kumquat-buildroot/package/asterisk
Peter Korsgaard 339d3e82e8 package/asterisk: security bump to version 16.14.1
Fixes the following security issues:

- AST-2020-001: Remote crash in res_pjsip_session
  Upon receiving a new SIP Invite, Asterisk did not return the created
  dialog locked or referenced.

- AST-2020-002: Outbound INVITE loop on challenge with different nonce
  If Asterisk is challenged on an outbound INVITE and the nonce is changed
  in each response, Asterisk will continually send INVITEs in a loop.  This
  causes Asterisk to consume more and more memory since the transaction will
  never terminate (even if the call is hung up), ultimately leading to a
  restart or shutdown of Asterisk.  Outbound authentication must be
  configured on the endpoint for this to occur.

For details, see the announcement:
https://www.asterisk.org/asterisk-news/asterisk-13-37-1-16-14-1-17-8-1-18-0-1-and-16-8-cert5-now-available-security/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-11-12 21:57:20 +01:00
..
0001-sounds-do-not-download-and-check-sha1s.patch
0002-configure-fix-detection-of-libcrypt.patch
0003-build-ensure-target-directory-for-modules-exists.patch
0004-install-samples-need-the-data-files.patch
0005-configure-fix-detection-of-re-entrant-resolver-funct.patch
asterisk.hash package/asterisk: security bump to version 16.14.1 2020-11-12 21:57:20 +01:00
asterisk.mk package/asterisk: security bump to version 16.14.1 2020-11-12 21:57:20 +01:00
Config.in