package/asterisk: security bump to version 16.29.1

Fixes the following security issues:

- CVE-2022-37325: A zero length Called or Calling Party Number can cause a
  buffer under-run and Asterisk crash.

  https://downloads.asterisk.org/pub/security/AST-2022-007.html

- CVE-2022-42705: Use after free in res_pjsip_pubsub.c may allow a remote
  authenticated attacker to crash Asterisk (denial of service) by performing
  activity on a subscription via a reliable transport at the same time
  Asterisk is also performing activty on that subscription.

  https://downloads.asterisk.org/pub/security/AST-2022-008.html

- CVE-2022-42706: AMI Users with “config” permissions may read files outside
  of Asterisk directory via GetConfig AMI Action even if “live_dangerously"
  is set to "no"

  https://downloads.asterisk.org/pub/security/AST-2022-009.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/asterisk/asterisk.hash

@@ -1,5 +1,5 @@
 # Locally computed
-sha256  6e9c2f350db018df854b1301687ced8993facb2787698336e55cd19e0ae3ebfe  asterisk-16.28.0.tar.gz
+sha256  9b93006a87be9c29492299118200e4f66c8369851c66a50fdef5b15dfc4eb2c2  asterisk-16.29.1.tar.gz
 
 # sha1 from: http://downloads.asterisk.org/pub/telephony/sounds/releases
 # sha256 locally computed

package/asterisk/asterisk.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-ASTERISK_VERSION = 16.28.0
+ASTERISK_VERSION = 16.29.1
 # Use the github mirror: it's an official mirror maintained by Digium, and
 # provides tarballs, which the main Asterisk git tree (behind Gerrit) does not.
 ASTERISK_SITE = $(call github,asterisk,asterisk,$(ASTERISK_VERSION))