Change logs for libosip2 source package in Bionic

  • libosip2 (4.1.0-2.1) unstable; urgency=medium
    
      * Non-maintainer upload to fix security issues (Closes: #860287)
      * CVE-2016-10324: In libosip2 in GNU oSIP 4.1.0, a malformed SIP message
        can lead to a heap buffer overflow in the osip_clrncpy() function
        defined in osipparser2/osip_port.c.
      * CVE-2016-10325: In libosip2 in GNU oSIP 4.1.0, a malformed SIP message
        can lead to a heap buffer overflow in the _osip_message_to_str()
        function defined in osipparser2/osip_message_to_str.c, resulting in a
        remote DoS.
      * CVE-2016-10326: In libosip2 in GNU oSIP 4.1.0, a malformed SIP message
        can lead to a heap buffer overflow in the osip_body_to_str() function
        defined in osipparser2/osip_body.c, resulting in a remote DoS.
      * CVE-2017-7853: In libosip2 in GNU oSIP 5.0.0, a malformed SIP message
        can lead to a heap buffer overflow in the msg_osip_body_parse()
        function defined in osipparser2/osip_message_parse.c, resulting in a
        remote DoS.
    
     -- Antoine Beaupré <email address hidden>  Fri, 14 Apr 2017 16:21:21 -0400