deepcrayon
/
buildroot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

libpjsip: security bump to 2.7.2 

Fixes the following vulnerabilities:

- CVE-2018-1000098: Crash when parsing SDP with an invalid media format
  description

- CVE-2018-1000099: Crash when receiving SDP with invalid fmtp attribute

[Peter: add CVE info]
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018.05.x
Adam Duskett 2018-03-12 04:44:44 -04:00 committed by Peter Korsgaard
parent 9324167b80
commit ed0d9d6f36
2 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
package/libpjsip/libpjsip.hash
View File

@ -1,6 +1,6 @@
# From http://www.pjsip.org/release/2.7.1/MD5SUM.TXT
md5 99a64110fa5c2debff40e0e8d4676380 pjproject-2.7.1.tar.bz2
# From http://www.pjsip.org/release/2.7.2/MD5SUM.TXT
md5 fa3f0bc098c4bff48ddd92db1c016a7a pjproject-2.7.2.tar.bz2
# Locally computed
sha256 59fabc62a02b2b80857297cfb10e2c68c473f4a0acc6e848cfefe8421f2c3126 pjproject-2.7.1.tar.bz2
sha256 9c2c828abab7626edf18e04b041ef274bfaa86f99adf2c25ff56f1509e813772 pjproject-2.7.2.tar.bz2
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING

2
package/libpjsip/libpjsip.mk
View File

@ -4,7 +4,7 @@
#
################################################################################
LIBPJSIP_VERSION = 2.7.1
LIBPJSIP_VERSION = 2.7.2
LIBPJSIP_SOURCE = pjproject-$(LIBPJSIP_VERSION).tar.bz2
LIBPJSIP_SITE = http://www.pjsip.org/release/$(LIBPJSIP_VERSION)
LIBPJSIP_DEPENDENCIES = libsrtp