Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -3 articles for you...
202
security advisorymoderateupdateopenSUSE: 2021:0937-1 Moderate: Live555 Security Update Details
An update that fixes two vulnerabilities is now available. . openSUSE Security Update: Security update for live555 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:0937-1 Rating: moderate References: #1146283 #1185874 Cross-References: CVE-2019-15232 CVE-2021-28899 CVSS scores: CVE-2019-15232 (NVD) : 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-28899 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Backports SLE-15-SP2 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for live555 fixes the following issues: Update to 2021.05.22: - Lots of fixes and updates, including the security fix for CVE-2021-28899 (boo#1185874) and CVE-2019-15232 (boo#1146283). See the list in This update was imported from the openSUSE:Leap:15.2:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP2: zypper in -t patch openSUSE-2021-937=1 Package List: - openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64): libBasicUsageEnvironment1-2021.05.22-bp152.4.4.1 libUsageEnvironment3-2021.05.22-bp152.4.4.1 libgroupsock30-2021.05.22-bp152.4.4.1 libliveMedia94-2021.05.22-bp152.4.4.1 live555-2021.05.22-bp152.4.4.1 live555-devel-2021.05.22-bp152.4.4.1 References: https://www.suse.com/security/cve/CVE-2019-15232.html https://www.suse.com/security/cve/CVE-2021-28899.html https://bugzilla.suse.com/1146283 https://bugzilla.suse.com/1185874 . The recent openSUSE update tackles various vulnerabilities inlive555, enhancing both security and system resilience. For more information, click here!. openSUSE Updates, Live555 Security, Patch Instructions. . LinuxSecurity.com Team
Jun 27, 2021
OpenSUSE
202
security advisorymoderatesecurity patchopenSUSE Leap 15.2: 2021:0915-1 Moderate: Live555 Security Update
An update that fixes two vulnerabilities is now available. . openSUSE Security Update: Security update for live555 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:0915-1 Rating: moderate References: #1146283 #1185874 Cross-References: CVE-2019-15232 CVE-2021-28899 CVSS scores: CVE-2019-15232 (NVD) : 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-28899 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for live555 fixes the following issues: Update to 2021.05.22: - Lots of fixes and updates, including the security fix for CVE-2021-28899 (boo#1185874) and CVE-2019-15232 (boo#1146283). See the list in Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2021-915=1 Package List: - openSUSE Leap 15.2 (x86_64): libBasicUsageEnvironment1-2021.05.22-lp152.3.6.1 libBasicUsageEnvironment1-debuginfo-2021.05.22-lp152.3.6.1 libUsageEnvironment3-2021.05.22-lp152.3.6.1 libUsageEnvironment3-debuginfo-2021.05.22-lp152.3.6.1 libgroupsock30-2021.05.22-lp152.3.6.1 libgroupsock30-debuginfo-2021.05.22-lp152.3.6.1 libliveMedia94-2021.05.22-lp152.3.6.1 libliveMedia94-debuginfo-2021.05.22-lp152.3.6.1 live555-2021.05.22-lp152.3.6.1 live555-debuginfo-2021.05.22-lp152.3.6.1 live555-debugsource-2021.05.22-lp152.3.6.1 live555-devel-2021.05.22-lp152.3.6.1 References: https://www.suse.com/security/cve/CVE-2019-15232.html https://www.suse.com/security/cve/CVE-2021-28899.html https://bugzilla.suse.com/1146283 https://bugzilla.suse.com/1185874 . An update for openSUSE Leap 15.3 tackles two notable security vulnerabilities in live555. Ensure to apply the updates without delay for optimal protection.. openSUSE Update, live555 Security, Moderate Threats, Security Fixes, Patch Installation. . LinuxSecurity.com Team
Jun 24, 2021
OpenSUSE
202
security advisorymoderatememory accessopenSUSE Leap 15.2: Security Update for live555 (Moderate Severity)
An update that solves two vulnerabilities and has one errata is now available.. openSUSE Security Update: Security update for live555 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2020:0944-1 Rating: moderate References: #1121995 #1124159 #1127341 Cross-References: CVE-2019-7314 CVE-2019-9215 Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: This update for live555 fixes the following issues: - CVE-2019-9215: Malformed headers could have lead to invalid memory access in the parseAuthorizationHeader function. (boo#1127341) - CVE-2019-7314: Mishandled termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up could have lead to a Use-After-Free error causing the RTSP server to crash or possibly have unspecified other impact. (boo#1124159) - Update to version 2019.06.28, - Convert to dynamic libraries (boo#1121995): + Use make ilinux-with-shared-libraries: build the dynamic libs instead of the static one. + Use make install instead of a manual file copy script: this also reveals that we missed quite a bit of code to be installed before. + Split out shared library packages according the SLPP. - Use FAT LTO objects in order to provide proper static library. This update was imported from the openSUSE:Leap:15.1:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2020-944=1 Package List: - openSUSE Leap 15.2 (x86_64): libBasicUsageEnvironment1-2019.06.28-lp152.3.3.1 libBasicUsageEnvironment1-debuginfo-2019.06.28-lp152.3.3.1 libUsageEnvironment3-2019.06.28-lp152.3.3.1 libUsageEnvironment3-debuginfo-2019.06.28-lp152.3.3.1 libgroupsock8-2019.06.28-lp152.3.3.1 libgroupsock8-debuginfo-2019.06.28-lp152.3.3.1 libliveMedia66-2019.06.28-lp152.3.3.1 libliveMedia66-debuginfo-2019.06.28-lp152.3.3.1 live555-2019.06.28-lp152.3.3.1 live555-debuginfo-2019.06.28-lp152.3.3.1 live555-debugsource-2019.06.28-lp152.3.3.1 live555-devel-2019.06.28-lp152.3.3.1 References: https://www.suse.com/security/cve/CVE-2019-7314.html https://www.suse.com/security/cve/CVE-2019-9215.html https://bugzilla.suse.com/1121995 https://bugzilla.suse.com/1124159 https://bugzilla.suse.com/1127341 -- . A patch for Ubuntu 20.04 tackles two concerns in libcurl regarding authentication and error management.. openSUSE Update, live555 Issues, Memory Access Fix, RTSP Termination Error, Security Patch. . LinuxSecurity.com Team
Jul 07, 2020
OpenSUSE
202
security advisorymoderatememory accessopenSUSE: 2019:1880-1 moderate: live555 Memory Access Issues
An update that solves two vulnerabilities and has one errata is now available.. openSUSE Security Update: Security update for live555 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1880-1 Rating: moderate References: #1121995 #1124159 #1127341 Cross-References: CVE-2019-7314 CVE-2019-9215 Affected Products: openSUSE Backports SLE-15-SP1 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: This update for live555 fixes the following issues: - CVE-2019-9215: Malformed headers could have lead to invalid memory access in the parseAuthorizationHeader function. (boo#1127341) - CVE-2019-7314: Mishandled termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up could have lead to a Use-After-Free error causing the RTSP server to crash or possibly have unspecified other impact. (boo#1124159) - Update to version 2019.06.28, - Convert to dynamic libraries (boo#1121995): + Use make ilinux-with-shared-libraries: build the dynamic libs instead of the static one. + Use make install instead of a manual file copy script: this also reveals that we missed quite a bit of code to be installed before. + Split out shared library packages according the SLPP. - Use FAT LTO objects in order to provide proper static library. This update was imported from the openSUSE:Leap:15.1:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP1: zypper in -t patch openSUSE-2019-1880=1 Package List: - openSUSE Backports SLE-15-SP1 (aarch64 ppc64le s390x x86_64): libBasicUsageEnvironment1-2019.06.28-bp151.3.3.1 libUsageEnvironment3-2019.06.28-bp151.3.3.1 libgroupsock8-2019.06.28-bp151.3.3.1 libliveMedia66-2019.06.28-bp151.3.3.1 live555-2019.06.28-bp151.3.3.1 live555-devel-2019.06.28-bp151.3.3.1 References: https://www.suse.com/security/cve/CVE-2019-7314.html https://www.suse.com/security/cve/CVE-2019-9215.html https://bugzilla.suse.com/1121995 https://bugzilla.suse.com/1124159 https://bugzilla.suse.com/1127341 -- . The live555 security patch in openSUSE resolves two vulnerabilities, enhancing protection against potential risks and ensuring greater system reliability.. openSUSE Security Update, live555 vulnerabilities, RTSP security fix, memory corruption patch. . LinuxSecurity.com Team
Aug 14, 2019
OpenSUSE
202
security advisorymoderatesoftware updateopenSUSE: 2019:1797-1 Moderate: live555 Memory Access Issues
An update that solves two vulnerabilities and has one errata is now available.. openSUSE Security Update: Security update for live555 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1797-1 Rating: moderate References: #1121995 #1124159 #1127341 Cross-References: CVE-2019-7314 CVE-2019-9215 Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 openSUSE Backports SLE-15 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: This update for live555 fixes the following issues: - CVE-2019-9215: Malformed headers could have lead to invalid memory access in the parseAuthorizationHeader function. (boo#1127341) - CVE-2019-7314: Mishandled termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up could have lead to a Use-After-Free error causing the RTSP server to crash or possibly have unspecified other impact. (boo#1124159) - Update to version 2019.06.28, - Convert to dynamic libraries (boo#1121995): + Use make ilinux-with-shared-libraries: build the dynamic libs instead of the static one. + Use make install instead of a manual file copy script: this also reveals that we missed quite a bit of code to be installed before. + Split out shared library packages according the SLPP. - Use FAT LTO objects in order to provide proper static library. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.1: zypper in -t patch openSUSE-2019-1797=1 - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-1797=1 - openSUSE Backports SLE-15: zypper in -tpatch openSUSE-2019-1797=1 Package List: - openSUSE Leap 15.1 (x86_64): libBasicUsageEnvironment1-2019.06.28-lp151.2.3.1 libBasicUsageEnvironment1-debuginfo-2019.06.28-lp151.2.3.1 libUsageEnvironment3-2019.06.28-lp151.2.3.1 libUsageEnvironment3-debuginfo-2019.06.28-lp151.2.3.1 libgroupsock8-2019.06.28-lp151.2.3.1 libgroupsock8-debuginfo-2019.06.28-lp151.2.3.1 libliveMedia66-2019.06.28-lp151.2.3.1 libliveMedia66-debuginfo-2019.06.28-lp151.2.3.1 live555-2019.06.28-lp151.2.3.1 live555-debuginfo-2019.06.28-lp151.2.3.1 live555-debugsource-2019.06.28-lp151.2.3.1 live555-devel-2019.06.28-lp151.2.3.1 - openSUSE Leap 15.0 (x86_64): libBasicUsageEnvironment1-2019.06.28-lp150.12.1 libBasicUsageEnvironment1-debuginfo-2019.06.28-lp150.12.1 libUsageEnvironment3-2019.06.28-lp150.12.1 libUsageEnvironment3-debuginfo-2019.06.28-lp150.12.1 libgroupsock8-2019.06.28-lp150.12.1 libgroupsock8-debuginfo-2019.06.28-lp150.12.1 libliveMedia66-2019.06.28-lp150.12.1 libliveMedia66-debuginfo-2019.06.28-lp150.12.1 live555-2019.06.28-lp150.12.1 live555-debuginfo-2019.06.28-lp150.12.1 live555-debugsource-2019.06.28-lp150.12.1 live555-devel-2019.06.28-lp150.12.1 - openSUSE Backports SLE-15 (aarch64 ppc64le s390x x86_64): libBasicUsageEnvironment1-2019.06.28-bp150.12.1 libUsageEnvironment3-2019.06.28-bp150.12.1 libgroupsock8-2019.06.28-bp150.12.1 libliveMedia66-2019.06.28-bp150.12.1 live555-2019.06.28-bp150.12.1 live555-devel-2019.06.28-bp150.12.1 References: https://www.suse.com/security/cve/CVE-2019-7314.html https://www.suse.com/security/cve/CVE-2019-9215.html https://bugzilla.suse.com/1121995 https://bugzilla.suse.com/1124159 https://bugzilla.suse.com/1127341 -- . New patch released for openSUSE addressing memory management vulnerabilities in live555 that could lead to system instability.. openSUSE Live555 Update, RTSP StreamSecurity Fix, OpenSUSE Moderate Advisory. . LinuxSecurity.com Team
Jul 23, 2019
OpenSUSE
197
security advisorycriticaldebianDebian 8 Jessie DLA-1690-1 Critical: Liblivemedia RTSP Server DoS
Multiple vulnerabilities have been discovered in liblivemedia, the LIVE555 RTSP server library: CVE-2019-6256 . Package : liblivemedia Version : 2014.01.13-1+deb8u2 CVE ID : CVE-2019-6256 CVE-2019-7314 Debian Bug : 919529 Multiple vulnerabilities have been discovered in liblivemedia, the LIVE555 RTSP server library: CVE-2019-6256 liblivemedia servers with RTSP-over-HTTP tunneling enabled are vulnerable to an invalid function pointer dereference. This issue might happen during error handling when processing two GET and POST requests being sent with identical x-sessioncookie within the same TCP session and might be leveraged by remote attackers to cause DoS. CVE-2019-7314 liblivemedia servers with RTSP-over-HTTP tunneling enabled are affected by a use-after-free vulnerability. This vulnerability might be triggered by remote attackers to cause DoS (server crash) or possibly unspecified other impact. For Debian 8 "Jessie", these problems have been fixed in version 2014.01.13-1+deb8u2. We recommend that you upgrade your liblivemedia packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Package : liblivemedia Version : 2014.01.13-1+deb8u2 CVE ID : CVE-2019-6256 CVE-2019-7314 Debian Bug. vulnerabilities, liblivemedia, live555, server, library. . Severity: Critical. LinuxSecurity.com Team
Feb 26, 2019
•Critical
Debian LTS
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!