Bug 1148844 - (CVE-2019-15784) VUL-1: CVE-2019-15784: srt: array overflow if there are many SRT connections.
(CVE-2019-15784)
VUL-1: CVE-2019-15784: srt: array overflow if there are many SRT connections.
Status: RESOLVED FIXED
Classification: openSUSE
Product: openSUSE Distribution
Classification: openSUSE
Component: Security
Leap 15.1
Other Other
: P4 - Low : Minor (vote)
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/241447/
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2019-08-29 15:53 UTC by Alexandros Toptsoglou
Modified: 2020-05-04 10:00 UTC (History)
0 users

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alexandros Toptsoglou 2019-08-29 15:53:17 UTC
CVE-2019-15784

Secure Reliable Transport (SRT) through 1.3.4 has a CSndUList array overflow if
there are many SRT connections.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-15784
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15784
https://github.com/Haivision/srt/pull/811
Comment 1 Swamp Workflow Management 2019-08-30 17:00:07 UTC
This is an autogenerated message for OBS integration:
This bug (1148844) was mentioned in
https://build.opensuse.org/request/show/727288 15.1 / srt
Comment 2 Swamp Workflow Management 2019-09-07 16:10:56 UTC
openSUSE-SU-2019:2083-1: An update that fixes one vulnerability is now available.

Category: security (moderate)
Bug References: 1148844
CVE References: CVE-2019-15784
Sources used:
openSUSE Leap 15.1 (src):    srt-1.3.4-lp151.2.3.1
Comment 3 Swamp Workflow Management 2019-09-13 00:58:53 UTC
openSUSE-SU-2019:2128-1: An update that fixes one vulnerability is now available.

Category: security (moderate)
Bug References: 1148844
CVE References: CVE-2019-15784
Sources used:
openSUSE Backports SLE-15-SP1 (src):    srt-1.3.4-bp151.3.3.1
Comment 4 Alexandros Toptsoglou 2020-05-04 10:00:14 UTC
Done