[pull] master from buildroot:master#1076
Merged
Merged
Conversation
See here for a complete Changelog: https://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-22-current.html Security Fixes: GHSA-3g56-cgrh-95p5: chan_unistim DIALPAGE digit handling can overflow phone_number and crash Asterisk GHSA-3rhj-hhw7-m6fw: NULL Pointer Dereference in HTTP AMI Digest Authentication GHSA-4pgv-j3mr-3rcp: Reflected XSS in Phone Provisioning HTTP Error Pages GHSA-589g-qgf8-m6mx: Stack buffer overflow in MWI NOTIFY Message-Account parsing GHSA-746q-794h-cc7f: Out-of-Bounds Read in Q.931 Information Element Parser (H.323 Addon) GHSA-8jhw-m2hg-vp3h: Heap Buffer Overflow in OGG/Speex File Playback (format_ogg_speex) GHSA-8jw3-ccr9-xrmf: Buffer over-read in Asterisk PJSIP MWI body parser GHSA-g8q2-p36q-94f6: Heap-use-after-free in Asterisk PJSIP TCP/SDP handling when TCP connection closes during SDP processing GHSA-h5hv-jmgj-92q2: CVE-2022-37325 fix is absent from current chan_ooh323 Q.931 party-number parser GHSA-j2mm-57pq-jh94: Possible RED T.140 Generation Accumulation OOB Write GHSA-mxgm-8c6f-5p8f: Stack buffer overflow in res_xmpp XMPP namespace prefix handling GHSA-ph27-3m5q-mj5m: SQL Injection in cel_pgsql and cel_tds via CELGenUserEvent eventtype Field GHSA-q9fr-m7g8-6ph5: Asterisk app_sms.c copies externally controlled SMS lengths into fixed in-struct buffers GHSA-qf8j-jp7h-c5hx: Out-of-Bounds Write in Codec2 Decoder Due to Floor/Ceil Sample Count Mismatch GHSA-r6c2-hwc2-j4mp: LDAP Filter Injection in res_config_ldap via SIP Username (Unauthenticated Information Disclosure) GHSA-vfhr-r9x9-c687: Possible RED T.140 Heap Buffer Overflow GHSA-vrfp-mg3q-3959: ARI setChannelVar bypasses live_dangerously and permits FILE() writes GHSA-wcvv-g26m-wx5c: ARI REST-over-WebSocket read-only bypass allows arbitrary module path load and conditional RCE GHSA-x348-j6c9-77f3: Stack Buffer Overflow in H.323 ooTrace() via Unbounded vsprintf into Fixed 2048-byte Buffer GHSA-xgj6-2gc5-5x9c: ast_loggrabber executes python script in world writable directory(/tmp) leading to potential privilege escalation And RCE Signed-off-by: Waldemar Brodkorb <wbx@openadk.org> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
See changes here: https://github.com/ruby/ruby/releases/tag/v4.0.5 https://github.com/ruby/ruby/releases/tag/v4.0.4 Security fix for: CVE-2026-46727: Use-after-free in pthread-based getaddrinfo timeout handler See here for details: https://www.ruby-lang.org/en/news/2026/05/20/getaddrinfo-cve-2026-46727/ Signed-off-by: Waldemar Brodkorb <wbx@openadk.org> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Changes with nginx 1.30.3
*) Security: a heap memory buffer overflow might occur in a worker
process when using a configuration with "ignore_invalid_headers off;"
and "large_client_header_buffers" with large configured values when
proxying a specially crafted request to HTTP/2 or gRPC backend,
allowing an attacker to cause worker process memory corruption or
segmentation fault in a worker process (CVE-2026-42055).
Thanks to Mufeed VH of Winfunc Research.
*) Security: a heap memory buffer overread might occur in a worker
process while handling a specially sent response with decoding from
UTF-8 via the "charset_map" directive, allowing an attacker to cause
a limited disclosure of worker process memory or segmentation fault
in a worker process (CVE-2026-48142).
Thanks to Han Yan of Xiaomi and p4p3r of CYBERONE.
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since the bump of autoconf to version 2.73 in commit a6e8c07, the TestApache test fails on CI runners (and in autobuilders [2]) with our current docker image (GCC 12.2.0) : gcc: error: unrecognized command-line option '-std=gnu23'; did you mean '-std=gnu2x'? make[3]: *** [Makefile:136: tools/gen_test_char] Error 1 Autoconf 2.73 introduced checks for the C23 standard [1]. During the configuration step, it tests the target compiler. If the target compiler supports it (e.g., GCC 14+), autoconf caches `ac_cv_prog_cc_c23=yes` and appends `-std=gnu23` to the compiler flags. Later in the process, APR uses the `AX_PROG_CC_FOR_BUILD` macro to configure the host compiler in order to build the `gen_test_char` utility. However, APR's `ax_prog_cc_for_build.m4` macro uses a pushdef/popdef mechanism that only isolates older C standards. It fails to isolate the newly introduced `ac_cv_prog_cc_c23` variable because the ax_prog_cc_for_build.m4 file was not updated to handle it. As a result, the host compiler evaluation reads the target's cached variables, assumes the host compiler also supports C23 (which it may not), and attempts to use `-std=gnu23`. If the host compiler (e.g., GCC 12 on GitLab CI) is older, the build crashes. To fix this without heavily patching APR's m4 macros, we explicitly disable the C23 standard detection for the host compiler in APR_CONF_ENV when GCC<14. Since APR is a mature project that does not require C23 features, preventing its use here is a safe and robust workaround. Doing so will not disable C23 for the target build if the target compiler is GCC 14+; it will only prevent the host compiler from using it when building APR's tools; according to the build logs, ac_cv_prog_cc_c23 will be set to "no" for the target compiler if it does not support C23, and will be set to "-std=gnu23" if it does. It's important to note that this error could also occur with other packages that use autotools-package if "AUTORECONF" is set to "yes". Fixes: https://gitlab.com/buildroot.org/buildroot/-/jobs/15112315884 [1] https://gcc.gnu.org/cgit/gcc/commit/?id=fad61bf73b3158157a136bf4d9373fc3d9afe319 [2] https://autobuild.buildroot.org/results/d7d/d7d2703e42034d9c11de89b2b3b6cf401f677aa3 Signed-off-by: Dowan Gullient <dowan.gullient@smile.fr> Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot] (v2.0.0-alpha.4)
Can you help keep this open source service alive? 💖 Please sponsor : )