PJSIP is a free and open source multimedia communication library written
in C language implementing standard based protocols such as SIP, SDP,
RTP, STUN, TURN, and ICE. In versions prior to and including 2.12.1 a
stack buffer overflow vulnerability affects PJSIP users that use STUN in
their applications, either by: setting a STUN server in their
account/media config in PJSUA/PJSUA2 level, or directly using
`pjlib-util/stun_simple` API.
https://github.com/pjsip/pjproject/security/advisories/GHSA-26j7-ww69-c4qj
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7ea3831685