[Live-devel] New "LIVE555 Streaming Media" version released - patches potential security vulnerability for some RTSP servers

Ross Finlayson Tue, 16 Mar 2021 00:11:24 -0700

I have just installed a new version (2021.03.16) of the “LIVE555 Streaming 
Media” code that fixes the bug (a potential security vulnerability) that Zhao 
Jiaxu reported yesterday.


If your code implements a RTSP server that uses one or more of the following 
"OnDemandServerMediaSubsession” subclasses:
        AC3AudioFileServerMediaSubsession
        ADTSAudioFileServerMediaSubsession
        AMRAudioFileServerMediaSubsession
then you should upgrade to the latest version of the code ASAP.  (This includes 
the “testOnDemandRTSPServer” demo application.  Note, however, that the 
"DynamicRTSPServer" code used by the "LIVE555 Media Server" is not vulnerable 
to this bug.)


Ross Finlayson
Live Networks, Inc.
http://www.live555.com/


_______________________________________________
live-devel mailing list
live-devel@lists.live555.com
http://lists.live555.com/mailman/listinfo/live-devel

[Live-devel] New "LIVE555 Streaming Media" version released - patches potential security vulnerability for some RTSP servers

Reply via email to