Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

libosip2-15-5.3.1-1.3 RPM for riscv64

From OpenSuSE Ports Tumbleweed for riscv64

Name: libosip2-15 Distribution: openSUSE Tumbleweed
Version: 5.3.1 Vendor: openSUSE
Release: 1.3 Build date: Sun Sep 17 11:17:07 2023
Group: System/Libraries Build host: i04-ch4a
Size: 242339 Source RPM: libosip2-5.3.1-1.3.src.rpm
Packager: https://bugs.opensuse.org
Url: https://www.gnu.org/software/osip/osip.html
Summary: Implementation of SIP (RFC 3261)
This is the GNU oSIP library. It has been designed to provide the
Internet community with a simple way to support the Session Initiation
Protocol. SIP is described in the RFC 3261, which is available at
http://www.ietf.org/rfc/rfc3261.txt.

Provides

Requires

License

LGPL-2.1-or-later

Changelog

* Fri Nov 25 2022 Dominique Leuenberger <dimstar@opensuse.org>
  - Update to version 5.3.1:
    + In multipart bodies, LWS can't exist (CVE-2022-41550).
* Mon Nov 22 2021 Andreas Stieger <andreas.stieger@gmx.de>
  - update to 5.3.0:
    * STRUCTURE change: struct osip_transaction
    * CHANGE: if out_socket contains -999 and timer_b or timer_f
      fires, the transaction will report a transport-error
    * improve TIMER_E to avoid high interval after DNS or socket
      events
    * when port number starts with 0, just put 0 and discard other
      char [no op in practice]
* Wed May 26 2021 Andreas Stieger <andreas.stieger@gmx.de>
  - update to 5.2.1:
    * add OSIP_RETRY_LIMIT which may be useful to exosip
    * add osip_timersub macro
    * fix validate that the API are used with the expected/required
      leading char
    * fix memory out-of-bound access in broken uncompliant Via header
    * fix k= within media being rejected since 5.1.1 [wrong check]
  - package license text
  - add upstream signing key and validate source signature
  - run tests
  - drop libosip2-5.0.0.patch, not required
* Mon Jan 11 2021 Dirk Mueller <dmueller@suse.com>
  - update to 5.2.0:
    * use localtime_r when __USE_POSIX is available
    * sync versions with libexosip
  - use https for urls
* Sat Aug 29 2020 Jan Engelhardt <jengelh@inai.de>
  - Drop old specfile constructs and excess Provides lines.
* Sat Aug 15 2020 Dirk Mueller <dmueller@suse.com>
  - update to 5.1.1:
    * fix vulnerability report: Authentication-Info or Proxy-Authentication-Info are affected by a buffer overflow when building sip messages.
    * fix vulnerability report: when boundary only contains one quote, strncpy will use the unsigned value of -1 as size parameter.
    * fix: avoid several memory leaks detected in the SDP parser upon invalid SDP formats.
    * fix bug #57467: infinite loop in sdp_message_a_attribute_del_at_index
    * fix bug #56071: Heap-buffer-overflow in osip_util_replace_all_lws function in osip_message_parse.c
    * fix to reject any non compliant answer with missing version digits.
* Wed Feb 05 2020 David Sugar <tychosoft@gmail.com>
  - Update to 5.1.0
    * See package, very many changes since prior 5.0.0 release.
  - drop patch already in 5.1.0
    SIP_body_len_underflow.patch
  - make package so library naming compliant with opensuse library versioning
  - pre-requisite for updating to libeXosip2 5.1.0
* Thu Apr 20 2017 ro@suse.de
  - drop patch already in 5.0.0
    0001-Patch-2.1-Fixes-heap-buffer-overflow-in-osip_body_to_s.patch
  - drop patch already in 5.0.0
    0001-Patch-1-Fixes-heap-buffer-overflow-in-_osip_message_to_str.patch
  - drop patch already in 5.0.0
    0001-Patch-3-Fixes-heap-buffer-overflow-in-osip_clrncpy.patch
* Thu Apr 20 2017 ro@suse.de
  - fix a set of buffer overflows:
    - add patch for (bnc#1034570, CVE-2017-7853)
      SIP_body_len_underflow.patch
    - add patch for (bnc#1034571, CVE-2016-10326)
      0001-Patch-2.1-Fixes-heap-buffer-overflow-in-osip_body_to_s.patch
    - add patch for (bnc#1034572, CVE-2016-10325)
      0001-Patch-1-Fixes-heap-buffer-overflow-in-_osip_message_to_str.patch
    - add patch for (bnc#1034574, CVE-2016-10324)
      0001-Patch-3-Fixes-heap-buffer-overflow-in-osip_clrncpy.patch
* Thu Apr 20 2017 ro@suse.de
  - Update to 5.0.0:
    * STRUCTURE change: additionnal parameter for "struct osip_srv_entry" used for failover in eXosip2.
    * fix overflow: sr #109133: Heap buffer overflow in utility function *osip_clrncpy*
    * fix overflow: sr #109132: Heap buffer overflow in *osip_body_to_str*
    * fix overflow: sr #109131: Heap buffer overflow in `_osip_message_to_str`
    * simplify usage of timercmp/timerisset/timerclear
    * optimize list search: use iterator
    * improve/update autotools (./configure and options, Makefile.am, ax_thread.m4...)
    * verify a URI scheme only contains allowed char
    * improve make check (test unit) to make it clear about the results expected.
    * fix a possible buffer overflow of 1 byte in sdp_message_to_str (size=sdp allocated size)
    * fix cseq check in order to stop retransmission of 200ok
    * update to reject negative value in port number
    * add support for ntlm authentication in parser
    * include application_data when cloning sip message
    * fix to allow correct parsing of quoted string in from/to/contact/...
    * add authorizations and proxy_authorizations into ACK for 3xx, 4xx, 5xx, and 6xx (if answer was not 401/407)
    * additionnal check for cseq number for matching incoming ack restransmission
    * patch to transmit ack for OSIP_ICT_ACK_SENT event
    * improve management of body length // fix a bug when initial value of body is \0.
    * increase timer E as soon as we receive 1xx for NICT.
    * update all reasons according to RFC.
    * add some reason code from rfc4412, rfc3261 and rfc6086.
    * parse addr spec with LAQUOT and RAQUOT in generic parameters.
    * avoid issue with comma in userinfo of URI which may appear for several headers such as Contact.
    * do not use multiple header method for t, f, i, r, refer-to, b, referred-by headers.
    * allow faster connection with non blocking reliable sockets.
    * improve android time compensation.
  - rename libosip2-4.1.0.patch to libosip2-5.0.0.patch
  - drop libosip2-4.1.0-pthread.patch, obsolete

Files

/usr/lib64/libosip2.so.15
/usr/lib64/libosip2.so.15.0.1
/usr/lib64/libosipparser2.so.15
/usr/lib64/libosipparser2.so.15.0.1
/usr/share/licenses/libosip2-15
/usr/share/licenses/libosip2-15/COPYING


Generated by rpm2html 1.8.1

Fabrice Bellet, Wed Nov 13 00:41:02 2024