Package motion updated to version 4.5.1-alt1 for branch c9f2 in task 375994.

Published: 2020-10-26
Modified: 2024-11-21

CVE-2020-26566

A Denial of Service condition in Motion-Project Motion 3.2 through 4.3.1 allows remote unauthenticated users to cause a webu.c segmentation fault and kill the main process via a crafted HTTP request.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

https://github.com/Motion-Project/motion/issues/1227#issuecomment-715927776
https://github.com/Motion-Project/motion/issues/1227#issuecomment-715927776
https://github.com/Motion-Project/motion/releases
https://github.com/Motion-Project/motion/releases
https://motion-project.github.io/index.html
https://motion-project.github.io/index.html
GLSA-202208-18
GLSA-202208-18

/etc/motion/motion.conf в spec-файле без noreplace

Version: 2.1.0

Package motion update in c9f2 on 2025-03-03

ALT-PU-2025-3447-3

Closed vulnerabilities

CVE-2020-26566

Closed bugs

Bug #41020