-
Notifications
You must be signed in to change notification settings - Fork 58
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CVE-2022-46871 impact on Kurento #23
Comments
Why do they hide what version is affected by the vulnerability? I went to that link (and several links from there) and still am wondering how to know if Kurento 6.x might be affected. Kurento 7 uses the package |
Versions 0.9.5.0 and 0.9.4.0 of |
Version in Ubuntu 20.04 is 0.9.3.0 so it seems it might and probably is affected:
The commit you linked is from July 2020, and the package version indicates that it was built on 2019, so this probably calls for opening a security ticket with the folks at Canonical. Would you be able to do that and let us know so we can track the state of this issue? |
Issue opened here : https://bugs.launchpad.net/ubuntu/+source/libusrsctp/+bug/2015448 |
Hi,
A vulnerability has been identified in the libusrsctp library, itself used in Kurento. Is Kurento affected by this vulnerability and if so, which versions?
The text was updated successfully, but these errors were encountered: