PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. This issue is similar to GHSA-9pfh-r8x4-w26w. Possible buffer overread when parsing a certain STUN message. The vulnerability affects applications that uses STUN including PJNATH and PJSUA-LIB. The patch is available as commit in the master branch.
{ "binaries": [ { "binary_name": "ring", "binary_version": "20180228.1.503da2b~ds1-1ubuntu0.1~esm1" }, { "binary_name": "ring-daemon", "binary_version": "20180228.1.503da2b~ds1-1ubuntu0.1~esm1" }, { "binary_name": "ring-daemon-dbgsym", "binary_version": "20180228.1.503da2b~ds1-1ubuntu0.1~esm1" }, { "binary_name": "ring-dbgsym", "binary_version": "20180228.1.503da2b~ds1-1ubuntu0.1~esm1" } ], "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "ubuntu_priority": "medium" }
{ "binaries": [ { "binary_name": "jami", "binary_version": "20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1" }, { "binary_name": "jami-daemon", "binary_version": "20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1" }, { "binary_name": "jami-daemon-dbgsym", "binary_version": "20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1" }, { "binary_name": "jami-dbgsym", "binary_version": "20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1" }, { "binary_name": "ring", "binary_version": "20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1" }, { "binary_name": "ring-daemon", "binary_version": "20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1" } ], "availability": "No subscription required", "ubuntu_priority": "medium" }