Closed micmac1 closed 1 year ago
We have asterisk 20 in master and 23.05 and 18 in 21.02 and 22.03. I checked differences between asterisk 18.18.0 and 18.18.1 and as far as we're concerned they also only bump pjproject from 2.13.0 to 2.13.1.
So I'm thinking I'd cherry-pick the recent asterisk and pjproject commits to 23.05 once this here PR gets merged. And for 22.03 and 21.02 I'd just cherry-pick pjproject 2.13.1 plus the srtp dependency change for the respective asterisk version.
I'd run-test on 23.05 rc2 as I want to give the RC a spin on my router anyway.
[1] https://github.com/pjsip/pjproject/security/advisories/GHSA-9pfh-r8x4-w26w [2] https://github.com/pjsip/pjproject/security/advisories/GHSA-cxwq-5g9x-x7fr [3] https://github.com/pjsip/pjproject/security/advisories/GHSA-q9cp-8wcq-7pfr
Maintainer: @jslachta Compile tested: master sdk ath79 Run tested: N/A
Description: upstream security fixes