Debian 9844 Published by

Updated resiprocate packages has been released for Debian GNU/Linux 7 LTS



Package : resiprocate
Version : 1.8.5-4+deb7u1
CVE ID : CVE-2017-11521


CVE-2017-11521
The SdpContents::Session::Medium::parse function in
resip/stack/SdpContents.cxx in reSIProcate 1.10.2 allows remote
attackers to cause a denial of service (memory consumption) by
triggering many media connections.



For Debian 7 "Wheezy", these problems have been fixed in version
1.8.5-4+deb7u1.

We recommend that you upgrade your resiprocate packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
  Resiprocate security update for Debian 7 LTS