kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2025-09-02 11:06:31 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
5806560015553254c709ddbe4a235fa946b689c2
asterisk/ChangeLogs/ChangeLog-22.5.2.md
Asterisk Development Team 5806560015 Update for 22.5.2
2025-08-28 15:11:49 +00:00

1.7 KiB
Raw Blame History

Change Log for Release asterisk-22.5.2

Links:

Summary:

  • Commits: 1
  • Commit Authors: 1
  • Issues Resolved: 0
  • Security Advisories Resolved: 1
    • GHSA-64qc-9x89-rx5j: A specifically malformed Authorization header in an incoming SIP request can cause Asterisk to crash

User Notes:

Upgrade Notes:

Developer Notes:

Commit Authors:

  • George Joseph: (1)

Issue and Commit Detail:

Closed Issues:

  • !GHSA-64qc-9x89-rx5j: A specifically malformed Authorization header in an incoming SIP request can cause Asterisk to crash

Commits By Author:

  • George Joseph (1):

    • res_pjsip_authenticator_digest: Fix SEGV if get_authorization_hdr returns NULL.

Commit List:

  • res_pjsip_authenticator_digest: Fix SEGV if get_authorization_hdr returns NULL.

Commit Details:

res_pjsip_authenticator_digest: Fix SEGV if get_authorization_hdr returns NULL.

Author: George Joseph Date: 2025-08-28

In the highly-unlikely event that get_authorization_hdr() couldn't find an Authorization header in a request, trying to get the digest algorithm would cauase a SEGV. We now check that we have an auth header that matches the realm before trying to get the algorithm from it.

Resolves: #GHSA-64qc-9x89-rx5j