Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 808921 (ASTERISK-29381, ASTERISK-29415) - net-misc/asterisk: Multiple vulnerabilities
Summary: net-misc/asterisk: Multiple vulnerabilities
Status: RESOLVED DUPLICATE of bug 803440
Alias: ASTERISK-29381, ASTERISK-29415
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
Whiteboard: B3 [ebuild]
Depends on:
Reported: 2021-08-18 18:29 UTC by Sam James
Modified: 2021-08-18 19:40 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-08-18 18:29:32 UTC
Security bugs fixed in this release:
[ASTERISK-29415] -
Crash in PJSIP TLS transport 
(Reported by Andrew Yager)
[ASTERISK-29381] -
chan_pjsip: Remote denial of service by an authenticated user
(Reported by Ivan Poddubny)

New Features made in this release:
Comment 1 Jaco Kroon 2021-08-18 19:37:09 UTC

commit 93f6d97e4bd66daa168e1790f8cb3b8086854bd1
Author: Jaco Kroon <>
Date:   Fri Jul 23 07:10:18 2021 +0200

    net-libs/pjproject: sec bump
    Upstream not releasing new version, so just bring in the patch to -r2.
    This addresses AST-2021-009 for
    Package-Manager: Portage-3.0.20, Repoman-3.0.2
    Signed-off-by: Jaco Kroon <>
    Signed-off-by: Joonas Niilola <>

In the meantime pjproject has released a new 2.11 but I've not had time to sit down and figure out why asterisk won't compile against it.  Link actually.

Please do confirm, but I believe this is already addressed.
Comment 2 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-08-18 19:40:58 UTC

*** This bug has been marked as a duplicate of bug 803440 ***