Fedora 40 Advisory: FEDORA-2024-a63e807450 Critical: Baresip DoS

Libre is a generic library for real-time communications with async I/O

support. Features are a SIP stack (RFC 3261), SDP, RTP and RTCP, SRTP and

SRTCP (Secure RTP), DNS client, STUN/TURN/ICE stack, BFCP, HTTP stack with

client/server, Websockets, Jitter buffer, async I/O (poll, epoll, select,

kqueue), UDP/TCP/TLS/DTLS transport, JSON parser and Real Time Messaging

Protocol (RTMP).

Baresip v3.10.1 (2024-03-12) Security Release (possible Denial of Service): A wrong or manipulated incoming RTP Timestamp can cause the baresip process to hang forever, for details see: #2954 aureceiver: fix mtx_unlock on discard Baresip v3.10.0 (2024-03-06) cmake: use default value for CMAKE_C_EXTENSIONS cmake: add /usr/{local,}/include/re and /usr/{local,}/lib{64,} to FindRE.cmake test/main: fix NULL pointer arg on err ci: add Fedora workflow to avoid e.g. rpath issues mediatrack/start: add audio_decoder_set config: support distribution-specific/default CA paths readme: cosmetic changes ci/fedora: fix dependency config: add default CA path for Android transp,tls: add TLS client verification account,message,ua: secure incoming SIP MESSAGEs aufile: avoid race condition in case of fast destruction aufile: join thread if write fails video: add video_req_keyframe api call: start streams in sipsess_estab_handler webrtc: add av1 codec cmake: fix relative source dir ...