kumquat-buildroot/package/asterisk
Peter Korsgaard 289a15f33b package/asterisk: security bump to version 16.21.1
Fixes the following security issues:

16.15.0:
- ASTERISK-29057: pjsip: Crash on call rejection during high load

16.15.1:
- AST-2020-003: Remote crash in res_pjsip_diversion
  A crash can occur in Asterisk when a SIP message is received that has a
  History-Info header, which contains a tel-uri.
  https://downloads.asterisk.org/pub/security/AST-2020-003.pdf

- AST-2020-004: Remote crash in res_pjsip_diversion
  A crash can occur in Asterisk when a SIP 181 response is received that has
  a Diversion header, which contains a tel-uri.
  https://downloads.asterisk.org/pub/security/AST-2020-004.pdf

16.16.0:
- ASTERISK-29219: res_pjsip_diversion: Crash if Tel URI contains History-Info

16.16.1:
- AST-2021-001: Remote crash in res_pjsip_diversion
  If a registered user is tricked into dialing a malicious number that sends
  lots of 181 responses to Asterisk, each one will cause a 181 to be sent
  back to the original caller with an increasing number of entries in the
  “Supported” header.  Eventually the number of entries in the header
  exceeds the size of the entry array and causes a crash.
  https://downloads.asterisk.org/pub/security/AST-2021-001.pdf

- AST-2021-002: Remote crash possible when negotiating T.38
  When re-negotiating for T.38 if the initial remote response was delayed
  just enough Asterisk would send both audio and T.38 in the SDP.  If this
  happened, and the remote responded with a declined T.38 stream then
  Asterisk would crash.
  https://downloads.asterisk.org/pub/security/AST-2021-002.pdf

- AST-2021-003: Remote attacker could prematurely tear down SRTP calls
  An unauthenticated remote attacker could replay SRTP packets which could
  cause an Asterisk instance configured without strict RTP validation to
  tear down calls prematurely.
  https://downloads.asterisk.org/pub/security/AST-2021-003.pdf

- AST-2021-004: An unsuspecting user could crash Asterisk with multiple
  hold/unhold requests
  Due to a signedness comparison mismatch, an authenticated WebRTC client
  could cause a stack overflow and Asterisk crash by sending multiple
  hold/unhold requests in quick succession.
  https://downloads.asterisk.org/pub/security/AST-2021-004.pdf

- AST-2021-005: Remote Crash Vulnerability in PJSIP channel driver
  Given a scenario where an outgoing call is placed from Asterisk to a
  remote SIP server it is possible for a crash to occur.
  https://downloads.asterisk.org/pub/security/AST-2021-005.pdf

16.16.2:
- AST-2021-006: Crash when negotiating T.38 with a zero port
  When Asterisk sends a re-invite initiating T.38 faxing and the endpoint
  responds with a m=image line and zero port, a crash will occur in
  Asterisk.
  This is a reoccurrence of AST-2019-004.
  https://downloads.asterisk.org/pub/security/AST-2021-006.pdf

16.17.0:
- ASTERISK-29203 / AST-2021-002 — Another scenario is causing a crash

- ASTERISK-29260: sRTP Replay Protection ignored; even tears down long calls

- ASTERISK-29227: res_pjsip_diversion: sending multiple 181 responses causes
  memory corruption and crash

16.19.1:
- AST-2021-007: Remote Crash Vulnerability in PJSIP channel driver
  When Asterisk receives a re-INVITE without SDP after having sent a BYE
  request a crash will occur.  This occurs due to the Asterisk channel no
  longer being present while code assumes it is.
  https://downloads.asterisk.org/pub/security/AST-2021-007.pdf

- AST-2021-008: Remote crash when using IAX2 channel driver
  If the IAX2 channel driver receives a packet that contains an unsupported
  media format it can cause a crash to occur in Asterisk.
  https://downloads.asterisk.org/pub/security/AST-2021-008.pdf

- AST-2021-009: pjproject/pjsip: crash when SSL socket destroyed during
  handshake
  Depending on the timing, it’s possible for Asterisk to crash when using a
  TLS connection if the underlying socket parent/listener gets destroyed
  during the handshake.
  https://downloads.asterisk.org/pub/security/AST-2021-009.pdf

16.20.0:
- ASTERISK-29415: Crash in PJSIP TLS transport

- ASTERISK-29381: chan_pjsip: Remote denial of service by an authenticated
  user

In addition, a large number of bugfixes.

Drop now upstreamed
0006-AC_HEADER_STDC-causes-a-compile-failure-with-autoconf-2-70.patch.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-10-24 16:13:44 +02:00
..
0001-sounds-do-not-download-and-check-sha1s.patch
0002-configure-fix-detection-of-libcrypt.patch
0003-build-ensure-target-directory-for-modules-exists.patch
0004-install-samples-need-the-data-files.patch
0005-configure-fix-detection-of-re-entrant-resolver-funct.patch
asterisk.hash package/asterisk: security bump to version 16.21.1 2021-10-24 16:13:44 +02:00
asterisk.mk package/asterisk: security bump to version 16.21.1 2021-10-24 16:13:44 +02:00
Config.in