gnu: osip: Update to 5.3.1.

* gnu/packages/telephony.scm (osip): Update to 5.3.1. [origin]<patches>: Remove patch. * gnu/packages/patches/osip-CVE-2017-7853.patch : Remove it. * gnu/local.mk: Remove patch. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2025-02-07 11:29:59 +01:00 · 2024-10-08 08:35:00 +02:00 · 2024-10-08 08:35:00 +02:00 · 6870c3a4d0
commit 6870c3a4d0
parent 8300b60b53
3 changed files with 2 additions and 44 deletions
--- a/gnu/local.mk
+++ b/gnu/local.mk
@ -1882,7 +1882,6 @@ dist_patch_DATA =						\
  %D%/packages/patches/orangeduck-mpc-fix-pkg-config.patch	\
  %D%/packages/patches/orbit2-fix-array-allocation-32bit.patch \
  %D%/packages/patches/orpheus-cast-errors-and-includes.patch	\
-  %D%/packages/patches/osip-CVE-2017-7853.patch			\
  %D%/packages/patches/ots-no-include-missing-file.patch	\
  %D%/packages/patches/owncloud-disable-updatecheck.patch	\
  %D%/packages/patches/p7zip-CVE-2016-9296.patch		\
--- a/gnu/packages/patches/osip-CVE-2017-7853.patch
+++ b/gnu/packages/patches/osip-CVE-2017-7853.patch
@ -1,40 +0,0 @@
-Fix CVE-2017-7853:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7853
-https://savannah.gnu.org/support/index.php?109265
-
-Patch copied from upstream source repository:
-
-https://git.savannah.gnu.org/cgit/osip.git/commit/?id=1ae06daf3b2375c34af23083394a6f010be24a45
-
-From 1ae06daf3b2375c34af23083394a6f010be24a45 Mon Sep 17 00:00:00 2001
-From: Aymeric Moizard <amoizard@gmail.com>
-Date: Tue, 21 Feb 2017 17:16:26 +0100
-Subject: [PATCH]  * fix bug report: sr #109265: SIP message body length
- underflow in libosip2-4.1.0    https://savannah.gnu.org/support/?109265   
- also applicable to current latest version
-
---
- src/osipparser2/osip_message_parse.c | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/src/osipparser2/osip_message_parse.c b/src/osipparser2/osip_message_parse.c
-index 1628c60..aa35446 100644
--- a/src/osipparser2/osip_message_parse.c
-+++ b/src/osipparser2/osip_message_parse.c
-@@ -784,6 +784,12 @@ msg_osip_body_parse (osip_message_t * sip, const char *start_of_buf, const char
-     if ('\n' == start_of_body[0] || '\r' == start_of_body[0])
-       start_of_body++;
- 
-+    /* if message body is empty or contains a single CR/LF */
-+    if (end_of_body <= start_of_body) {
-+      osip_free (sep_boundary);
-+      return OSIP_SYNTAXERROR;
-+    }
-+
-     body_len = end_of_body - start_of_body;
- 
-     /* Skip CR before end boundary. */
-- 
-2.13.1
-
--- a/gnu/packages/telephony.scm
+++ b/gnu/packages/telephony.scm
@ -359,14 +359,13 @@ GNU ccRTP stack and serves as library for other RTP stacks
 (define-public osip
  (package
   (name "osip")
-   (version "5.2.1")
+   (version "5.3.1")
   (source (origin
            (method url-fetch)
            (uri (string-append "mirror://gnu/osip/libosip2-" version ".tar.gz"))
-            (patches (search-patches "osip-CVE-2017-7853.patch"))
            (sha256
             (base32
-              "1wibs2zs035ay7qvl5ai8drv6f0xw7iscb0frmpgax3pisy88dzf"))))
+              "0yfwd8g2nxf3i9d8gqh6a16ma350dlhih4awbb0nl9h82s2gx0py"))))
   (build-system gnu-build-system)

   (synopsis "Library implementing SIP (RFC-3261)")