mirror of
https://github.com/godotengine/buildroot.git
synced 2026-01-06 18:09:44 +03:00
2cb389deca
Fixes the following security issues: CVE-2019-12827: A specially crafted SIP in-dialog MESSAGE message can cause Asterisk to crash: https://downloads.asterisk.org/pub/security/AST-2019-002.html CVE-2019-13161: When T.38 faxing is done in Asterisk a T.38 reinvite may be sent to an endpoint to switch it to T.38. If the endpoint responds with an improperly formatted SDP answer including both a T.38 UDPTL stream and an audio or video stream containing only codecs not allowed on the SIP peer or user a crash will occur. The code incorrectly assumes that there will be at least one common codec when T.38 is also in the SDP answer: https://downloads.asterisk.org/pub/security/AST-2019-003.html Signed-off-by: Peter Korsgaard <peter@korsgaard.com>