In libssl SSL_CTX and other structs will be made opaque. Take the
code path using accessors instead of reaching directly into some
structs to fix the resulting build breakage.
ok feinerer (maintainer)
SSL_CIPHER_get_id() and SSL_set_options() have always been available
in LibreSSL. The redefinition of SSL_CIPHER_get_id() will cause build
breakage once SSL_CIPHER will be made opaque in libssl.
ok sthen
add a patch from tb@ to fix upcoming build breakage with libressl;
we do have SSL_CIPHER_get_id() and SSL_set_session() so no need to #define
them; currently tis works but SSL_CIPHER is going to become opaque which
will break the redefinitions.
* AST-2021-006 - res_pjsip_t38.c: Check for session_media on reinvite.
When Asterisk sends a reinvite negotiating T38 faxing, it's possible a
crash can occur if the response contains a m=image and zero port. The
reinvite callback code now checks session_media to see if it is null or
not before trying to access the udptl variable on it.
ASTERISK-29305
if a port needs 2.x then set MODPY_VERSION=${MODPY_DEFAULT_VERSION_2}.
This commit doesn't change any versions currently used; it may be that
some ports have MODPY_DEFAULT_VERSION_2 but don't require it, those
should be cleaned up in the course of updating ports where possible.
Python module ports providing py3-* packages should still use
FLAVOR=python3 so that we don't have a mixture of dependencies some
using ${MODPY_FLAVOR} and others not.
AST-2021-001: Remote crash in res_pjsip_diversion
AST-2021-002: Remote crash possible when negotiating T.38
AST-2021-003: Remote attacker could prematurely tear down SRTP calls
AST-2021-004: An unsuspecting user could crash Asterisk with multiple hold/unhold requests
AST-2021-005: Remote Crash Vulnerability in PJSIP channel driver
there is an active fork of this code on github.com/davies147/astmanproxy,
but it uses various linuxisms (pthread_timedjoin_np, prctl) so sticking
with the old one.
AST-2020-003: Remote crash in res_pjsip_diversion -
A crash can occur in Asterisk when a SIP message is received that has a
History-Info header, which contains a tel-uri.
AST-2020-004: Remote crash in res_pjsip_diversion -
A crash can occur in Asterisk when a SIP 181 response is received that
has a Diversion header, which contains a tel-uri.
IMAP voicemail has moved from building all of Asterisk with a separate
build option (with imap files linked to the main binaries) to a separate
module which can be switched in config. (Only one voicemail module is
allowed at a time, if you have multiple of these installed you can
select between them with noload in modules.conf).
Quirks doesn't handle a flavour moving to unflavoured+subpackage; use
@ask-upgrade so that users of the imap flavour (and only them) are
warned about this at update time.
requiring authenticated sessions to trigger):
AST-2020-001: Remote crash in res_pjsip_session
AST-2020-002: Outbound INVITE loop on challenge with different nonce
"...But two years go by and still my light's on
This is hard for me to say, but this is all that I can take
It's the last song I'll ever write for you
It's the last time that I'll tell you just how much I really care
This is the last song I'll ever sing for you..."
