Synopsis:          Moderate: libsrtp security and bug fix update
Advisory ID:       SLSA-2020:3873-1
Issue Date:        2020-10-01
CVE Numbers:       CVE-2013-2139
                   CVE-2015-6360
--

Security Fix(es):

* libsrtp: improper handling of CSRC count and extension header length in
RTP header (CVE-2015-6360)

* libsrtp: buffer overflow in application of crypto profiles
(CVE-2013-2139)
--

SL7
  x86_64
    libsrtp-1.4.4-11.20101004cvs.el7.x86_64.rpm
    libsrtp-1.4.4-11.20101004cvs.el7.i686.rpm
    libsrtp-debuginfo-1.4.4-11.20101004cvs.el7.i686.rpm
    libsrtp-debuginfo-1.4.4-11.20101004cvs.el7.x86_64.rpm
    libsrtp-devel-1.4.4-11.20101004cvs.el7.i686.rpm
    libsrtp-devel-1.4.4-11.20101004cvs.el7.x86_64.rpm

- Scientific Linux Development Team