------------------------------------------------------------------- Mon Nov 22 22:22:15 UTC 2021 - Andreas Stieger - update to 5.3.0: * STRUCTURE change: struct osip_transaction * CHANGE: if out_socket contains -999 and timer_b or timer_f fires, the transaction will report a transport-error * improve TIMER_E to avoid high interval after DNS or socket events * when port number starts with 0, just put 0 and discard other char [no op in practice] ------------------------------------------------------------------- Wed May 26 11:56:42 UTC 2021 - Andreas Stieger - update to 5.2.1: * add OSIP_RETRY_LIMIT which may be useful to exosip * add osip_timersub macro * fix validate that the API are used with the expected/required leading char * fix memory out-of-bound access in broken uncompliant Via header * fix k= within media being rejected since 5.1.1 [wrong check] - package license text - add upstream signing key and validate source signature - run tests - drop libosip2-5.0.0.patch, not required ------------------------------------------------------------------- Mon Jan 11 21:56:22 UTC 2021 - Dirk Mueller - update to 5.2.0: * use localtime_r when __USE_POSIX is available * sync versions with libexosip - use https for urls ------------------------------------------------------------------- Sat Aug 29 07:26:51 UTC 2020 - Jan Engelhardt - Drop old specfile constructs and excess Provides lines. ------------------------------------------------------------------- Sat Aug 15 23:40:29 UTC 2020 - Dirk Mueller - update to 5.1.1: * fix vulnerability report: Authentication-Info or Proxy-Authentication-Info are affected by a buffer overflow when building sip messages. * fix vulnerability report: when boundary only contains one quote, strncpy will use the unsigned value of -1 as size parameter. * fix: avoid several memory leaks detected in the SDP parser upon invalid SDP formats. * fix bug #57467: infinite loop in sdp_message_a_attribute_del_at_index * fix bug #56071: Heap-buffer-overflow in osip_util_replace_all_lws function in osip_message_parse.c * fix to reject any non compliant answer with missing version digits. ------------------------------------------------------------------- Wed Feb 5 18:30:36 UTC 2020 - David Sugar - Update to 5.1.0 * See package, very many changes since prior 5.0.0 release. - drop patch already in 5.1.0 SIP_body_len_underflow.patch - make package so library naming compliant with opensuse library versioning - pre-requisite for updating to libeXosip2 5.1.0 ------------------------------------------------------------------- Thu Apr 20 16:14:57 CEST 2017 - ro@suse.de - drop patch already in 5.0.0 0001-Patch-2.1-Fixes-heap-buffer-overflow-in-osip_body_to_s.patch - drop patch already in 5.0.0 0001-Patch-1-Fixes-heap-buffer-overflow-in-_osip_message_to_str.patch - drop patch already in 5.0.0 0001-Patch-3-Fixes-heap-buffer-overflow-in-osip_clrncpy.patch ------------------------------------------------------------------- Thu Apr 20 15:59:51 CEST 2017 - ro@suse.de - fix a set of buffer overflows: - add patch for (bnc#1034570, CVE-2017-7853) SIP_body_len_underflow.patch - add patch for (bnc#1034571, CVE-2016-10326) 0001-Patch-2.1-Fixes-heap-buffer-overflow-in-osip_body_to_s.patch - add patch for (bnc#1034572, CVE-2016-10325) 0001-Patch-1-Fixes-heap-buffer-overflow-in-_osip_message_to_str.patch - add patch for (bnc#1034574, CVE-2016-10324) 0001-Patch-3-Fixes-heap-buffer-overflow-in-osip_clrncpy.patch ------------------------------------------------------------------- Thu Apr 20 15:38:40 CEST 2017 - ro@suse.de - Update to 5.0.0: * STRUCTURE change: additionnal parameter for "struct osip_srv_entry" used for failover in eXosip2. * fix overflow: sr #109133: Heap buffer overflow in utility function *osip_clrncpy* * fix overflow: sr #109132: Heap buffer overflow in *osip_body_to_str* * fix overflow: sr #109131: Heap buffer overflow in `_osip_message_to_str` * simplify usage of timercmp/timerisset/timerclear * optimize list search: use iterator * improve/update autotools (./configure and options, Makefile.am, ax_thread.m4...) * verify a URI scheme only contains allowed char * improve make check (test unit) to make it clear about the results expected. * fix a possible buffer overflow of 1 byte in sdp_message_to_str (size=sdp allocated size) * fix cseq check in order to stop retransmission of 200ok * update to reject negative value in port number * add support for ntlm authentication in parser * include application_data when cloning sip message * fix to allow correct parsing of quoted string in from/to/contact/... * add authorizations and proxy_authorizations into ACK for 3xx, 4xx, 5xx, and 6xx (if answer was not 401/407) * additionnal check for cseq number for matching incoming ack restransmission * patch to transmit ack for OSIP_ICT_ACK_SENT event * improve management of body length // fix a bug when initial value of body is \0. * increase timer E as soon as we receive 1xx for NICT. * update all reasons according to RFC. * add some reason code from rfc4412, rfc3261 and rfc6086. * parse addr spec with LAQUOT and RAQUOT in generic parameters. * avoid issue with comma in userinfo of URI which may appear for several headers such as Contact. * do not use multiple header method for t, f, i, r, refer-to, b, referred-by headers. * allow faster connection with non blocking reliable sockets. * improve android time compensation. - rename libosip2-4.1.0.patch to libosip2-5.0.0.patch - drop libosip2-4.1.0-pthread.patch, obsolete ------------------------------------------------------------------- Sun May 25 21:03:52 UTC 2014 - fisiu@opensuse.org - Update to 4.1.0: * fix sdp re-allocation * increase max length size * osip_trace_initialize returns 0 if log are compiled. * timer e and timer g will use #define DEFAULT_T2 instead of 4000. * handle additionnal possible malloc failure. * fix compatibility with old UA for INVITE retransmission. * fix osip_sem_destroy leak on apple. * accept lowercase sip/2.0. - Rebase libosip2-3.5.0.dif and rename to libosip2-4.1.0.patch. - Rebase libosip2-3.5.0-pthread.patch and rename to libosip2-4.1.0-pthread.patch. ------------------------------------------------------------------- Thu Jun 20 12:23:05 UTC 2013 - fisiu@opensuse.org - Update to 4.0.0: * reduce path len // remove path in front of logs. * accept only SIP/D.D format message. * fix bug when releasing request with missing major headers. * fix minor memory leak // remove limitation on fifo size. * use system independant time for osip_gettimeofday on unix platform. * To compile/use osip based application in multi threaded env, you don't need to define -DOSIP_MT any more. Instead, if you wish to disable the feature, you can compile with -DOSIP_MONOTHREAD. * A few other clean up were made inside osip to avoid any define to appear in include files. Also to avoid conflict, config.h has been renamed to osip-config.h. - Patches updated. - Spec cleanup. ------------------------------------------------------------------- Mon Feb 13 10:49:04 UTC 2012 - coolo@suse.com - patch license to follow spdx.org standard ------------------------------------------------------------------- Mon Nov 21 15:22:11 UTC 2011 - jengelh@medozas.de - Remove redundant/unwanted tags/section (cf. specfile guidelines) - Use %_smp_mflags for parallel building ------------------------------------------------------------------- Sun Nov 20 06:16:57 UTC 2011 - coolo@suse.com - add libtool as buildrequire to avoid implicit dependency ------------------------------------------------------------------- Tue Apr 26 23:26:32 UTC 2011 - crrodriguez@opensuse.org - fix botched pthread linkage,it is going to break sooner or later. ------------------------------------------------------------------- Sun Jan 16 12:14:49 UTC 2011 - seife+obs@b1-systems.com - update to version 3.5.0 * iphone with TCP/TLS background support. * a lot of minor change/fix/improvments, sorry for not being able to have an history here... - libosip2 (3.4.0) * remove CRLF before parsing SIP message. * modification to allow non-blocking socket for reliable transport. * fix race condition for non-atomic incrementation operation. * osip_list improvements. * osip_list prototypes and warnings fix. * new osip_strcasestr method. - libosip2 (3.3.0) * new APPLE native interface for semaphore * add relative time in log information on linux/windows * fix: unescape last uri parameters. - libosip2 (3.2.0) * return new error code for all API. ------------------------------------------------------------------- Mon Feb 25 05:57:50 CET 2008 - crrodriguez@suse.de - remove libtool archive with empty dependency_libs and static libraries - update to version 3.1.0 * Windows Mobile 5/6 improvments. * allow uncompliant/IMS authentication headers. * fix when a space appear as the first char in body. * terminate body with '\0' after parsing (don't rely on this!) ------------------------------------------------------------------- Tue Dec 18 11:38:04 CET 2007 - mskibbe@suse.de - update to version 3.0.3 which include o initial support for rtems o initial support for ucos. o Fix memory leaks o fix 64-bit (amd64) issue with hash o parser speed improvements o add NULL checks o automatic check for reliable protocol SCTP and TLS ------------------------------------------------------------------- Wed May 16 15:15:22 CEST 2007 - ro@suse.de - branch off devel package ------------------------------------------------------------------- Wed Jan 25 21:37:38 CET 2006 - mls@suse.de - converted neededforbuild to BuildRequires ------------------------------------------------------------------- Tue Mar 22 19:14:09 CET 2005 - hvogel@suse.de - use the linphone version of 2.2.0 - package pkgconfig file ------------------------------------------------------------------- Tue Nov 9 16:51:18 CET 2004 - ro@suse.de - update to 2.2.0 ------------------------------------------------------------------- Wed Jul 28 18:09:12 CEST 2004 - ro@suse.de - update to 2.1.0 ------------------------------------------------------------------- Tue Jan 13 18:13:26 CET 2004 - schwab@suse.de - Remove old libtool macros. ------------------------------------------------------------------- Mon Oct 20 18:26:01 CEST 2003 - ro@suse.de - don't build as root ------------------------------------------------------------------- Fri Sep 26 00:46:50 CEST 2003 - ro@suse.de - package created version 2.0.3-cvs