c2c35ab857
Fixes the following security issues:
AST-2019-004: Crash when negotiating for T.38 with a declined stream
When Asterisk sends a re-invite initiating T.38 faxing, and the endpoint
responds with a declined media stream a crash will then occur in Asterisk.
https://downloads.asterisk.org/pub/security/AST-2019-004.pdf
AST-2019-005: Remote Crash Vulnerability in audio transcoding
When audio frames are given to the audio transcoding support in Asterisk the
number of samples are examined and as part of this a message is output to
indicate that no samples are present. A change was done to suppress this
message for a particular scenario in which the message was not relevant. This
change assumed that information about the origin of a frame will always exist
when in reality it may not.
https://downloads.asterisk.org/pub/security/AST-2019-005.pdf
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit
|
||
|---|---|---|
| .. | ||
| 0001-sounds-do-not-download-and-check-sha1s.patch | ||
| 0002-configure-fix-detection-of-libcrypt.patch | ||
| 0003-build-ensure-target-directory-for-modules-exists.patch | ||
| 0004-install-samples-need-the-data-files.patch | ||
| 0005-configure-fix-detection-of-re-entrant-resolver-funct.patch | ||
| asterisk.hash | ||
| asterisk.mk | ||
| Config.in | ||