Bug#869404: resiprocate: CVE-2017-11521: Adding too many media connections may lead to memory exhaustion
Petter Reinholdtsen
pere at hungry.com
Wed Oct 18 07:19:43 UTC 2017
Control: tags -1 + patch
This issue has caused resiprocate to be thrown out of testing. This is
unfortunate, as it is used by the FreedomBox, and thus it is no
longer possible to set up a Buster based Freedombox with SIP support.
According to the upstream git repo, the 5 line patch in
<URL: https://github.com/resiprocate/resiprocate/commit/881cb0c80e23193ea2bdaf720de9b3310f52a0a6 >
solve the problem. Perhaps it should be pulled from upstream
until they find time to make a new release?
--
Happy hacking
Petter Reinholdtsen
More information about the Pkg-voip-maintainers
mailing list