[Live-devel] New "LIVE555 Streaming Media" version released - patches potential security vulnerability for some RTSP servers

Ross Finlayson finlayson at live555.com
Tue Mar 16 00:03:35 PDT 2021

I have just installed a new version (2021.03.16) of the “LIVE555 Streaming Media” code that fixes the bug (a potential security vulnerability) that Zhao Jiaxu reported yesterday.

If your code implements a RTSP server that uses one or more of the following "OnDemandServerMediaSubsession” subclasses:
then you should upgrade to the latest version of the code ASAP.  (This includes the “testOnDemandRTSPServer” demo application.  Note, however, that the "DynamicRTSPServer" code used by the "LIVE555 Media Server" is not vulnerable to this bug.)

Ross Finlayson
Live Networks, Inc.

More information about the live-devel mailing list