two CVE in pjproject

To: pkgsrc-pmc%netbsd.org@localhost
Subject: two CVE in pjproject
From: Emmanuel Dreyfus <manu%netbsd.org@localhost>
Date: Fri, 20 Mar 2026 08:54:55 +0000

Hello

There are two outstanding CVE in pjproject that is used by Asterisk:
CVE-2026-29068 and CVE-2026-28799.

I created two patches for comms/asterisk23 and tested it, it did 
not break anything obvious.
https://dl.espci.fr/ticket/194cb36aeb8556c7c655a4d8f7583cbe

What should I do with it? I can live with it as a local change, but
perhaps it could be intersting for others.

-- 
Emmanuel Dreyfus
manu%netbsd.org@localhost

Prev by Date: Re: python311 vs expat
Next by Date: Re: python311 vs expat
Previous by Thread: graphics/graphviz is broken
Indexes:

Home | Main Index | Thread Index | Old Index