2cb389deca
Fixes the following security issues: CVE-2019-12827: A specially crafted SIP in-dialog MESSAGE message can cause Asterisk to crash: https://downloads.asterisk.org/pub/security/AST-2019-002.html CVE-2019-13161: When T.38 faxing is done in Asterisk a T.38 reinvite may be sent to an endpoint to switch it to T.38. If the endpoint responds with an improperly formatted SDP answer including both a T.38 UDPTL stream and an audio or video stream containing only codecs not allowed on the SIP peer or user a crash will occur. The code incorrectly assumes that there will be at least one common codec when T.38 is also in the SDP answer: https://downloads.asterisk.org/pub/security/AST-2019-003.html Signed-off-by: Peter Korsgaard <peter@korsgaard.com> |
||
|---|---|---|
| .. | ||
| 0001-sounds-do-not-download-and-check-sha1s.patch | ||
| 0002-configure-fix-detection-of-libcrypt.patch | ||
| 0003-build-ensure-target-directory-for-modules-exists.patch | ||
| 0004-install-samples-need-the-data-files.patch | ||
| 0005-configure-fix-detection-of-re-entrant-resolver-funct.patch | ||
| asterisk.hash | ||
| asterisk.mk | ||
| Config.in | ||