a7c6525110
Fixes the following security vulnerabilities:
CVE-2022-23537: Heap buffer overflow when decoding STUN message in pjproject
Possible buffer overread when parsing a specially crafted STUN message with
unknown attribute. The vulnerability affects Asterisk users using ICE
and/or WebRTC.
https://github.com/asterisk/asterisk/security/advisories/GHSA-4xjp-22g4-9fxm
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit
|
||
---|---|---|
.. | ||
0001-sounds-do-not-download-and-check-sha1s.patch | ||
0002-configure-fix-detection-of-libcrypt.patch | ||
0003-build-ensure-target-directory-for-modules-exists.patch | ||
0004-install-samples-need-the-data-files.patch | ||
0005-configure-fix-detection-of-re-entrant-resolver-funct.patch | ||
0006-main-iostream.c-fix-build-with-libressl.patch | ||
Config.in | ||
asterisk.hash | ||
asterisk.mk |