libosip2 4.1.0-2.1 source package in Ubuntu
Changelog
libosip2 (4.1.0-2.1) unstable; urgency=medium
* Non-maintainer upload to fix security issues (Closes: #860287)
* CVE-2016-10324: In libosip2 in GNU oSIP 4.1.0, a malformed SIP message
can lead to a heap buffer overflow in the osip_clrncpy() function
defined in osipparser2/osip_port.c.
* CVE-2016-10325: In libosip2 in GNU oSIP 4.1.0, a malformed SIP message
can lead to a heap buffer overflow in the _osip_message_to_str()
function defined in osipparser2/osip_message_to_str.c, resulting in a
remote DoS.
* CVE-2016-10326: In libosip2 in GNU oSIP 4.1.0, a malformed SIP message
can lead to a heap buffer overflow in the osip_body_to_str() function
defined in osipparser2/osip_body.c, resulting in a remote DoS.
* CVE-2017-7853: In libosip2 in GNU oSIP 5.0.0, a malformed SIP message
can lead to a heap buffer overflow in the msg_osip_body_parse()
function defined in osipparser2/osip_message_parse.c, resulting in a
remote DoS.
-- Antoine Beaupré <email address hidden> Fri, 14 Apr 2017 16:21:21 -0400
Upload details
- Uploaded by:
- Debian VoIP Team
- Uploaded to:
- Sid
- Original maintainer:
- Debian VoIP Team
- Architectures:
- any
- Section:
- comm
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Jammy | release | universe | comm | |
| Focal | release | universe | comm | |
| Bionic | release | universe | comm |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| libosip2_4.1.0-2.1.dsc | 2.0 KiB | 6cedcf2f341489312905b77d6f9a9b32da0d469a0aadc85006d1a13a4744190d |
| libosip2_4.1.0.orig.tar.gz | 621.5 KiB | 996aa0363316a871915b6f12562af53853a9962bb93f6abe1ae69f8de7008504 |
| libosip2_4.1.0-2.1.debian.tar.xz | 7.5 KiB | 418d64e2e27483d5fd96d2aae1b600d11778aa08b3064cd9f636c6838aed1cfa |
Available diffs
- diff from 4.1.0-2 to 4.1.0-2.1 (1.9 KiB)
No changes file available.
Binary packages built by this source
- libosip2-11: No summary available for libosip2-11 in ubuntu artful.
No description available for libosip2-11 in ubuntu artful.
- libosip2-11-dbgsym: No summary available for libosip2-11-dbgsym in ubuntu artful.
No description available for libosip2-11-dbgsym in ubuntu artful.
- libosip2-dev: development files for the SIP library
libosip2 header files and static libraries
to assist in development of programs wishing to use SIP.
.
The oSIP library is written in C, is thread safe
and has no dependencies except the standard C library.
.
oSIP could be used to implement an IP soft-phone
as well as embedded SIP software.
oSIP is not limited to endpoint agents implementations
and can also be used to implement SIP proxies
or registration services.
.
oSIP currently provides an API for the SIP message parser,
SDP message parser,
and library to handle "SIP transactions"
as defined by the SIP standards (RFC3261).
