package/sngrep: security bump to v1.8.2
See the release notes:
- https://github.com/irontec/sngrep/releases/tag/v1.7.0
- https://github.com/irontec/sngrep/releases/tag/v1.8.0
- https://github.com/irontec/sngrep/releases/tag/v1.8.1
- https://github.com/irontec/sngrep/releases/tag/v1.8.2
This fixes the following vulnerabilities:
- CVE-2024-3119:
A buffer overflow vulnerability exists in all versions of sngrep since
v0.4.2, due to improper handling of 'Call-ID' and 'X-Call-ID' SIP
headers. The functions sip_get_callid and sip_get_xcallid in sip.c use
the strncpy function to copy header contents into fixed-size buffers
without checking the data length. This flaw allows remote attackers to
execute arbitrary code or cause a denial of service (DoS) through
specially crafted SIP messages.
https://www.cve.org/CVERecord?id=CVE-2024-3119
- CVE-2024-3120:
A stack-buffer overflow vulnerability exists in all versions of sngrep
since v1.4.1. The flaw is due to inadequate bounds checking when
copying 'Content-Length' and 'Warning' headers into fixed-size buffers
in the sip_validate_packet and sip_parse_extra_headers functions
within src/sip.c. This vulnerability allows remote attackers to
execute arbitrary code or cause a denial of service (DoS) via crafted
SIP messages.
https://www.cve.org/CVERecord?id=CVE-2024-3120
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit f52e17596dc81a7ae12afbe7a699afdf0ae8e6b2)
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Titouan Christophe