Upstream information

CVE-2021-38382 at MITRE

Description

Live555 through 1.08 does not handle Matroska and Ogg files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having low severity.

SUSE Bugzilla entry: 1189353 [NEW]

No SUSE Security Announcements cross referenced.

List of released packages

Product(s) Fixed package version(s) References
openSUSE Tumbleweed
  • libBasicUsageEnvironment1 >= 2021.08.23-1.2
  • libUsageEnvironment3 >= 2021.08.23-1.2
  • libgroupsock30 >= 2021.08.23-1.2
  • libliveMedia97 >= 2021.08.23-1.2
  • live555 >= 2021.08.23-1.2
  • live555-devel >= 2021.08.23-1.2
Patchnames:
openSUSE Tumbleweed GA libBasicUsageEnvironment1-2021.08.23-1.2