-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : srtp Version : 1.4.4~dfsg-6+deb6u2 CVE ID : CVE-2015-6360
Prevent potential DoS attack due to lack of bounds checking on RTP header CSRC count and extension header length. Credit goes to Randell Jesup and the Firefox team for reporting this issue.
(As there is no aead mode available in the Squeeze version, only srtp_unprotect() needed to be patched)
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQJ8BAEBCgBmBQJWnS5RXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5 NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHSfYP/i1RZlaf3JVpbX92GDsfOZ7s geL/tuffqBHXl+lrmvs2+ksaWSofzfctXH2/H1gJTBsS9XfZNUEGDdtCS9Jh1lS2 CPmVIx7qTq7g1qp8oh7Hn6IFkeHfk486oRvLhjloY2WLp7Kbu78j55brZ+lf/b00 nkUf2OI+rP3wZq7zrY75F9TLZ4IF7+lWwURDzAaihu+YDj1Z/VMOBUaFCro2Y10a AntftojKDROFkyyzDduQQfj+7avtfZsUo0Vf1u0oNyKzunkseh5WXlq6uPHfirGY guGuIUSZJ+rdEhqKmuHcohFbw2tm6ZZO8QapwR7KH31E8uCouKXgUVIRueF6XEC9 y4XNf1ScduhqMzxHAKuBaI69YwNCdxNkY61GN3tc6+5itEcuZsvPZ11oTytprLP4 8B6xgjTX34MQXh6WB39fhaEMRbcvAgmiqUS0bKfOe3YQoHqgdQ8BVzSr0WB1Ept/ ObTCDquv2VPV15MofWwA3Ek73Q8DYCmj5Gp5Cb6uCOf9U7irQWxk12K6CK8+n/uv jfd5AJIbt74s17VFadjUwy4CNH2pHtT1bZu4mebFVnVZVR8fGibLamZKKTwxkgFY bL3kqo60l3sjAPRoGM3XiOM0UAtnO24dkjQqJN+wdSqdNQjWhrEAEqM6e5FNSdAa cnBswr6k+0pm8H/qb9+0 =vccD -----END PGP SIGNATURE-----