ELA-645-1 pjproject security update
Package pjproject
ELA-645-1 pjproject security update
Version 2.5.5~dfsg-6+deb9u6 (stretch)
Related CVEs CVE-2022-31031
There was a stack buffer overflow vulnerability in pjproject, a multimedia communication library used in various VOIP frameworks. pjproject now maintains a maximum attribute count to prevent from this happening.
For Debian 9 stretch, these problems have been fixed in version 2.5.5~dfsg-6+deb9u6.
We recommend that you upgrade your pjproject packages.
Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/
A pjproject security update has been released for Debian GNU/Linux 9 Extended LTS to address a stack buffer overflow vulnerability.