Package "librtmp0"
Name: |
librtmp0
|
Description: |
toolkit for RTMP streams (shared library)
|
Latest version: |
2.4~20110711.gitc28f1bab-1ubuntu0.1 |
Release: |
precise (12.04) |
Level: |
updates |
Repository: |
main |
Head package: |
rtmpdump |
Homepage: |
http://rtmpdump.mplayerhq.hu/ |
Links
Download "librtmp0"
Other versions of "librtmp0" in Precise
Changelog
rtmpdump (2.4~20110711.gitc28f1bab-1ubuntu0.1) precise-security; urgency=medium
[Marc Deslauriers]
* SECURITY UPDATE: denial of service in AMF3ReadString function
- debian/patches/CVE-2015-8270.patch: init str on unsupported
references in librtmp/amf.c.
- CVE-2015-8270
* SECURITY UPDATE: arbitrary code execution in AMF3CD_AddProp function
- debian/patches/CVE-2015-8271-1.patch: check for input buffer underrun
in librtmp/amf.c.
- debian/patches/CVE-2015-8271-2.patch: more input buffer checks in
librtmp/amf.c.
- CVE-2015-8271
* SECURITY UPDATE: denial of service via null pointer dereference
- debian/patches/CVE-2015-8272.patch: ignore requests without playpath
in rtmpsrv.c.
- CVE-2015-8272
-- Emily Ratliff <email address hidden> Fri, 19 May 2017 08:34:49 -0500
|
CVE-2015-8270 |
The AMF3ReadString function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to cause a denial of service (invalid pointer dereference and p |
CVE-2015-8271 |
The AMF3CD_AddProp function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to execute arbitrary code. |
CVE-2015-8272 |
RTMPDump 2.4 allows remote attackers to trigger a denial of service (NULL pointer dereference and process crash). |
|
About
-
Send Feedback to @ubuntu_updates