AST-2020-003: A crash can occur in Asterisk when a SIP message is received that has a History-Info header, which contains a tel-uri. AST-2020-004: A crash can occur in Asterisk when a SIP 181 response is received that has a Diversion header, which contains a tel-uri. Fixed in 13.38.1 and 16.15.1.
Please bump.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d807d52318c0e9363034619a852e6d153b926e78 commit d807d52318c0e9363034619a852e6d153b926e78 Author: Jaco Kroon <jaco@uls.co.za> AuthorDate: 2020-11-24 08:50:07 +0000 Commit: Marek Szuba <marecki@gentoo.org> CommitDate: 2020-12-23 21:31:08 +0000 net-misc/asterisk: 16.15.1 (sec bump) Bug: https://bugs.gentoo.org/753269 Bug: https://bugs.gentoo.org/761313 Signed-off-by: Jaco Kroon <jaco@uls.co.za> Signed-off-by: Marek Szuba <marecki@gentoo.org> net-misc/asterisk/Manifest | 1 + net-misc/asterisk/asterisk-16.15.1.ebuild | 304 ++++++++++++++++++++++++++++++ 2 files changed, 305 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d5c5f8698c11a73a5685fc3e11a3098bec854423 commit d5c5f8698c11a73a5685fc3e11a3098bec854423 Author: Jaco Kroon <jaco@uls.co.za> AuthorDate: 2020-11-24 08:30:30 +0000 Commit: Marek Szuba <marecki@gentoo.org> CommitDate: 2020-12-23 21:31:05 +0000 net-misc/asterisk: version 13.38.1 (sec update) Bug: https://bugs.gentoo.org/753269 Bug: https://bugs.gentoo.org/761313 Signed-off-by: Jaco Kroon <jaco@uls.co.za> Signed-off-by: Marek Szuba <marecki@gentoo.org> net-misc/asterisk/Manifest | 1 + net-misc/asterisk/asterisk-13.38.1.ebuild | 299 ++++++++++++++++++++++++++++++ 2 files changed, 300 insertions(+)
Please proceed with stabilization when ready.
amd64 done
x86 done all arches done
This issue was resolved and addressed in GLSA 202101-10 at https://security.gentoo.org/glsa/202101-10 by GLSA coordinator Aaron Bauman (b-man).
