4180e749a381601e47f302 282894 livemedia-utils-dbgsym_2016.11.28-1+deb9u2_s390x.deb 1e63130e8f5444ed2c154af4dbab2eea084cd01a84cb5c215d32db684cc6ca99 77240 livemedia-utils_2016.11.28-1+deb9u2_s390x.deb Files: 01e7e43707f4bd09223c441e50c61437 42332 debug extra libbasicusageenvironment1-dbgsym_2016.11.28-1+deb9u2_s390x.deb e195052ad7fa4c6aafb6e44b2c02e7b0 21890 libs optional libbasicusageenvironment1_2016.11.28-1+deb9u2_s390x.deb a5c9d795bdfd10532ec902844fcf4d70 65888 debug extra libgroupsock8-dbgsym_2016.11.28-1+deb9u2_s390x.deb b0979e9788db772b6c5b78c070062e14 27228 libs optional libgroupsock8_2016.11.28-1+deb9u2_s390x.deb dfc003d96de2a877f1750d4a076fd5f6 164696 libdevel optional liblivemedia-dev_2016.11.28-1+deb9u2_s390x.deb 061a16176e02b147d6a0ab022da2e6a2 979934 debug extra liblivemedia57-dbgsym_2016.11.28-1+deb9u2_s390x.deb 303014a07fe5af3dbdf7e4428131b54e 301244 libs optional liblivemedia57_2016.11.28-1+deb9u2_s390x.deb a17cddf9d13ce4955932e036ba608772 8625 libs optional liblivemedia_2016.11.28-1+deb9u2_s390x.buildinfo 2a3947f7eec14e5baacf7c9a798e2f55 9628 debug extra libusageenvironment3-dbgsym_2016.11.28-1+deb9u2_s390x.deb 3a2ed19eff9c977464a9d772cb3b9293 12568 libs optional libusageenvironment3_2016.11.28-1+deb9u2_s390x.deb a18a05b634e1a19df49d0d86711e12a2 282894 debug extra livemedia-utils-dbgsym_2016.11.28-1+deb9u2_s390x.deb 4c11350dc7bc2e05b8c5aa638f8c38d9 77240 net optional livemedia-utils_2016.11.28-1+deb9u2_s390x.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEaMR5JIi1/aj4U64lVi3/02CpukIFAlyLs+MACgkQVi3/02Cp ukIscBAApYFG/z77xkMfx1ZhEK1c0u7TdXqAG1JKMEH8oZwWzYl6GPYTo81n4uQo j/WP0ByxzxNDmuKRrQCaS27SfrURxYCKFN1oHPD+2r75ro0uwirIOUTGPul1tEdt 8rk3h4zXGt0DcdKXgG/PcdjN/xztb0+7VDECCrGz3X2lJFUywe1bvfh/TvZYV4/G d/UU1hE3cpQVLOJhmhYCza/wiERNq6C4SD7ikJX20aVnjSbYHF75aMJigMq6/Z9y iG+BjVwODDURKGZOs6w5RvgsByzki4McsR2gBCkN4tu/aZRaxh3Xv29mjmmGABN/ xFBRp2RDOyYF7UIInAIaFoD3z2lWAugN3kyqLLe+2NMzChYrZjaaCKT97ykT1bDi LcECkGgGP1vy94Jnln3e9dOiGuycoxdGzsUFSe+hzgyIljyYOPm2vGq7pDDZy5wV uTcLnPobRbqbnF9ultDysAtUbBNKaOCf5IhfhJFm1hl5CJnluVGbir4cs/6OxKZx lGmHnIZ00w9CJZJAPMHon59/KdFP6sYgJIdFdPJBGOaFbDEwWurl3RRDHy2Gf8tS DM4rRn54hf0gjvBTFP1Xq/PSgBS2s1HGeJEm8i5gcfAskERn10mlQdX9cVj9DW0c L9Tg/PmezX4O80FH1gxPd/fAn8uBlGkdJnajxxniNSxghyI4uJM= =s7J4 -----END PGP SIGNATURE-----