diff options
| author | jnemeth <jnemeth> | 2012-07-06 21:10:11 +0000 |
|---|---|---|
| committer | jnemeth <jnemeth> | 2012-07-06 21:10:11 +0000 |
| commit | 811327c13bde528c3934b87d6bbf62779f193e23 (patch) | |
| tree | 089a7109709c1a53d21801e45b824bb7cd57b74d /comms/asterisk10/distinfo | |
| parent | 027444125a6901c058e058bd443be519abee21b0 (diff) | |
| download | pkgsrc-811327c13bde528c3934b87d6bbf62779f193e23.tar.gz | |
Update to Asterisk 10.5.2: this fixes two security issues, AST-2012-010
and AST-2012-011
The Asterisk Development Team has announced security releases for Certified
Asterisk 1.8.11 nd Asterisk 1.8 and 10. The available security releases are
released as versions 1.8.11-cert4, 1.8.13.1, 10.5.2, and 10.5.2-digiumphones.
The release of Asterisk 1.8.11-cert4, 1.8.13.1, 10.5.2, and 10.5.2-digiumphones
resolve the following two issues:
* If Asterisk sends a re-invite and an endpoint responds to the re-invite with
a provisional response but never sends a final response, then the SIP dialog
structure is never freed and the RTP ports for the call are never released. If
an attacker has the ability to place a call, they could create a denial of
service by using all available RTP ports.
* If a single voicemail account is manipulated by two parties simultaneously,
a condition can occur where memory is freed twice causing a crash.
These issues and their resolution are described in the security advisories.
For more information about the details of these vulnerabilities, please read
security advisories AST-2012-010 and AST-2012-011, which were released at the
same time as this announcement.
For a full list of changes in the current releases, please see the ChangeLogs:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.5.2
The security advisories are available at:
* http://downloads.asterisk.org/pub/security/AST-2012-010.pdf
* http://downloads.asterisk.org/pub/security/AST-2012-011.pdf
Thank you for your continued support of Asterisk!
Diffstat (limited to 'comms/asterisk10/distinfo')
| -rw-r--r-- | comms/asterisk10/distinfo | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/comms/asterisk10/distinfo b/comms/asterisk10/distinfo index cb9a67c6c78..4c98d4ae532 100644 --- a/comms/asterisk10/distinfo +++ b/comms/asterisk10/distinfo @@ -1,11 +1,11 @@ -$NetBSD: distinfo,v 1.14 2012/06/15 06:05:47 jnemeth Exp $ +$NetBSD: distinfo,v 1.15 2012/07/06 21:10:11 jnemeth Exp $ -SHA1 (asterisk-10.5.1/asterisk-10.5.1.tar.gz) = f927384456aaadc6990730927644f162b7e50536 -RMD160 (asterisk-10.5.1/asterisk-10.5.1.tar.gz) = 3e4e371a7bd533242c806bf683f0d1ad9afdeb70 -Size (asterisk-10.5.1/asterisk-10.5.1.tar.gz) = 24970486 bytes -SHA1 (asterisk-10.5.1/asterisk-extra-sounds-en-gsm-1.4.11.tar.gz) = 8692fa61423b4769dc8bfa78faf9ed5ef7a259b9 -RMD160 (asterisk-10.5.1/asterisk-extra-sounds-en-gsm-1.4.11.tar.gz) = 68170c769d739d6b5b35b00f999ad6bbf876f9f6 -Size (asterisk-10.5.1/asterisk-extra-sounds-en-gsm-1.4.11.tar.gz) = 3349898 bytes +SHA1 (asterisk-10.5.2/asterisk-10.5.2.tar.gz) = 81afb0c51a83f9781a46b795b3897954a6eb9e5d +RMD160 (asterisk-10.5.2/asterisk-10.5.2.tar.gz) = fb192d37f06e172a348a84d11faf2181bf7dbdae +Size (asterisk-10.5.2/asterisk-10.5.2.tar.gz) = 24971040 bytes +SHA1 (asterisk-10.5.2/asterisk-extra-sounds-en-gsm-1.4.11.tar.gz) = 8692fa61423b4769dc8bfa78faf9ed5ef7a259b9 +RMD160 (asterisk-10.5.2/asterisk-extra-sounds-en-gsm-1.4.11.tar.gz) = 68170c769d739d6b5b35b00f999ad6bbf876f9f6 +Size (asterisk-10.5.2/asterisk-extra-sounds-en-gsm-1.4.11.tar.gz) = 3349898 bytes SHA1 (patch-Makefile) = 1f351f6b3de49ee32be69cd8b8f88571b7ae9e03 SHA1 (patch-apps_app__dial.c) = 2109ed50406dedc90a300981a3a7500b1397ff3a SHA1 (patch-apps_app__followme.c) = a0a507986ec9722337d46fdaaac0a79d23a634e4 |