--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: stretch-pu: package pjproject/2.5.5~dfsg-6+deb9u1
- From: Bernhard Schmidt <berni@debian.org>
- Date: Mon, 26 Feb 2018 00:45:20 +0100
- Message-id: <151960232050.26145.15476252020715011258.reportbug@BOTOX.krs8.birkenwald.de>
Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian.org@packages.debian.org
Usertags: pu
Hi,
I'd like to ask for a SRM approval to include a non-security fix for an
important bug in the pjproject package into the next security upload.
In #881362 Joachim Förster reported issues resolving DNS SRV records
if the target does not have an AAAA record. He identified and tested
an upstream patch that has been part of sid for more than 6 months.
We will have to do a security upload of pjproject soon, and I'd like to
include this fix there.
Relevant patch attached.
Bernhard
diff --git a/debian/patches/0008-r5536-Fix-SRV-without-AAAA.patch b/debian/patches/0008-r5536-Fix-SRV-without-AAAA.patch
new file mode 100644
index 0000000..2a20cb4
--- /dev/null
+++ b/debian/patches/0008-r5536-Fix-SRV-without-AAAA.patch
@@ -0,0 +1,55 @@
+From: Riza Sulistyo <riza@teluu.com>
+Subject: [PATCH] Re #1945 (misc): Don't trigger SRV complete callback when
+ there is a parse error.
+Bug-Debian: https://bugs.debian.org/881362
+
+git-svn-id: https://svn.pjsip.org/repos/pjproject/trunk@5536 74dad513-b988-da41-8d7b-12977e46ad98
+---
+ pjlib-util/src/pjlib-util/srv_resolver.c | 24 ++++++++++++++++++------
+ 1 file changed, 18 insertions(+), 6 deletions(-)
+
+diff --git a/pjlib-util/src/pjlib-util/srv_resolver.c b/pjlib-util/src/pjlib-util/srv_resolver.c
+index 8a4a599e..8a2f7e1b 100644
+--- a/pjlib-util/src/pjlib-util/srv_resolver.c
++++ b/pjlib-util/src/pjlib-util/srv_resolver.c
+@@ -652,6 +652,7 @@ static void dns_callback(void *user_data,
+
+ } else if (query_job->dns_state == PJ_DNS_TYPE_A) {
+ pj_bool_t is_type_a, srv_completed;
++ pj_dns_addr_record rec;
+
+ /* Clear outstanding job */
+ if (common->type == PJ_DNS_TYPE_A) {
+@@ -668,15 +669,26 @@ static void dns_callback(void *user_data,
+
+ is_type_a = (common->type == PJ_DNS_TYPE_A);
+
++ /* Parse response */
++ if (status==PJ_SUCCESS && pkt->hdr.anscount != 0) {
++ status = pj_dns_parse_addr_response(pkt, &rec);
++ if (status!=PJ_SUCCESS) {
++ char errmsg[PJ_ERR_MSG_SIZE];
++
++ PJ_LOG(4,(query_job->objname,
++ "DNS %s record parse error for '%.*s'."
++ " Err=%d (%s)",
++ (is_type_a ? "A" : "AAAA"),
++ (int)query_job->domain_part.slen,
++ query_job->domain_part.ptr,
++ status,
++ pj_strerror(status,errmsg,sizeof(errmsg)).ptr));
++ }
++ }
++
+ /* Check that we really have answer */
+ if (status==PJ_SUCCESS && pkt->hdr.anscount != 0) {
+ char addr[PJ_INET6_ADDRSTRLEN];
+- pj_dns_addr_record rec;
+-
+- /* Parse response */
+- status = pj_dns_parse_addr_response(pkt, &rec);
+- if (status != PJ_SUCCESS)
+- goto on_error;
+
+ pj_assert(rec.addr_count != 0);
+
diff --git a/debian/patches/series b/debian/patches/series
index 4ddd84c..b23b21f 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -18,3 +18,4 @@ asterisk/0017-r5475-svn-backport-Remove-DNS-cache-entry.patch
asterisk/0018-r5477-svn-backport-Fix-DNS-write-on-freed-memory.patch
asterisk/0019-Parse-zero-length-multipart-body-parts-correctly.patch
asterisk/0020-Ensure-2543-transaction-key-buffer-is-large-enough.patch
+0008-r5536-Fix-SRV-without-AAAA.patch
--- End Message ---
--- Begin Message ---
- To: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 891481-done@bugs.debian.org
- Subject: Re: Bug#891481: stretch-pu: package pjproject/2.5.5~dfsg-6+deb9u1
- From: Bernhard Schmidt <berni@debian.org>
- Date: Mon, 16 Apr 2018 22:18:20 +0200
- Message-id: <fb7f1710-935a-6a00-4f96-764ff764c5a0@debian.org>
- In-reply-to: <1520006429.15218.15.camel@adam-barratt.org.uk>
- References: <151960232050.26145.15476252020715011258.reportbug@BOTOX.krs8.birkenwald.de> <1520006429.15218.15.camel@adam-barratt.org.uk>
On 02.03.2018 17:00, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
>
> On Mon, 2018-02-26 at 00:45 +0100, Bernhard Schmidt wrote:
>> I'd like to ask for a SRM approval to include a non-security fix for
>> an
>> important bug in the pjproject package into the next security upload.
>>
>> In #881362 Joachim Förster reported issues resolving DNS SRV records
>> if the target does not have an AAAA record. He identified and tested
>> an upstream patch that has been part of sid for more than 6 months.
>>
>> We will have to do a security upload of pjproject soon, and I'd like
>> to include this fix there.
>>
>> Relevant patch attached.
>>
>
> That looks fine; thanks.
>
> Please close this bug once the DSA has been released.
DSA 4170-1 has been released.
Bernhard
--- End Message ---