Debian Security Advisory 3539-1

Debian Security Advisory 3539-1: Posted Apr 4, 2016; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3539-1 - Randell Jesup and the Firefox team discovered that srtp, Cisco's reference implementation of the Secure Real-time Transport Protocol (SRTP), does not properly handle RTP header CSRC count and extension header length. A remote attacker can exploit this vulnerability to crash an application linked against libsrtp, resulting in a denial of service.; tags | advisory, remote, denial of service, protocol; systems | cisco, linux, debian; advisories | CVE-2015-6360; SHA-256 | 2a21727a1da862b7191dcc3e6d927736a0e79bdf2e9a74f409de9c5217970cc5; Download | Favorite | View

Debian Security Advisory 3539-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3539-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
April 02, 2016                        https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : srtp
CVE ID         : CVE-2015-6360
Debian Bug     : 807698

Randell Jesup and the Firefox team discovered that srtp, Cisco's
reference implementation of the Secure Real-time Transport Protocol
(SRTP), does not properly handle RTP header CSRC count and extension
header length. A remote attacker can exploit this vulnerability to crash
an application linked against libsrtp, resulting in a denial of service.

For the oldstable distribution (wheezy), this problem has been fixed
in version 1.4.4+20100615~dfsg-2+deb7u2.

For the stable distribution (jessie), this problem has been fixed in
version 1.4.5~20130609~dfsg-1.1+deb8u1.

We recommend that you upgrade your srtp packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJW/5YiAAoJEAVMuPMTQ89E8gsP/0d8vBGerfLxR4BrD4JTTIDm
pDNdH9ZYur9DcKmF5P9gqheErBOerhklEGqhG17HQraOf5+P5gRWnzBi0wUHLCr5
mGaH9enO2pj//whUTef7ru6xW3b50Lo2KexC2sYqFsb4efElN7z345OnhT51SlAX
tlfD800zyeZJ0CF2oVGuQsVaHRRMcmwNOycXsp1GOioLUS9vq5ZhgG8fh+c9PlSV
zPgvf7+bZmtYVTkc7juG2bb2dgzXbOVxpEwWAJlPrnlLyp8ZUdJurHUX24EiRasV
wscp/vXNC/mF4IL7IuWzpp/AmNcJiZL3+p94qyNtBKbbG2hLTr7ldQp+xBfRO7Fa
4dgqGhJq8Bhin1xIYndspNBSEWgUW1pCPNsW2ku4qQn8fKwxekDzDon7RnMAIOx1
zCnSDgzw5Rx0mNTp3ZdL/osjjgNNYglHTmCAQGnNwIo1Zmos2SMJSaMDkKRErEC4
QrvhHfOGIcJLcGWvKYdnZbslkOzZgVgOCUYseJH/iHSu/XLvxKdF+qlTibJF4Z3/
exgl9nEccspgj6oRC8sKhCs2m1B72ikkNHXW3s0edUbloOQ8o2LvT/hrM3vt21Vr
dErtfkzp2tni+0l5Rkhc5Fwtm6AnwSEkC+LSQiAW6Q0bCgGMHTlPwgQRWtN6jNP+
ftEZgsTbIwCvSBrSXUKv
=1pUt
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 232 files
Ubuntu 59 files
Debian 27 files
Valentin Lobstein 11 files
LiquidWorm 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
Yevhenii Butenko 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,318)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,567)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,456)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

Debian Security Advisory 3539-1

Debian Security Advisory 3539-1

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 3539-1

Share This

Debian Security Advisory 3539-1

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems