Debian 10229 Published by

A pjproject security update has been released for Debian GNU/Linux 9 Extended LTS to address a buffer overflow vulnerability.



ELA-710-1 pjproject security update

Package pjproject
Version 2.5.5~dfsg-6+deb9u7 (stretch)
Related CVEs CVE-2022-39244

PJSIP is a free and open source multimedia communication library written in C. The PJSIP parser, PJMEDIA RTP decoder, and PJMEDIA SDP parser are affected by a buffer overflow vulnerability. Users connecting to untrusted clients are at risk.

For Debian 9 stretch, these problems have been fixed in version 2.5.5~dfsg-6+deb9u7.

We recommend that you upgrade your pjproject packages.

Further information about Extended LTS security advisories can be found at: debian Extended Long term support

  ELA-710-1 pjproject security update