diff options
author | jnemeth <jnemeth@pkgsrc.org> | 2013-08-29 23:14:38 +0000 |
---|---|---|
committer | jnemeth <jnemeth@pkgsrc.org> | 2013-08-29 23:14:38 +0000 |
commit | 50fa3934ef4ba7626779d7d6f37a2896ddb8df6b (patch) | |
tree | baa3610102c6c592cbacc739cb4533cdf439b093 /comms | |
parent | 50cf2d9e5efca959f711c513bb18a09faa1653ee (diff) | |
download | pkgsrc-50fa3934ef4ba7626779d7d6f37a2896ddb8df6b.tar.gz |
Update to Asterisk 10.12.3: this is a security fix release to fix
AST-2013-004 and AST-2013-005.
pkgsrc change: disable detection of broken IP_PKTINFO on NetBSD
The Asterisk Development Team has announced security releases for
Certified Asterisk 1.8.15, 11.2, and Asterisk 1.8, 10, and 11. The
available security rele ases are released as versions 1.8.15-cert2,
11.2-cert2, 1.8.23.1, 10.12.3, 10.12.3-di giumphones, and 11.5.1.
The release of these versions resolve the following issues:
* A remotely exploitable crash vulnerability exists in the SIP
channel driver if an ACK with SDP is received after the channel
has been terminated. The handling code incorrectly assumes that
the channel will always be present.
* A remotely exploitable crash vulnerability exists in the SIP
channel driver if an invalid SDP is sent in a SIP request that
defines media descriptions before connection information. The
handling code incorrectly attempts to reference the socket address
information even though that information has not yet been set.
These issues and their resolutions are described in the security advisories.
For more information about the details of these vulnerabilities,
please read security advisories AST-2013-004 and AST-2013-005,
which were released at the same time as this announcement.
For a full list of changes in the current releases, please see the ChangeLogs:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.12.3
The security advisories are available at:
* http://downloads.asterisk.org/pub/security/AST-2013-004.pdf
* http://downloads.asterisk.org/pub/security/AST-2013-005.pdf
Thank you for your continued support of Asterisk!
Diffstat (limited to 'comms')
-rw-r--r-- | comms/asterisk10/Makefile | 13 | ||||
-rw-r--r-- | comms/asterisk10/distinfo | 14 |
2 files changed, 16 insertions, 11 deletions
diff --git a/comms/asterisk10/Makefile b/comms/asterisk10/Makefile index 19514a291a2..7d417ed485f 100644 --- a/comms/asterisk10/Makefile +++ b/comms/asterisk10/Makefile @@ -1,13 +1,12 @@ -# $NetBSD: Makefile,v 1.51 2013/07/12 10:44:53 jperkin Exp $ +# $NetBSD: Makefile,v 1.52 2013/08/29 23:14:38 jnemeth Exp $ # # NOTE: when updating this package, there are two places that sound # tarballs need to be checked -DISTNAME= asterisk-10.12.2 +DISTNAME= asterisk-10.12.3 DIST_SUBDIR= ${PKGNAME_NOREV} DISTFILES= ${DEFAULT_DISTFILES} EXTRACT_ONLY= ${DISTNAME}.tar.gz -PKGREVISION= 7 CATEGORIES= comms net audio MASTER_SITES= http://downloads.asterisk.org/pub/telephony/asterisk/ \ http://downloads.asterisk.org/pub/telephony/asterisk/old-releases/ \ @@ -134,12 +133,18 @@ SUBST_SED.configs+= -e "s|/usr/local/man|${ASTMANDIR}|" SUBST_SED.configs+= -e "s|/usr/local|${PREFIX}|" SUBST_SED.configs+= -e "s|/var|${VARBASE}|" -# XXX gross hack, remove when atomics properly implemented .if (${OPSYS} == "NetBSD") +# XXX gross hack, remove when atomics properly implemented SUBST_CLASSES+= atomics SUBST_STAGE.atomics= post-configure SUBST_FILES.atomics= include/asterisk/autoconfig.h SUBST_SED.atomics= -e "s|^\#define HAVE_GCC_ATOMICS 1|\#undef HAVE_GCC_ATOMICS|" + +# XXX gross hack, IP_PKTINFO in NetBSD isn't compatible with anything else +SUBST_CLASSES+= pktinfo +SUBST_STAGE.pktinfo= post-configure +SUBST_FILES.pktinfo= include/asterisk/autoconfig.h +SUBST_SED.pktinfo= -e "s|^\#define HAVE_PKTINFO 1|\#undef HAVE_PKTINFO|" .endif RCD_SCRIPTS= asterisk diff --git a/comms/asterisk10/distinfo b/comms/asterisk10/distinfo index e62996107b4..c6b283f8d3d 100644 --- a/comms/asterisk10/distinfo +++ b/comms/asterisk10/distinfo @@ -1,11 +1,11 @@ -$NetBSD: distinfo,v 1.27 2013/06/14 23:53:03 jnemeth Exp $ +$NetBSD: distinfo,v 1.28 2013/08/29 23:14:38 jnemeth Exp $ -SHA1 (asterisk-10.12.2/asterisk-10.12.2.tar.gz) = 4c1e681223b9e86a74d5c8a57dc4da87045a1656 -RMD160 (asterisk-10.12.2/asterisk-10.12.2.tar.gz) = ec365462b3f9668906b3d1bf5b7342fb39cc7e2c -Size (asterisk-10.12.2/asterisk-10.12.2.tar.gz) = 25117561 bytes -SHA1 (asterisk-10.12.2/asterisk-extra-sounds-en-gsm-1.4.11.tar.gz) = 8692fa61423b4769dc8bfa78faf9ed5ef7a259b9 -RMD160 (asterisk-10.12.2/asterisk-extra-sounds-en-gsm-1.4.11.tar.gz) = 68170c769d739d6b5b35b00f999ad6bbf876f9f6 -Size (asterisk-10.12.2/asterisk-extra-sounds-en-gsm-1.4.11.tar.gz) = 3349898 bytes +SHA1 (asterisk-10.12.3/asterisk-10.12.3.tar.gz) = b337a668ca9a99cfe2e8d5e32394fb8f5e80e663 +RMD160 (asterisk-10.12.3/asterisk-10.12.3.tar.gz) = 92deb44a2ed1a94479eebc409cbada2f3b19c052 +Size (asterisk-10.12.3/asterisk-10.12.3.tar.gz) = 25119235 bytes +SHA1 (asterisk-10.12.3/asterisk-extra-sounds-en-gsm-1.4.11.tar.gz) = 8692fa61423b4769dc8bfa78faf9ed5ef7a259b9 +RMD160 (asterisk-10.12.3/asterisk-extra-sounds-en-gsm-1.4.11.tar.gz) = 68170c769d739d6b5b35b00f999ad6bbf876f9f6 +Size (asterisk-10.12.3/asterisk-extra-sounds-en-gsm-1.4.11.tar.gz) = 3349898 bytes SHA1 (patch-Makefile) = ab740f84f9883980cb5d8e8d5ca301f172c76231 SHA1 (patch-apps_app__dial.c) = e6c9f559310acdb6574d0e034dcb55df7c2ba31f SHA1 (patch-apps_app__followme.c) = cd34774a11b96269003d9f1b6fbdfddf5d9b9d4b |