diff options
author | jnemeth <jnemeth@pkgsrc.org> | 2012-07-06 19:51:58 +0000 |
---|---|---|
committer | jnemeth <jnemeth@pkgsrc.org> | 2012-07-06 19:51:58 +0000 |
commit | b253bebc36906d61e4776e3958878c732f2b794f (patch) | |
tree | ebcb475af39c9229e80d9a1af620751268193d80 | |
parent | 582745682c8e41ff1baf78742e5fe7e601a46002 (diff) | |
download | pkgsrc-b253bebc36906d61e4776e3958878c732f2b794f.tar.gz |
Upgrade to Asterisk 1.8.13.1 -- this fixes two security issues:
AST-2012-010 and AST-2012-011
The Asterisk Development Team has announced security releases for Certified
Asterisk 1.8.11 and Asterisk 1.8 and 10. The available security releases are
released as versions 1.8.11-cert4, 1.8.13.1, 10.5.2, and 10.5.2-digiumphones.
The release of Asterisk 1.8.11-cert4, 1.8.13.1, 10.5.2, and 10.5.2-digiumphones
resolve the following two issues:
* If Asterisk sends a re-invite and an endpoint responds to the re-invite with
a provisional response but never sends a final response, then the SIP dialog
structure is never freed and the RTP ports for the call are never released. If
an attacker has the ability to place a call, they could create a denial of
service by using all available RTP ports.
* If a single voicemail account is manipulated by two parties simultaneously,
a condition can occur where memory is freed twice causing a crash.
These issues and their resolution are described in the security advisories.
For more information about the details of these vulnerabilities, please read
security advisories AST-2012-010 and AST-2012-011, which were released at the
same time as this announcement.
For a full list of changes in the current releases, please see the ChangeLogs:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.13.1
The security advisories are available at:
* http://downloads.asterisk.org/pub/security/AST-2012-010.pdf
* http://downloads.asterisk.org/pub/security/pST-2012-011.pdf
Thank you for your continued support of Asterisk!
-rw-r--r-- | comms/asterisk18/Makefile | 5 | ||||
-rw-r--r-- | comms/asterisk18/distinfo | 14 |
2 files changed, 9 insertions, 10 deletions
diff --git a/comms/asterisk18/Makefile b/comms/asterisk18/Makefile index df957d79aca..c799f394cf2 100644 --- a/comms/asterisk18/Makefile +++ b/comms/asterisk18/Makefile @@ -1,13 +1,12 @@ -# $NetBSD: Makefile,v 1.37 2012/06/14 07:45:20 sbd Exp $ +# $NetBSD: Makefile,v 1.38 2012/07/06 19:51:58 jnemeth Exp $ # # NOTE: when updating this package, there are two places that sound # tarballs need to be checked -DISTNAME= asterisk-1.8.13.0 +DISTNAME= asterisk-1.8.13.1 DIST_SUBDIR= ${PKGNAME_NOREV} DISTFILES= ${DEFAULT_DISTFILES} EXTRACT_ONLY= ${DISTNAME}.tar.gz -PKGREVISION= 1 CATEGORIES= comms net audio MASTER_SITES= http://downloads.asterisk.org/pub/telephony/asterisk/ \ http://downloads.asterisk.org/pub/telephony/asterisk/old-releases/ \ diff --git a/comms/asterisk18/distinfo b/comms/asterisk18/distinfo index bd6cddc2aab..4c9e85445d3 100644 --- a/comms/asterisk18/distinfo +++ b/comms/asterisk18/distinfo @@ -1,11 +1,11 @@ -$NetBSD: distinfo,v 1.32 2012/06/05 06:15:51 jnemeth Exp $ +$NetBSD: distinfo,v 1.33 2012/07/06 19:51:58 jnemeth Exp $ -SHA1 (asterisk-1.8.13.0/asterisk-1.8.13.0.tar.gz) = 9c45a16d99a5ea1d73e88b3556d9ee5b2afa594b -RMD160 (asterisk-1.8.13.0/asterisk-1.8.13.0.tar.gz) = f1ce05e56a61e3b4215dd7b9fc3f8331bf70486b -Size (asterisk-1.8.13.0/asterisk-1.8.13.0.tar.gz) = 25059587 bytes -SHA1 (asterisk-1.8.13.0/asterisk-extra-sounds-en-gsm-1.4.11.tar.gz) = 8692fa61423b4769dc8bfa78faf9ed5ef7a259b9 -RMD160 (asterisk-1.8.13.0/asterisk-extra-sounds-en-gsm-1.4.11.tar.gz) = 68170c769d739d6b5b35b00f999ad6bbf876f9f6 -Size (asterisk-1.8.13.0/asterisk-extra-sounds-en-gsm-1.4.11.tar.gz) = 3349898 bytes +SHA1 (asterisk-1.8.13.1/asterisk-1.8.13.1.tar.gz) = 0985f4e3ed0dc4e9834edf351f04493f27a078e5 +RMD160 (asterisk-1.8.13.1/asterisk-1.8.13.1.tar.gz) = 3523bce4398ca8f3ab8d4f07a52c7a97a2ddd6d8 +Size (asterisk-1.8.13.1/asterisk-1.8.13.1.tar.gz) = 25049076 bytes +SHA1 (asterisk-1.8.13.1/asterisk-extra-sounds-en-gsm-1.4.11.tar.gz) = 8692fa61423b4769dc8bfa78faf9ed5ef7a259b9 +RMD160 (asterisk-1.8.13.1/asterisk-extra-sounds-en-gsm-1.4.11.tar.gz) = 68170c769d739d6b5b35b00f999ad6bbf876f9f6 +Size (asterisk-1.8.13.1/asterisk-extra-sounds-en-gsm-1.4.11.tar.gz) = 3349898 bytes SHA1 (patch-aa) = d8a67b0fd3781bb2d38b08563c69e490ab42a3e8 SHA1 (patch-af) = 19786616bb606c38f769ec85f2e4d118573659ab SHA1 (patch-ai) = e92edab5c1ff323478f41d0b0783102ed527fe39 |