[SECURITY] Fedora EPEL 5 Update: libzrtpcpp-3.2.1-3.el5

Sun Sep 1 18:49:47 UTC 2013

--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2013-11174
2013-08-16 15:51:46
--------------------------------------------------------------------------------

Name        : libzrtpcpp
Product     : Fedora EPEL 5
Version     : 3.2.1
Release     : 3.el5
URL         : https://github.com/wernerd/ZRTPCPP
Summary     : ZRTP support library for the GNU ccRTP stack
Description :
This package provides a library that adds ZRTP support to the GNU
ccRTP stack. Phil Zimmermann developed ZRTP to allow ad-hoc, easy to
use key negotiation to setup Secure RTP (SRTP) sessions. GNU ZRTP
together with GNU ccRTP (1.5.0 or later) provides a ZRTP
implementation that can be directly embedded into client and server
applications.

--------------------------------------------------------------------------------
Update Information:

new upstream version
fixes CVE-2013-2221 CVE-2013-2222 CVE-2013-2223
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #980904 - CVE-2013-2221 CVE-2013-2222 CVE-2013-2223 libzrtpcpp various flaws [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=980904
  [ 2 ] Bug #980905 - libzrtpcpp: CVE-2013-2221 libzrtpcpp: Heap-based buffer overflow when processing overly-large ZRTP packets [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=980905
--------------------------------------------------------------------------------

This update can be installed with the "yum" update programs.  Use
su -c 'yum update libzrtpcpp' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora EPEL GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------