diff options
| author | jnemeth <jnemeth@pkgsrc.org> | 2011-01-21 07:00:43 +0000 |
|---|---|---|
| committer | jnemeth <jnemeth@pkgsrc.org> | 2011-01-21 07:00:43 +0000 |
| commit | e22ff5c255ab3aff605b8cab4dbff19b572c6dfb (patch) | |
| tree | 2d4f683c4f36f1c626de1e3d183e8e4128897fe3 /comms | |
| parent | 3fb09f632e913de19bad1f69da839386f8d91373 (diff) | |
| download | pkgsrc-e22ff5c255ab3aff605b8cab4dbff19b572c6dfb.tar.gz | |
Update to 1.8.2.2
This is to fix AST-2011-001: Stack buffer overflow in SIP channel driver
Asterisk Project Security Advisory - AST-2011-001
Product Asterisk
Summary Stack buffer overflow in SIP channel driver
Nature of Advisory Exploitable Stack Buffer Overflow
Susceptibility Remote Authenticated Sessions
Severity Moderate
Exploits Known No
Reported On January 11, 2011
Reported By Matthew Nicholson
Posted On January 18, 2011
Last Updated On January 18, 2011
Advisory Contact Matthew Nicholson <mnicholson at digium.com>
CVE Name
Description When forming an outgoing SIP request while in pedantic mode, a
stack buffer can be made to overflow if supplied with
carefully crafted caller ID information. This vulnerability
also affects the URIENCODE dialplan function and in some
versions of asterisk, the AGI dialplan application as well.
The ast_uri_encode function does not properly respect the size
of its output buffer and can write past the end of it when
encoding URIs.
For full details, see:
http://downloads.digium.com/pub/security/AST-2011-001.html
Diffstat (limited to 'comms')
| -rw-r--r-- | comms/asterisk18/Makefile | 4 | ||||
| -rw-r--r-- | comms/asterisk18/distinfo | 26 |
2 files changed, 15 insertions, 15 deletions
diff --git a/comms/asterisk18/Makefile b/comms/asterisk18/Makefile index cb0509ade8b..3a296656684 100644 --- a/comms/asterisk18/Makefile +++ b/comms/asterisk18/Makefile @@ -1,9 +1,9 @@ -# $NetBSD: Makefile,v 1.3 2011/01/16 17:52:42 jnemeth Exp $ +# $NetBSD: Makefile,v 1.4 2011/01/21 07:00:43 jnemeth Exp $ # # NOTE: when updating this package, there are two places that sound # tarballs need to be checked -DISTNAME= asterisk-1.8.2 +DISTNAME= asterisk-1.8.2.2 DIST_SUBDIR= ${PKGNAME_NOREV} DISTFILES= ${DEFAULT_DISTFILES} EXTRACT_ONLY= ${DISTNAME}.tar.gz diff --git a/comms/asterisk18/distinfo b/comms/asterisk18/distinfo index 7a6ea86d12f..a12a88b4494 100644 --- a/comms/asterisk18/distinfo +++ b/comms/asterisk18/distinfo @@ -1,17 +1,17 @@ -$NetBSD: distinfo,v 1.5 2011/01/16 17:52:42 jnemeth Exp $ +$NetBSD: distinfo,v 1.6 2011/01/21 07:00:43 jnemeth Exp $ -SHA1 (asterisk-1.8.2/asterisk-1.8.2.tar.gz) = aa47c1602581fb1a9ea59af4d911c33713c50d85 -RMD160 (asterisk-1.8.2/asterisk-1.8.2.tar.gz) = 2d7c5c98dde2fb98317f05ea94e94a3c0a264008 -Size (asterisk-1.8.2/asterisk-1.8.2.tar.gz) = 26237515 bytes -SHA1 (asterisk-1.8.2/asterisk-extra-sounds-en-gsm-1.4.11.tar.gz) = 8692fa61423b4769dc8bfa78faf9ed5ef7a259b9 -RMD160 (asterisk-1.8.2/asterisk-extra-sounds-en-gsm-1.4.11.tar.gz) = 68170c769d739d6b5b35b00f999ad6bbf876f9f6 -Size (asterisk-1.8.2/asterisk-extra-sounds-en-gsm-1.4.11.tar.gz) = 3349898 bytes -SHA1 (asterisk-1.8.2/extract-cfile.awk) = c4f08eee1ab83c041bde1ab91672a4a3c43c28b8 -RMD160 (asterisk-1.8.2/extract-cfile.awk) = cd59f8e5807732023d5aec95187e2d5572f400a4 -Size (asterisk-1.8.2/extract-cfile.awk) = 667 bytes -SHA1 (asterisk-1.8.2/rfc3951.txt) = 1a6c769be750fb02456d60db2470909254496017 -RMD160 (asterisk-1.8.2/rfc3951.txt) = 15f7ec61653ec9953172f8f2150e7d8f6f620926 -Size (asterisk-1.8.2/rfc3951.txt) = 373442 bytes +SHA1 (asterisk-1.8.2.2/asterisk-1.8.2.2.tar.gz) = c5cf5a02e2dcab9b537c8909fc7505fedf025c43 +RMD160 (asterisk-1.8.2.2/asterisk-1.8.2.2.tar.gz) = 1f642528d67773a82abb928f725309c88c33b2f7 +Size (asterisk-1.8.2.2/asterisk-1.8.2.2.tar.gz) = 26330842 bytes +SHA1 (asterisk-1.8.2.2/asterisk-extra-sounds-en-gsm-1.4.11.tar.gz) = 8692fa61423b4769dc8bfa78faf9ed5ef7a259b9 +RMD160 (asterisk-1.8.2.2/asterisk-extra-sounds-en-gsm-1.4.11.tar.gz) = 68170c769d739d6b5b35b00f999ad6bbf876f9f6 +Size (asterisk-1.8.2.2/asterisk-extra-sounds-en-gsm-1.4.11.tar.gz) = 3349898 bytes +SHA1 (asterisk-1.8.2.2/extract-cfile.awk) = c4f08eee1ab83c041bde1ab91672a4a3c43c28b8 +RMD160 (asterisk-1.8.2.2/extract-cfile.awk) = cd59f8e5807732023d5aec95187e2d5572f400a4 +Size (asterisk-1.8.2.2/extract-cfile.awk) = 667 bytes +SHA1 (asterisk-1.8.2.2/rfc3951.txt) = 1a6c769be750fb02456d60db2470909254496017 +RMD160 (asterisk-1.8.2.2/rfc3951.txt) = 15f7ec61653ec9953172f8f2150e7d8f6f620926 +Size (asterisk-1.8.2.2/rfc3951.txt) = 373442 bytes SHA1 (patch-aa) = a157fe745bde7880cbbdcfdf9e4bb4381f1df185 SHA1 (patch-af) = ebad62fcb31b600d30235cc5e93284c93b2c8af9 SHA1 (patch-ag) = c71c61350cefbbe53eefa99245ca7712753f22d5 |