davehorton
commented
1 year ago I felt I could not do a simple fork because I had to make some additions for my usage that the older code did not have. Also, the repo is now maintained by the freeswitch people, and they do not use the nta library that drachtio uses, they use the nua library and most of their fixes are pointed there. That said, I will review those commits and bring over the ones that seem useful
Hello Dave,
while the issue should go into https://github.com/davehorton/sofia-sip/issues I think it is worth mentioning it here because it is a depend of drachtio-server.
The version of sofia-sip under github.com/davehorton, as you stated, is a fork of the original sofia-sip from 2014. Reading a bit the commit backlog I noticed that you didn't cherry-pick the commits from the original version but the program followed an 'its own' way.
So in the meantime there were a lot of improvements. The commits talks also about crash/overflow, so there may be security bugs fixed silently and there are three recent CVE: https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=sofia-sip
Did you plan to improve the situation in any way? e.g. put your modifications under the main sofia-sip (if they accept them) or maintain a proper fork?
Thanks