Hi Tzafrir,
We already received the reports from the Asterisk sometime ago and
consolidated with them when best to integrate the patches. And so finally,
we have committed those fixes in ticket #2016 (
https://trac.pjsip.org/repos/ticket/2016) and #2017 (
https://trac.pjsip.org/repos/ticket/2017).
Thanks,
Ming
On Sun, May 21, 2017 at 4:21 PM, Tzafrir Cohen <tzafrir.cohen@xorcom.com>
wrote:
> Hi all,
>
> Asterisk developers maintain a set of patches on top of pjsip:
> http://git.asterisk.org/gitweb/?p=asterisk/asterisk.
> git;a=tree;f=third-party/pjproject/patches;hb=HEAD
> As you can see, the first three are basically configuration changes. The
> 8 that follow them are backports.
>
> The last two, however, are new and I can't find them in the pjsip SVN
> repository. They are:
> http://downloads.asterisk.org/pub/security//AST-2017-002.html
> http://downloads.asterisk.org/pub/security//AST-2017-003.html
>
> Any reason not to include those patches in our (Debian) pjproject
> packages? I have so far only had a cance to verify that they build
> properly.
>
> --
> Tzafrir Cohen
> +972-50-7952406 mailto:tzafrir.cohen@xorcom.com
> http://www.xorcom.com
>
> _______________________________________________
> Visit our blog: http://blog.pjsip.org
>
> pjsip mailing list
> pjsip@lists.pjsip.org
> http://lists.pjsip.org/mailman/listinfo/pjsip_lists.pjsip.org
>
