Fixes the following vulnerabilities:
- CVE-2018-1000098: Crash when parsing SDP with an invalid media format
description
- CVE-2018-1000099: Crash when receiving SDP with invalid fmtp attribute
[Peter: add CVE info]
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This merges the next branch accumulated during the 2017.11 release
cycle back into the master branch.
A few conflicts had to be resolved:
- In the DEVELOPERS file, because Fabrice Fontaine was added as a
developer for libupnp in master, and for libupnp18 in
next. Resolution is simple: add him for both.
- linux/Config.in, because we updated the 4.13.x release used by
default in master, while we moved to 4.14 in next. Resolution: use
4.14.
- package/libupnp/libupnp.hash: a hash for the license file was added
in master, while the package was bumped into next. Resolution: keep
the hash for the license file, and keep the hash for the newest
version of libupnp.
- package/linux-headers/Config.in.host: default version of the kernel
headers for 4.13 was bumped to the latest 4.13.x in master, but was
changed to 4.14 in next. Resolution: use 4.14.
- package/samba4/: samba was bumped to 4.6.11 in master for security
reasons, but was bumped to 4.7.3 in next. Resolution: keep 4.7.3.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Currently, ssl support is implicitely disabled in the initial configure
options. This overrides the check for openssl below.
libpjsip is also currently only compatible with libopenssl. Change
the check to LIBOPENSSL instead of openssl, and depend on libopenssl.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
disable-small-filter and disable-large-filter have been deprecated as
of 2.7, causing messages during compile time complaining about how they
are deprecated and have no effect.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Also add hash for license file
See release notes for details:
https://trac.pjsip.org/repos/milestone/release-2.7.1
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We want to use SPDX identifier for license strings as much as possible.
SPDX short identifier for GPLv2/GPLv2+ is GPL-2.0/GPL-2.0+.
This change is done by using following command.
find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/\<GPLv2\>/GPL-2.0/g'
Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
In addition, --disable-webrtc has been changed to --disable-libwebrtc
in the aconfigure file.
Signed-off-by: Adam Duskett <aduskett@codeblue.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
As it happens, specifying the path where to look for libsrtp is not
needed: pjsip does not use the argument to --with-external-srtp as a
search path at all; it only checks whether it is 'no' or something
else.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Tested-by: Luca Ceresoli <luca@lucaceresoli.net>
Acked-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
There are a bunch of options that are left unspecified; explicitly
disable them.
The epoll case is special: the configure script is broken, and will
enable it whether we pass --enable-epoll or --disable-epoll. But that's
OK because we prefer epoll over the alternative (select). So we do not
need to fix it. Which is nice becasue the configure.ac is named
aconfigure.ac (yes, with a leading 'a'), so it does not autoreconf
nicely... :-/
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Luca Ceresoli <luca@lucaceresoli.net>
Reviewed-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Remove patches now upstream.
Disable new optional features: webrtc and opus.
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The GCC manual suggest when getting:
relocation truncated to fit: R_68K_GOT16O foobar
to use -mxgot.
Fixes:
http://autobuild.buildroot.org/results/e8cdfaf8e2da29a855b5bc09774f3aadee087737/
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Cc: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
libpjsip bundles several third party libraries. In Buildroot we prefer
either not to build them or to depend on a proper package for each of
them. The current recipe disables most of them, but not all, so
disable the remaining ones.
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
libpjsip needs libsrtp to build, but it bundles a libsrtp version in
case one is not found during the configure step. The Buildroot policy
in such cases is to force using the external package, so forcibly
depend on libsrtp.
Adding --with-external-srtp also fixes libpjsip not correctly the
libsrtp installed in staging, which shows up with the symptom:
.../libpjmedia.so: undefined reference to `srtp_deinit'
collect2: error: ld returned 1 exit status
Fixes:
http://autobuild.buildroot.org/results/305/305fdc8442cd2e8f51b90485be0dca83ffa36603/http://autobuild.buildroot.org/results/a2f/a2f407c1361ac5c24af122445e84645e9aee309d/
...and many other similar autobuild failures.
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
