From f4cc69d5601a938e52e2bdc669f9dd5dcef3a7ab Mon Sep 17 00:00:00 2001 From: Sebastian Kemper Date: Sat, 6 Jan 2024 01:00:51 +0100 Subject: [PATCH] rtpengine: bump to 10.5.6.2 Fixes "RTPEngine susceptible to Denial of Service via DTLS Hello packets during call initiation", see [1]. Removes 06-fix-compilation-with-iptables-1-8-8.patch as not needed anymore. [1] https://www.openwall.com/lists/oss-security/2023/12/15/8 Signed-off-by: Sebastian Kemper --- net/rtpengine/Makefile | 6 ++-- ...-fix-compilation-with-iptables-1-8-8.patch | 30 ------------------- ...cally-allocate-buffer-for-kernel-mod.patch | 4 +-- 3 files changed, 5 insertions(+), 35 deletions(-) delete mode 100644 net/rtpengine/patches/06-fix-compilation-with-iptables-1-8-8.patch diff --git a/net/rtpengine/Makefile b/net/rtpengine/Makefile index fdd396c..65011e2 100644 --- a/net/rtpengine/Makefile +++ b/net/rtpengine/Makefile @@ -9,12 +9,12 @@ include $(TOPDIR)/rules.mk include $(INCLUDE_DIR)/kernel.mk PKG_NAME:=rtpengine -PKG_VERSION:=10.5.2.6 -PKG_RELEASE:=3 +PKG_VERSION:=10.5.6.3 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-mr$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/sipwise/rtpengine/tar.gz/mr$(PKG_VERSION)? -PKG_HASH:=6f6d5cc2ebf27b6361ed2bd2f86a0ca74103503fd1a14af69ed423dba8340bc4 +PKG_HASH:=8ca55bf5ce334668ad278c98dbb9a7a49c97485f5708925936a28ffba5f644e4 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-mr$(PKG_VERSION) diff --git a/net/rtpengine/patches/06-fix-compilation-with-iptables-1-8-8.patch b/net/rtpengine/patches/06-fix-compilation-with-iptables-1-8-8.patch deleted file mode 100644 index 1b92b59..0000000 --- a/net/rtpengine/patches/06-fix-compilation-with-iptables-1-8-8.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 2a6d5cd2cbb58c1cab271a65a76decfdbc11dcd7 Mon Sep 17 00:00:00 2001 -From: Nick Hainke -Date: Wed, 8 Jun 2022 09:30:44 +0200 -Subject: [PATCH] fix compilation with iptables 1.8.8 - -The extension handling changed [0,1]. Fix compilation with iptables -1.8.8 [2]. - -[0] - https://git.netfilter.org/iptables/commit/?id=ef108943f69a6e20533d58823740d3f0534ea8ec -[1] - https://git.netfilter.org/iptables/commit/?id=6c689b639cf8e2aeced8685eca2915892d76ad86 -[2] - openwrt/openwrt#9886 - -Signed-off-by: Nick Hainke ---- - iptables-extension/libxt_RTPENGINE.c | 4 ++++ - 1 file changed, 4 insertions(+) - ---- a/iptables-extension/libxt_RTPENGINE.c -+++ b/iptables-extension/libxt_RTPENGINE.c -@@ -5,6 +5,10 @@ - #include - #include - -+#ifndef _init -+#define _init __attribute__((constructor)) _INIT -+#endif -+ - #if defined(__ipt) - #include - #elif defined(__ip6t) diff --git a/net/rtpengine/patches/07-always-dynamically-allocate-buffer-for-kernel-mod.patch b/net/rtpengine/patches/07-always-dynamically-allocate-buffer-for-kernel-mod.patch index 6f42c17..72b7914 100644 --- a/net/rtpengine/patches/07-always-dynamically-allocate-buffer-for-kernel-mod.patch +++ b/net/rtpengine/patches/07-always-dynamically-allocate-buffer-for-kernel-mod.patch @@ -1,6 +1,6 @@ --- a/kernel-module/xt_RTPENGINE.c +++ b/kernel-module/xt_RTPENGINE.c -@@ -3455,14 +3455,11 @@ static inline ssize_t proc_control_read_ +@@ -3457,14 +3457,11 @@ static inline ssize_t proc_control_read_ struct inode *inode; uint32_t id; struct rtpengine_table *t; @@ -15,7 +15,7 @@ else { /* > */ msg = kmalloc(buflen, GFP_KERNEL); if (!msg) -@@ -3559,16 +3556,14 @@ static inline ssize_t proc_control_read_ +@@ -3561,16 +3558,14 @@ static inline ssize_t proc_control_read_ goto out; } -- 2.30.2