On December 1, 2015 9:18:52 AM EST, Ben Hutchings wrote:
>On Tue, 2015-12-01 at 08:39 -0500, Scott Kitterman wrote:
>> I checked this yesterday and the offending code isn't present in the
>1.4
>> versions of srtp.
>
>Only because the range checks that have just been fixed
I checked this yesterday and the offending code isn't present in the 1.4
versions of srtp.
Scott K
On Tue, 2015-12-01 at 08:39 -0500, Scott Kitterman wrote:
> I checked this yesterday and the offending code isn't present in the 1.4
> versions of srtp.
Only because the range checks that have just been fixed in the upstream
patches aren't present at all in 1.4!
These sites do need to be fixed:
Quoting Ben Hutchings (2015-11-30 03:04:17)
> On Mon, 2015-11-30 at 02:31 +0100, Jonas Smedegaard wrote:
>> Quoting Ben Hutchings (2015-11-30 02:11:10)
>>> the Debian LTS team would like to fix the security issues which are
>>> currently open in the Squeeze version of srtp:
>>>
Hi Ben and others,
Quoting Ben Hutchings (2015-11-30 02:11:10)
> the Debian LTS team would like to fix the security issues which are
> currently open in the Squeeze version of srtp:
> https://security-tracker.debian.org/tracker/CVE-2015-6360
>
> Would you like to take care of this yourself?
On Mon, 2015-11-30 at 02:31 +0100, Jonas Smedegaard wrote:
> Hi Ben and others,
>
> Quoting Ben Hutchings (2015-11-30 02:11:10)
> > the Debian LTS team would like to fix the security issues which are
> > currently open in the Squeeze version of srtp:
> >