[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1040-1] resiprocate security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : resiprocate
Version        : 1.8.5-4+deb7u1
CVE ID         : CVE-2017-11521


CVE-2017-11521
   The SdpContents::Session::Medium::parse function in
   resip/stack/SdpContents.cxx in reSIProcate 1.10.2 allows remote
   attackers to cause a denial of service (memory consumption) by
   triggering many media connections.



For Debian 7 "Wheezy", these problems have been fixed in version
1.8.5-4+deb7u1.

We recommend that you upgrade your resiprocate packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQJ8BAEBCgBmBQJZePdsXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHJmcQAKamUa7W0UseFdDhpqmGEEkq
DnlH88H0Mxddwmt6RzSgXC0PB1rGx8x2FGRk3CZsBB8wPcCq946zv6DdKnI0ryjo
GA4CDXXokPRZvzrfyj1u7DNTUSv/Bw0XySgvq3WngkkEjgFnWIyMZTfZJrf0WS1Z
D46A0YuNB8KRZH/HmTRiy8/a8RSVBMAMrLn+jnlDDeyE+wtU7paGBqrD0bq0uDTE
52u2L4/ljh7yLyfjHwT8tq4WHIXfDC7tBY0qqJ4xPRetSyI00pQdczgGw8u2qbsB
zR6wbemuk9S3xQOn91gHz2Qe8CU06WzPL2LKE5r8+bbc5rzYLfJhPUmEPd1BxnHI
w6MXh+nMPkBGIczmQ0Ku1gPrkX5mfBtKz3y59I9s2IAMFv/wb0B+LtL2H3jMQqko
p3P/aPZxCXREIzjZwXFo3ZqN5xqVgdtckZxWfp16V6WZGRweHFYOl0Lj3MKraK9t
fMq9RH0tFsWNpMQyDj/tnU9/0p36qpZY1v3wZiG/WzI27UpHiQvS7jr59m6m1GS3
lFC8rJnZIOIdVFWkdL6bgich82/s3jFEoDvSLgnQ96O9e5oYYK5Ze/1dqm0UWr1L
aFl2kddkkVclDenBdmQz62qtI6elPX8uhWru6nP2Qj7FYrSeuNLzEGi/CYUQY7Fm
pCZnVsmR7Dh2N4apNAT5
=Ldiz
-----END PGP SIGNATURE-----


Reply to: