openSUSE: 2020:0944-1: moderate: live555

    Date 06 Jul 2020
    117
    Posted By LinuxSecurity Advisories
    An update that solves two vulnerabilities and has one errata is now available.
       openSUSE Security Update: Security update for live555
    ______________________________________________________________________________
    
    Announcement ID:    openSUSE-SU-2020:0944-1
    Rating:             moderate
    References:         #1121995 #1124159 #1127341 
    Cross-References:   CVE-2019-7314 CVE-2019-9215
    Affected Products:
                        openSUSE Leap 15.2
    ______________________________________________________________________________
    
       An update that solves two vulnerabilities and has one
       errata is now available.
    
    Description:
    
       This update for live555 fixes the following issues:
    
       - CVE-2019-9215: Malformed headers could have lead to invalid memory
         access in the parseAuthorizationHeader function. (boo#1127341)
    
       - CVE-2019-7314: Mishandled termination of an RTSP stream after
         RTP/RTCP-over-RTSP has been set up could have lead to a Use-After-Free
         error causing the RTSP server to crash or possibly have unspecified
         other impact. (boo#1124159)
    
       - Update to version 2019.06.28,
       - Convert to dynamic libraries (boo#1121995):
         + Use make ilinux-with-shared-libraries: build the dynamic libs instead
           of the static one.
         + Use make install instead of a manual file copy script: this also
           reveals that we missed quite a bit of code to be installed before.
         + Split out shared library packages according the SLPP.
       - Use FAT LTO objects in order to provide proper static library.
    
    
       This update was imported from the openSUSE:Leap:15.1:Update update project.
    
    
    Patch Instructions:
    
       To install this openSUSE Security Update use the SUSE recommended installation methods
       like YaST online_update or "zypper patch".
    
       Alternatively you can run the command listed for your product:
    
       - openSUSE Leap 15.2:
    
          zypper in -t patch openSUSE-2020-944=1
    
    
    
    Package List:
    
       - openSUSE Leap 15.2 (x86_64):
    
          libBasicUsageEnvironment1-2019.06.28-lp152.3.3.1
          libBasicUsageEnvironment1-debuginfo-2019.06.28-lp152.3.3.1
          libUsageEnvironment3-2019.06.28-lp152.3.3.1
          libUsageEnvironment3-debuginfo-2019.06.28-lp152.3.3.1
          libgroupsock8-2019.06.28-lp152.3.3.1
          libgroupsock8-debuginfo-2019.06.28-lp152.3.3.1
          libliveMedia66-2019.06.28-lp152.3.3.1
          libliveMedia66-debuginfo-2019.06.28-lp152.3.3.1
          live555-2019.06.28-lp152.3.3.1
          live555-debuginfo-2019.06.28-lp152.3.3.1
          live555-debugsource-2019.06.28-lp152.3.3.1
          live555-devel-2019.06.28-lp152.3.3.1
    
    
    References:
    
       https://www.suse.com/security/cve/CVE-2019-7314.html
       https://www.suse.com/security/cve/CVE-2019-9215.html
       https://bugzilla.suse.com/1121995
       https://bugzilla.suse.com/1124159
       https://bugzilla.suse.com/1127341
    
    -- 
    

    LinuxSecurity Poll

    Are you planning to use the 1Password password manager now that it is available to Linux users?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/35-are-you-planning-to-use-the-1password-password-manager-now-that-it-is-available-to-linux-users?task=poll.vote&format=json
    35
    radio
    [{"id":"122","title":"Yes","votes":"1","type":"x","order":"1","pct":25,"resources":[]},{"id":"123","title":"No ","votes":"2","type":"x","order":"2","pct":50,"resources":[]},{"id":"124","title":"Not sure at the moment","votes":"1","type":"x","order":"3","pct":25,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
    bottom 200

    Advisories

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.