package/asterisk: security bump to version 16.30.1

Fixes the following security vulnerabilities: CVE-2022-23537: Heap buffer overflow when decoding STUN message in pjproject Possible buffer overread when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects Asterisk users using ICE and/or WebRTC. https://github.com/asterisk/asterisk/security/advisories/GHSA-4xjp-22g4-9fxm Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-09-17 11:02:20 +02:00 · 2023-09-17 11:02:20 +02:00 · 01ec478cb6
commit 01ec478cb6
parent 7691377873
2 changed files with 2 additions and 2 deletions
--- a/package/asterisk/asterisk.hash
+++ b/package/asterisk/asterisk.hash
@ -1,5 +1,5 @@
 # Locally computed
-sha256  9b93006a87be9c29492299118200e4f66c8369851c66a50fdef5b15dfc4eb2c2  asterisk-16.29.1.tar.gz
+sha256  ef1ddc07dc02bb0c5f5ba58a5e42e42bcb63e55ac94199be8e3b5d3910f43736  asterisk-16.30.1.tar.gz

 # sha1 from: http://downloads.asterisk.org/pub/telephony/sounds/releases
 # sha256 locally computed
--- a/package/asterisk/asterisk.mk
+++ b/package/asterisk/asterisk.mk
@ -4,7 +4,7 @@
 #
 ################################################################################

-ASTERISK_VERSION = 16.29.1
+ASTERISK_VERSION = 16.30.1
 # Use the github mirror: it's an official mirror maintained by Digium, and
 # provides tarballs, which the main Asterisk git tree (behind Gerrit) does not.
 ASTERISK_SITE = $(call github,asterisk,asterisk,$(ASTERISK_VERSION))