In the process:
* change upstream to https://github.com/juha-h/libzrtp
* remove patches that are already integrated by upstream
* avoid hidden dependency on doxygen
on short SCCP packets. This only affects SCCP users (chan_skinny).
13.15.1 also added some fixes to the bundled copy of PJSIP
(used by chan_pjsip, *not* used by chan_sip) -
AST-2017-002: Buffer Overrun in PJSIP transaction layer,
AST-2017-003: Crash in PJSIP multi-part body parser
- however that copy is not used by this package and will need to
be fixed separately.
- clang + ld.bfd: link fails in autoconf test, undefined symbols.
- clang + ld.lld: package builds, dlopen()ing the .so modules that use -fblocks
fails at runtime.
because with clang + ld.lld it does build but results in unusable packages,
explicitly mark BROKEN-aarch64 for now.
add various OPENSSL_VERSION_NUMBER patches now that asterisk supports
openssl 1.1:
- we don't have openssl 1.1's SSL_is_server yet, so use the old check
for ssl->server instead
- we do still need the hack to avoid initing multiple times which is
no longer needed in openssl 1.1
http://downloads.digium.com/pub/security/AST-2017-001.html
CDR: Protect from data overflow in ast_cdr_setuserfield.
ast_cdr_setuserfield wrote to a fixed length field using strcpy.
This could result in a buffer overrun when called from chan_sip or
func_cdr. This patch adds a maximum bytes written to the field by using
ast_copy_string instead.
both fail to provide %zu samples" debug message which is triggering very
frequently, so that it's possible to get debug level 5 messages without
flattening the box.
