Updated pjproject packages fix security vulnerabilities
Publication date: 13 Oct 2017Modification date: 13 Oct 2017
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-9359 , CVE-2017-9372
Description
Two vulnerabilities were found in the PJSIP/PJProject communication
library, which may result in denial of service (CVE-2017-9359,
CVE-2017-9372).
References
- https://bugs.mageia.org/show_bug.cgi?id=21505
- http://downloads.asterisk.org/pub/security/AST-2017-002.html
- http://downloads.asterisk.org/pub/security/AST-2017-003.html
- https://www.debian.org/security/2017/dsa-3933
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9359
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9372
SRPMS
6/core
- pjproject-2.5.5-4.1.mga6
5/core
- pjproject-2.3-1.1.mga5