[asterisk-bugs] [JIRA] (ASTERISK-29351) Qualify pjproject 2.12 for Asterisk
Stanislav Abramenkov (JIRA)
noreply at issues.asterisk.org
Tue Mar 29 02:51:07 CDT 2022
[ https://issues.asterisk.org/jira/browse/ASTERISK-29351?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=258541#comment-258541 ]
Stanislav Abramenkov commented on ASTERISK-29351:
-------------------------------------------------
The pjproject team uploaded a security patch to master branch
Denial-of-service in XML parsing due to an infinite loop
https://github.com/pjsip/pjproject/security/advisories/GHSA-5x45-qp78-g4p4
Should we add this patch to pjproject bundled version?
Also strange, I can't login to gerrit, openid redirect me to https://gerrit.asterisk.org/SignInFailure,SIGN_IN,Nonce+verification+failed.
> Qualify pjproject 2.12 for Asterisk
> -----------------------------------
>
> Key: ASTERISK-29351
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-29351
> Project: Asterisk
> Issue Type: Improvement
> Security Level: None
> Components: Resources/res_pjsip
> Affects Versions: 16.16.2, 18.2.2
> Reporter: George Joseph
> Assignee: Joshua C. Colp
> Severity: Major
>
> pjproject 2.11 has been released
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list