Opened 16 years ago
Closed 16 years ago
Last modified 16 years ago
#5030 closed defect (fixed)
CVE-2007-6036 denial of service security bug in liveMedia
Reported by: | Owned by: | Isaac Richards | |
---|---|---|---|
Priority: | minor | Milestone: | 0.21.1 |
Component: | mythtv | Version: | 0.21-fixes |
Severity: | medium | Keywords: | |
Cc: | Ticket locked: | no |
Description
The liveMedia library has a bug in the RTSP code that makes it possible to cause a denial of service in applications that use the library. This is reported in CVE-2007-6036.
The latest version of liveMedia includes the fix. But that is probably way too much churning for a stable branch. So I am including a much smaller patch which fixes just the things associated to the security flaw.
Attachments (1)
Change History (3)
Changed 16 years ago by
Attachment: | libs_libmythlivemedia_cve-2007-6036.patch added |
---|
comment:1 Changed 16 years ago by
Resolution: | → fixed |
---|---|
Status: | new → closed |
Note: See
TracTickets for help on using
tickets.
backport of the DoS fix from liveMedia 2008-02-08 tarball