Accepted:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 15 Mar 2019 22:36:36 +0100
Source: libebml
Architecture: source
Version: 1.3.7-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Multimedia Maintainers
Changed-By: Matteo F. Vescovi
Changes:
libeb
libebml_1.3.7-1_source.changes uploaded successfully to localhost
along with the files:
libebml_1.3.7-1.dsc
libebml_1.3.7.orig.tar.xz
libebml_1.3.7-1.debian.tar.xz
libebml_1.3.7-1_source.buildinfo
Greetings,
Your Debian queue daemon (running on host usper.debian.org)
Accepted:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 15 Mar 2019 20:33:37 +0100
Source: embree
Architecture: source
Version: 3.5.2+dfsg-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Multimedia Maintainers
Changed-By: Matteo F. Vescovi
Changes:
e
embree_3.5.2+dfsg-1_source.changes uploaded successfully to localhost
along with the files:
embree_3.5.2+dfsg-1.dsc
embree_3.5.2+dfsg.orig.tar.xz
embree_3.5.2+dfsg-1.debian.tar.xz
embree_3.5.2+dfsg-1_source.buildinfo
Greetings,
Your Debian queue daemon (running on host usper.debia
Your message dated Fri, 15 Mar 2019 18:23:01 +0100
with message-id <20190315172301.gb24...@ramacher.at>
and subject line Re: Bug#924656: liblivemedia: CVE-2019-7314: mishandling of
RTSP stream termination causes use-after-free and crash
has caused the Debian Bug report #924656,
regarding libliveme
On 2019-03-15 16:26:25, Hugo Lefeuvre wrote:
> > liblivemedia provides an implementation of the server and client side of
> > RTSP. So, unless a CVE affects the code path used by the RTSP client (as
> > for example used by vlc), I won't spend any time on it.
>
> Ok, I thought live555 was also know
> liblivemedia provides an implementation of the server and client side of
> RTSP. So, unless a CVE affects the code path used by the RTSP client (as
> for example used by vlc), I won't spend any time on it.
Ok, I thought live555 was also known as one of the main free rtsp
server implementations.
Processing commands for cont...@bugs.debian.org:
> # will be fixed in DSA
> severity 924655 serious
Bug #924655 {Done: Sebastian Ramacher }
[src:liblivemedia] liblivemedia: CVE-2019-9215: invalid memory access in
parseAuthorizationHeader
Severity set to 'serious' from 'normal'
> found 924655 201
Processing commands for cont...@bugs.debian.org:
> # will be fixed in DSA
> severity 924656 serious
Bug #924656 [src:liblivemedia] liblivemedia: CVE-2019-7314: mishandling of RTSP
stream termination causes use-after-free and crash
Severity set to 'serious' from 'normal'
> found 924656 2016.11.28-
Hi
On 2019-03-15 15:43:15, Hugo Lefeuvre wrote:
> Hi,
>
> > Unless a CVE affects the client part of the library, I don't think it's
> > worth it. The client part is the only part used by reverse dependencies.
>
> What do you mean exactly with client part? The affected code is located
> in liveMe
Hi,
> Unless a CVE affects the client part of the library, I don't think it's
> worth it. The client part is the only part used by reverse dependencies.
What do you mean exactly with client part? The affected code is located
in liveMedia/RTSPServer.cpp.
regards,
Hugo
--
Hugo Le
Source: liblivemedia
Version: 2018.11.26-1
Severity: normal
Tags: security upstream
Hi,
The following vulnerability was published for liblivemedia.
CVE-2019-7314[0]:
liblivemedia in Live555 before 2019.02.03 mishandles the termination of an
RTSP stream after RTP/RTCP-over-RTSP has been set up,
Your message dated Fri, 15 Mar 2019 15:35:51 +0100
with message-id <20190315143551.ga15...@ramacher.at>
and subject line Re: Bug#924655: liblivemedia: CVE-2019-9215: invalid memory
access in parseAuthorizationHeader
has caused the Debian Bug report #924655,
regarding liblivemedia: CVE-2019-9215: i
Source: liblivemedia
Version: 2018.11.26-1
Severity: normal
Tags: security upstream
Hi,
The following vulnerability was published for liblivemedia.
CVE-2019-9215[0]: malformed headers lead to invalid memory access in
the parseAuthorizationHeader function.
I see this vulnerability was fixed in e
Hit this bug updating to Buster. AFAIK Stretch was using the same VLC
version.
Only occurs when video paused and pressing window close. Tray icon
remains and can bring up blank gray window but have to kill process with -9.
Changing from automatic to VDPAU fixes it.
With automatic terminal ou
Accepted:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA384
Format: 1.8
Date: Wed, 27 Feb 2019 18:53:36 +0100
Source: musescore
Binary: musescore-common musescore
Architecture: source all i386
Version: 2.3.2+dfsg2-4~bpo9+1
Distribution: stretch-backports
Urgency: medium
Maintainer: Debian Multim
16 matches
Mail list logo
