Source: janus Version: 0.9.1+20200313-1 Severity: important Tags: security upstream fixed-upstream Forwarded: https://github.com/meetecho/janus-gateway/pull/1990
Hi, The following vulnerability was published for janus. CVE-2020-10577[0]: | An issue was discovered in Janus through 0.9.1. janus.c has multiple | concurrent threads that misuse the source property of a session, | leading to a race condition when claiming sessions. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2020-10577 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10577 [1] https://github.com/meetecho/janus-gateway/pull/1990 Please adjust the affected versions in the BTS as needed. Regards, Salvatore

