| Package | pjproject |
|---|---|
| Version | 2.5.5~dfsg-6+deb9u7 (stretch) |
| Related CVEs | CVE-2022-39244 |
PJSIP is a free and open source multimedia communication library written in C. The PJSIP parser, PJMEDIA RTP decoder, and PJMEDIA SDP parser are affected by a buffer overflow vulnerability. Users connecting to untrusted clients are at risk.
For Debian 9 stretch, these problems have been fixed in version 2.5.5~dfsg-6+deb9u7.
We recommend that you upgrade your pjproject packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.