kumquat-buildroot/package/asterisk/asterisk.hash
Peter Korsgaard 14aab69703 package/asterisk: security bump to version 16.4.1
Fixes the following security issues:

CVE-2019-12827: A specially crafted SIP in-dialog MESSAGE message can cause
Asterisk to crash:

https://downloads.asterisk.org/pub/security/AST-2019-002.html

CVE-2019-13161: When T.38 faxing is done in Asterisk a T.38 reinvite may be
sent to an endpoint to switch it to T.38.  If the endpoint responds with an
improperly formatted SDP answer including both a T.38 UDPTL stream and an
audio or video stream containing only codecs not allowed on the SIP peer or
user a crash will occur.  The code incorrectly assumes that there will be at
least one common codec when T.38 is also in the SDP answer:

https://downloads.asterisk.org/pub/security/AST-2019-003.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 2cb389deca)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-08-20 15:55:49 +02:00

16 lines
1.1 KiB
Plaintext

# Locally computed
sha256 8cabb7a6ad2c35b7fb5c520977f2b2c18b471e5b825b65dc411744c6bed2b9f8 asterisk-16.4.1.tar.gz
# sha1 from: http://downloads.asterisk.org/pub/telephony/sounds/releases
# sha256 locally computed
sha1 721c512feaea102700d5bdce952fdc0bb29dc640 asterisk-core-sounds-en-gsm-1.6.1.tar.gz
sha256 d79c3d2044d41da8f363c447dfccc140be86b4fcc41b1ca5a60a80da52f24f2d asterisk-core-sounds-en-gsm-1.6.1.tar.gz
sha1 f40fd6ea03dfe8d72ada2540b2288bfdc006381d asterisk-moh-opsound-wav-2.03.tar.gz
sha256 449fb810d16502c3052fedf02f7e77b36206ac5a145f3dacf4177843a2fcb538 asterisk-moh-opsound-wav-2.03.tar.gz
# License files, locally computed
sha256 82af40ed7f49c08685360811993d9396320842f021df828801d733e8fdc0312f COPYING
sha256 ac5571f00e558e3b7c9b3f13f421b874cc12cf4250c4f70094c71544cf486312 main/sha1.c
sha256 309462c10e84f46bda22032ebe6359f3e9e3e23afcf1fc2aaed5b59daf800d84 codecs/speex/speex_resampler.h
sha256 1ca2c7a7a1ae7ccd75212a8c1e85dd9ec92bdbc9170aafd97ea60459387755fd utils/db1-ast/include/db.h