libsrtp-1.4.4-11.20101004cvs.el7
エラータID: AXSA:2020-568:01
The libsrtp package provides an implementation of the Secure Real-time Transport Protocol (SRTP), the Universal Security Transform (UST), and a supporting cryptographic kernel.
Security Fix(es):
* libsrtp: improper handling of CSRC count and extension header length in RTP header (CVE-2015-6360)
* libsrtp: buffer overflow in application of crypto profiles (CVE-2013-2139)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Asianux Server 7.9 Release Notes linked from the References section.
CVE-2013-2139
Buffer overflow in srtp.c in libsrtp in srtp 1.4.5 and earlier allows remote attackers to cause a denial of service (crash) via vectors related to a length inconsistency in the crypto_policy_set_from_profile_for_rtp and srtp_protect functions.
CVE-2015-6360
The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686.
Update packages.
Buffer overflow in srtp.c in libsrtp in srtp 1.4.5 and earlier allows remote attackers to cause a denial of service (crash) via vectors related to a length inconsistency in the crypto_policy_set_from_profile_for_rtp and srtp_protect functions.
The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686.
N/A
SRPMS
- libsrtp-1.4.4-11.20101004cvs.el7.src.rpm
MD5: ba9ff1b9ec5e8cf46c8b0975dc2c569a
SHA-256: 8e89b6724f0db81c2e8f0ff3d1084e9e734d79ee9162cac728844ed8a7a7ecb5
Size: 453.45 kB
Asianux Server 7 for x86_64
- libsrtp-1.4.4-11.20101004cvs.el7.x86_64.rpm
MD5: eb2b4681550419c32ef85084a9f0c0a5
SHA-256: 362507455d79b64f88815188884ed74f7edaeb44ae03b8a2d3af4034ed21756c
Size: 273.92 kB - libsrtp-1.4.4-11.20101004cvs.el7.i686.rpm
MD5: fcaf678d91432ce9cf633f8a053345b9
SHA-256: b378c8dcd5092c9a7b6f89eae944f00902fef27f913ed26cb1bafcc52932cfc1
Size: 274.59 kB