Advisories » MGASA-2016-0037

Updated srtp packages fix security vulnerability

Publication date: 29 Jan 2016
Modification date: 29 Jan 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2015-6360

Description

Srtp before 1.5.3 is vulnerable to a potential DoS attack due to lack of
bounds checking on RTP header CSRC count and extension header length
(CVE-2015-6360).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=17540
• http://lwn.net/Alerts/672422/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6360

SRPMS

5/core

• srtp-1.4.5-0.20130723.5.mga5