libosip2 4.1.0-2.1 source package in Ubuntu
Changelog
libosip2 (4.1.0-2.1) unstable; urgency=medium
* Non-maintainer upload to fix security issues (Closes: #860287)
* CVE-2016-10324: In libosip2 in GNU oSIP 4.1.0, a malformed SIP message
can lead to a heap buffer overflow in the osip_clrncpy() function
defined in osipparser2/osip_port.c.
* CVE-2016-10325: In libosip2 in GNU oSIP 4.1.0, a malformed SIP message
can lead to a heap buffer overflow in the _osip_message_to_str()
function defined in osipparser2/osip_message_to_str.c, resulting in a
remote DoS.
* CVE-2016-10326: In libosip2 in GNU oSIP 4.1.0, a malformed SIP message
can lead to a heap buffer overflow in the osip_body_to_str() function
defined in osipparser2/osip_body.c, resulting in a remote DoS.
* CVE-2017-7853: In libosip2 in GNU oSIP 5.0.0, a malformed SIP message
can lead to a heap buffer overflow in the msg_osip_body_parse()
function defined in osipparser2/osip_message_parse.c, resulting in a
remote DoS.
-- Antoine Beaupré <email address hidden> Fri, 14 Apr 2017 16:21:21 -0400
Upload details
- Uploaded by:
- Debian VoIP Team
- Uploaded to:
- Sid
- Original maintainer:
- Debian VoIP Team
- Architectures:
- any
- Section:
- comm
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Jammy | release | universe | comm | |
| Focal | release | universe | comm | |
| Bionic | release | universe | comm |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| libosip2_4.1.0-2.1.dsc | 2.0 KiB | 6cedcf2f341489312905b77d6f9a9b32da0d469a0aadc85006d1a13a4744190d |
| libosip2_4.1.0.orig.tar.gz | 621.5 KiB | 996aa0363316a871915b6f12562af53853a9962bb93f6abe1ae69f8de7008504 |
| libosip2_4.1.0-2.1.debian.tar.xz | 7.5 KiB | 418d64e2e27483d5fd96d2aae1b600d11778aa08b3064cd9f636c6838aed1cfa |
Available diffs
- diff from 4.1.0-2 to 4.1.0-2.1 (1.9 KiB)
No changes file available.
Binary packages built by this source
- libosip2-11: Session Initiation Protocol (SIP) library
oSIP is an implementation of SIP.
.
SIP stands for the Session Initiation Protocol and is described by the
RFC3261. This library aims to provide multimedia and telecom software
developers an easy and powerful interface to initiate and control SIP
based sessions in their applications.
.
SIP is the IETF replacement for the ITU's H323. Example programs using this
library are partysip and linphone.
- libosip2-11-dbgsym: No summary available for libosip2-11-dbgsym in ubuntu cosmic.
No description available for libosip2-11-dbgsym in ubuntu cosmic.
- libosip2-dev: No summary available for libosip2-dev in ubuntu disco.
No description available for libosip2-dev in ubuntu disco.
