diff options
| author | jnemeth <jnemeth@pkgsrc.org> | 2021-02-28 22:48:07 +0000 |
|---|---|---|
| committer | jnemeth <jnemeth@pkgsrc.org> | 2021-02-28 22:48:07 +0000 |
| commit | ff929850aba22f4b341cc1c46c424eaa46c7a07f (patch) | |
| tree | 7d917ca342d0c11fbb1d25c4f01f452f416139f3 /comms/asterisk13 | |
| parent | b35704328202338c478377914593b149c77347aa (diff) | |
| download | pkgsrc-ff929850aba22f4b341cc1c46c424eaa46c7a07f.tar.gz | |
asterisk13: Update to Asterisk 13.38.2:
The Asterisk Development Team would like to announce security releases for
Asterisk 13, 16, 17 and 18, and Certified Asterisk 16.8. The available releases
are released as versions 13.38.2, 16.16.1, 17.9.2, 18.2.1 and 16.8-cert6.
These releases are available for immediate download at
https://downloads.asterisk.org/pub/telephony/asterisk/releases
https://downloads.asterisk.org/pub/telephony/certified-asterisk/releases
The following security vulnerabilities were resolved in these versions:
* AST-2021-001: Remote crash in res_pjsip_diversion
If a registered user is tricked into dialing a
* AST-2021-002: Remote crash possible when negotiating T.38
When
* AST-2021-003: Remote attacker could prematurely tear down SRTP calls
An unauthenticated remote attacker could replay SRTP packets which could cause
an Asterisk instance configured without strict RTP validation to tear down
calls prematurely.
* AST-2021-004: An unsuspecting user could crash Asterisk with multiple
hold/unhold requests
Due to a signedness comparison mismatch, an authenticated WebRTC client could
cause a stack overflow and Asterisk crash by sending multiple hold/unhold
requests in quick succession.
* AST-2021-005: Remote Crash Vulnerability in PJSIP channel driver
Given a scenario where an outgoing call is placed from Asterisk to a remote
SIP server it is possible for a crash to occur.
For a full list of changes in the current releases, please see the ChangeLogs:
https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.38.2
The security advisories are available at:
https://downloads.asterisk.org/pub/security/AST-2021-001.pdf
https://downloads.asterisk.org/pub/security/AST-2021-002.pdf
https://downloads.asterisk.org/pub/security/AST-2021-003.pdf
https://downloads.asterisk.org/pub/security/AST-2021-004.pdf
https://downloads.asterisk.org/pub/security/AST-2021-005.pdf
Thank you for your continued support of Asterisk!
Diffstat (limited to 'comms/asterisk13')
| -rw-r--r-- | comms/asterisk13/Makefile | 6 | ||||
| -rw-r--r-- | comms/asterisk13/distinfo | 18 |
2 files changed, 12 insertions, 12 deletions
diff --git a/comms/asterisk13/Makefile b/comms/asterisk13/Makefile index 347bc8076e1..3bf86aaba04 100644 --- a/comms/asterisk13/Makefile +++ b/comms/asterisk13/Makefile @@ -1,11 +1,11 @@ -# $NetBSD: Makefile,v 1.67 2021/01/03 09:04:06 jnemeth Exp $ +# $NetBSD: Makefile,v 1.68 2021/02/28 22:48:07 jnemeth Exp $ # # NOTE: when updating this package, there are two places that sound # tarballs need to be checked; look in ${WRKSRC}/sounds/Makefile # to find out the current sound file versions -DISTNAME= asterisk-13.38.1 -PKGREVISION= 1 +DISTNAME= asterisk-13.38.2 +#PKGREVISION= 1 CATEGORIES= comms net audio MASTER_SITES= http://downloads.asterisk.org/pub/telephony/asterisk/ MASTER_SITES+= http://downloads.asterisk.org/pub/telephony/asterisk/old-releases/ diff --git a/comms/asterisk13/distinfo b/comms/asterisk13/distinfo index a33d224e441..b759eeb5ccc 100644 --- a/comms/asterisk13/distinfo +++ b/comms/asterisk13/distinfo @@ -1,13 +1,13 @@ -$NetBSD: distinfo,v 1.17 2021/01/02 22:45:43 jnemeth Exp $ +$NetBSD: distinfo,v 1.18 2021/02/28 22:48:07 jnemeth Exp $ -SHA1 (asterisk-13.38.1/asterisk-13.38.1.tar.gz) = 6a26385f1522db2b8ab927c76367ea717ff75117 -RMD160 (asterisk-13.38.1/asterisk-13.38.1.tar.gz) = 5771cbdfd3ceca754f9c8df28ed29d52b35b143e -SHA512 (asterisk-13.38.1/asterisk-13.38.1.tar.gz) = 270b7c8374104b3c2e9999503fa5cab5b465e37ddfa6759c1019fb99b6bb5877fe4505501ac3306a708ce911aeda36d04796f51156312c04fec013dbaa56a57f -Size (asterisk-13.38.1/asterisk-13.38.1.tar.gz) = 33705256 bytes -SHA1 (asterisk-13.38.1/asterisk-extra-sounds-en-gsm-1.5.2.tar.gz) = 0207e289404704c42941759db9660269599044f9 -RMD160 (asterisk-13.38.1/asterisk-extra-sounds-en-gsm-1.5.2.tar.gz) = 5d660e7664a56086bd60ad49196e1b622a60f106 -SHA512 (asterisk-13.38.1/asterisk-extra-sounds-en-gsm-1.5.2.tar.gz) = 3f2f7bf3d5bce3544bc013f913c352f0204a3ce96239987403eb9dce8bc87e64a61d437762323a422a87b2fad1f3bf3e7a5f3d0d340f912a1b1dbfea9479d41d -Size (asterisk-13.38.1/asterisk-extra-sounds-en-gsm-1.5.2.tar.gz) = 4253587 bytes +SHA1 (asterisk-13.38.2/asterisk-13.38.2.tar.gz) = 1e86b5b11c1053b0f6a7ec72a7e385aa356694f3 +RMD160 (asterisk-13.38.2/asterisk-13.38.2.tar.gz) = ad4ff2ef7f9c298f1bfcc8d28fc4600970d955a0 +SHA512 (asterisk-13.38.2/asterisk-13.38.2.tar.gz) = bd9755503048cd8dcf8e39947dd5cfb617c20c4b1ad5033ae297499a4967c06ba11b6e43233c1ae0d33f8f11a81dbb9b4487f16a1f4786007172028caf1ee051 +Size (asterisk-13.38.2/asterisk-13.38.2.tar.gz) = 33708267 bytes +SHA1 (asterisk-13.38.2/asterisk-extra-sounds-en-gsm-1.5.2.tar.gz) = 0207e289404704c42941759db9660269599044f9 +RMD160 (asterisk-13.38.2/asterisk-extra-sounds-en-gsm-1.5.2.tar.gz) = 5d660e7664a56086bd60ad49196e1b622a60f106 +SHA512 (asterisk-13.38.2/asterisk-extra-sounds-en-gsm-1.5.2.tar.gz) = 3f2f7bf3d5bce3544bc013f913c352f0204a3ce96239987403eb9dce8bc87e64a61d437762323a422a87b2fad1f3bf3e7a5f3d0d340f912a1b1dbfea9479d41d +Size (asterisk-13.38.2/asterisk-extra-sounds-en-gsm-1.5.2.tar.gz) = 4253587 bytes SHA1 (patch-Makefile) = 7fb5c784cb5246d7b1ec9c586db8af1a9b9c5577 SHA1 (patch-apps_app__dumpchan.c) = 127ac02bdc180ad2334cd095aa6e646feb6fba10 SHA1 (patch-apps_app__followme.c) = c6a5790b5e9b34d07dbfdd66a58e2854c8c72695 |