Skip to content

[pull] master from buildroot:master#1076

Merged
pull[bot] merged 4 commits into
mir-one:masterfrom
buildroot:master
Jul 2, 2026
Merged

[pull] master from buildroot:master#1076
pull[bot] merged 4 commits into
mir-one:masterfrom
buildroot:master

Conversation

@pull

@pull pull Bot commented Jul 2, 2026

Copy link
Copy Markdown

See Commits and Changes for more details.


Created by pull[bot] (v2.0.0-alpha.4)

Can you help keep this open source service alive? 💖 Please sponsor : )

wbx-github and others added 4 commits July 2, 2026 18:51
See here for a complete Changelog:
https://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-22-current.html

Security Fixes:
    GHSA-3g56-cgrh-95p5: chan_unistim DIALPAGE digit handling can overflow phone_number and crash Asterisk
    GHSA-3rhj-hhw7-m6fw: NULL Pointer Dereference in HTTP AMI Digest Authentication
    GHSA-4pgv-j3mr-3rcp: Reflected XSS in Phone Provisioning HTTP Error Pages
    GHSA-589g-qgf8-m6mx: Stack buffer overflow in MWI NOTIFY Message-Account parsing
    GHSA-746q-794h-cc7f: Out-of-Bounds Read in Q.931 Information Element Parser (H.323 Addon)
    GHSA-8jhw-m2hg-vp3h: Heap Buffer Overflow in OGG/Speex File Playback (format_ogg_speex)
    GHSA-8jw3-ccr9-xrmf: Buffer over-read in Asterisk PJSIP MWI body parser
    GHSA-g8q2-p36q-94f6: Heap-use-after-free in Asterisk PJSIP TCP/SDP handling when TCP connection closes during SDP processing
    GHSA-h5hv-jmgj-92q2: CVE-2022-37325 fix is absent from current chan_ooh323 Q.931 party-number parser
    GHSA-j2mm-57pq-jh94: Possible RED T.140 Generation Accumulation OOB Write
    GHSA-mxgm-8c6f-5p8f: Stack buffer overflow in res_xmpp XMPP namespace prefix handling
    GHSA-ph27-3m5q-mj5m: SQL Injection in cel_pgsql and cel_tds via CELGenUserEvent eventtype Field
    GHSA-q9fr-m7g8-6ph5: Asterisk app_sms.c copies externally controlled SMS lengths into fixed in-struct buffers
    GHSA-qf8j-jp7h-c5hx: Out-of-Bounds Write in Codec2 Decoder Due to Floor/Ceil Sample Count Mismatch
    GHSA-r6c2-hwc2-j4mp: LDAP Filter Injection in res_config_ldap via SIP Username (Unauthenticated Information Disclosure)
    GHSA-vfhr-r9x9-c687: Possible RED T.140 Heap Buffer Overflow
    GHSA-vrfp-mg3q-3959: ARI setChannelVar bypasses live_dangerously and permits FILE() writes
    GHSA-wcvv-g26m-wx5c: ARI REST-over-WebSocket read-only bypass allows arbitrary module path load and conditional RCE
    GHSA-x348-j6c9-77f3: Stack Buffer Overflow in H.323 ooTrace() via Unbounded vsprintf into Fixed 2048-byte Buffer
    GHSA-xgj6-2gc5-5x9c: ast_loggrabber executes python script in world writable directory(/tmp) leading to potential privilege escalation And RCE

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
See changes here:
https://github.com/ruby/ruby/releases/tag/v4.0.5
https://github.com/ruby/ruby/releases/tag/v4.0.4

Security fix for:
CVE-2026-46727: Use-after-free in pthread-based getaddrinfo timeout handler

See here for details:
https://www.ruby-lang.org/en/news/2026/05/20/getaddrinfo-cve-2026-46727/

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Changes with nginx 1.30.3

    *) Security: a heap memory buffer overflow might occur in a worker
       process when using a configuration with "ignore_invalid_headers off;"
       and "large_client_header_buffers" with large configured values when
       proxying a specially crafted request to HTTP/2 or gRPC backend,
       allowing an attacker to cause worker process memory corruption or
       segmentation fault in a worker process (CVE-2026-42055).
       Thanks to Mufeed VH of Winfunc Research.

    *) Security: a heap memory buffer overread might occur in a worker
       process while handling a specially sent response with decoding from
       UTF-8 via the "charset_map" directive, allowing an attacker to cause
       a limited disclosure of worker process memory or segmentation fault
       in a worker process (CVE-2026-48142).
       Thanks to Han Yan of Xiaomi and p4p3r of CYBERONE.

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since the bump of autoconf to version 2.73 in commit a6e8c07,
the TestApache test fails on CI runners (and in autobuilders [2]) with
our current docker image (GCC 12.2.0) :

    gcc: error: unrecognized command-line option '-std=gnu23'; did you mean '-std=gnu2x'?
    make[3]: *** [Makefile:136: tools/gen_test_char] Error 1

Autoconf 2.73 introduced checks for the C23 standard [1]. During the
configuration step, it tests the target compiler. If the target compiler
supports it (e.g., GCC 14+), autoconf caches `ac_cv_prog_cc_c23=yes`
and appends `-std=gnu23` to the compiler flags.

Later in the process, APR uses the `AX_PROG_CC_FOR_BUILD` macro to
configure the host compiler in order to build the `gen_test_char`
utility. However, APR's `ax_prog_cc_for_build.m4` macro uses a
pushdef/popdef mechanism that only isolates older C standards.
It fails to isolate the newly introduced `ac_cv_prog_cc_c23` variable
because the ax_prog_cc_for_build.m4 file was not updated to handle it.

As a result, the host compiler evaluation reads the target's cached
variables, assumes the host compiler also supports C23 (which it may not),
and attempts to use `-std=gnu23`. If the host compiler
(e.g., GCC 12 on GitLab CI) is older, the build crashes.

To fix this without heavily patching APR's m4 macros, we explicitly
disable the C23 standard detection for the host compiler in APR_CONF_ENV
when GCC<14. Since APR is a mature project that does not require C23
features, preventing its use here is a safe and robust workaround.

Doing so will not disable C23 for the target build if the target compiler
is GCC 14+; it will only prevent the host compiler from using it when
building APR's tools; according to the build logs, ac_cv_prog_cc_c23
will be set to "no" for the target compiler if it does not support C23,
and will be set to "-std=gnu23" if it does.

It's important to note that this error could also occur with other
packages that use autotools-package if "AUTORECONF" is set to "yes".

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/15112315884

[1] https://gcc.gnu.org/cgit/gcc/commit/?id=fad61bf73b3158157a136bf4d9373fc3d9afe319
[2] https://autobuild.buildroot.org/results/d7d/d7d2703e42034d9c11de89b2b3b6cf401f677aa3

Signed-off-by: Dowan Gullient <dowan.gullient@smile.fr>
Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
@pull pull Bot locked and limited conversation to collaborators Jul 2, 2026
@pull pull Bot added the ⤵️ pull label Jul 2, 2026
@pull pull Bot merged commit 3d06661 into mir-one:master Jul 2, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants