asterisk: security bump to version 14.6.2
Fixes the following security issues: 14.6.1: * AST-2017-005 (applied to all released versions): The "strictrtp" option in rtp.conf enables a feature of the RTP stack that learns the source address of media for a session and drops any packets that do not originate from the expected address. This option is enabled by default in Asterisk 11 and above. The "nat" and "rtp_symmetric" options for chan_sip and chan_pjsip respectively enable symmetric RTP support in the RTP stack. This uses the source address of incoming media as the target address of any sent media. This option is not enabled by default but is commonly enabled to handle devices behind NAT. A change was made to the strict RTP support in the RTP stack to better tolerate late media when a reinvite occurs. When combined with the symmetric RTP support this introduced an avenue where media could be hijacked. Instead of only learning a new address when expected the new code allo...
Showing with 2 additions and 39 deletions
package/asterisk/0005-build-ensure-target-directory-for-modules-exists.patch → package/asterisk/0004-build-ensure-target-directory-for-modules-exists.patch
package/asterisk/0006-install-samples-need-the-data-files.patch → package/asterisk/0005-install-samples-need-the-data-files.patch