| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
|
|
|
|
makefile scheme.
It's clear nobody'd maintained tn3270 in base for a long, long time.
|
|
|
|
|
|
build except on netbsd-5 and -current, but we can take that as it comes.
|
|
|
|
|
|
|
|
|
|
is just the sources, and they're unchanged from base except that the
rcsids have been preserved. The package will be along shortly.
|
|
- obexapp does not now require GNU libiconv (this was in pkgsrc already)
- compiler errors fixed
- no longer tries to provide username/groupname in file listings (info
not available in chroot)
|
|
|
|
hardcoding.
Note: This effectively adds x86_64 to NOT_FOR_PLATFORM for some packages.
|
|
From Daniel Horecki.
|
|
noticing the problem and seb@ for help with the Makefile contortions.
|
|
fix releases. For more information see:
http://downloads.asterisk.org/pub/telephony/asterisk/old-releases/asterisk-1.6.1.10-summary.html or http://tinyurl.com/yzyr9tt and
http://downloads.asterisk.org/pub/telephony/asterisk/old-releases/asterisk-1.6.1.12-summary.html or http://tinyurl.com/yfxlyjp .
1.6.1.11 fixes AST-2009-010 which allows people to remotely crash the
server. The description of the issue is:
An attacker sending a valid RTP comfort noise payload containing
a data length of 24 bytes or greater can remotely crash Asterisk.
Commit during freeze approved by wiz@.
|
|
1.2.36 fixed AST-2009-008, and 1.2.37 fixed AST-2009-010. The
problem in AST-2009-008 is:
-----
It is possible to determine if a peer with a specific name is
configured in Asterisk by sending a specially crafted REGISTER
message twice. The username that is to be checked is put in the
user portion of the URI in the To header. A bogus non-matching
value is put into the username portion of the Digest in the
Authorization header. If the peer does exist the second REGISTER
will receive a response of "403 Authentication user name does not
match account name". If the peer does not exist the response will
be "404 Not Found" if alwaysauthreject is disabled and "401
Unauthorized" if alwaysauthreject is enabled.
-----
And, the problem in AST-2009-010 is:
-----
An attacker sending a valid RTP comfort noise payload containing
a data length of 24 bytes or greater can remotely crash Asterisk.
-----
|
|
Somewhat more than 11 rooms later... PKG_DESTDIR_SUPPORT
|
|
|
|
Updated from 2.7p1 to 2.7p4 as original distfile no longer available
No changelog available
added PKG_DESTDIR_SUPPORT
|
|
|
|
|
|
This was tested by sending vcards with non-ASCII names; the result
was identical as before with GNU libiconv.
bump PKGREVISION
approved by plunky
|
|
|
|
and update PLIST for new Music On Hold files.
1.6.1.8 fixes AST-2009-007.
-----
A missing ACL check for handling SIP INVITEs allows a device to
make calls on networks intended to be prohibited as defined by the
"deny" and "permit" lines in sip.conf. The ACL check for handling
SIP registrations was not affected.
-----
1.6.1.9 fixes AST-2009-008 and AST-2009-009.
-----
It is possible to determine if a peer with a specific name is
configured in Asterisk by sending a specially crafted REGISTER
message twice. The username that is to be checked is put in the
user portion of the URI in the To header. A bogus non-matching
value is put into the username portion of the Digest in the
Authorization header. If the peer does exist the second REGISTER
will receive a response of 403 Authentication user name does not
match account name. If the peer does not exist the response will
be 404 Not Found if alwaysauthreject is disabled and 401 Unauthorized
if alwaysauthreject is enabled.
-----
Asterisk includes a demonstration AJAX based manager interface,
ajamdemo.html which uses the prototype.js framework. An issue was
uncovered in this framework which could allow someone to execute
a cross-site AJAX request exploit.
|
|
|
|
increased to distinguish.
|
|
mktemp(1) to avoid symlink vulnerabilities in tmp file/directory
creation/removal (mitre.org CVE-2008-4936). Named 1.1.36nb1 to
emphasize difference from upstream.
Commit ok'd by agc@.
|
|
pkgsrc changes:
- Adjusting dependencies
- Adding license definition
Upstream changes:
1.54 Sun Sep 6 10:44:53 CEST 2009
- Fixed RT #31565, incorrect decoding of outgoing messages
due to incorrect removal of zero-length octet in PDU.
Thanks to Svami Dhyan Nataraj.
1.53 Fri Aug 14 21:43:37 CEST 2009
- Fixed RT #48700, deleting SMS message with index 0 didn't work.
Thanks to Vytas M. for reporting the bug.
|
|
- 1.6.1.6 fixes AST-2009-006 which is an IAX2 DOS vulnerability
- 1.6.1.5 contains a variety of bug fixes:
Category: Applications/app_chanspy
#15660: ChanSpy "whisper" is broken in 1.4.26
Category: Applications/app_fax
#15606: app_fax.c is not compiling under OpenBSD
#15610: T.38 re-INVITE received after T.38 already negotiated fails
Category: Applications/app_milliwatt
#15386: [patch] Milliwatt() is off by -11dbm
Category: Applications/app_mixmonitor
#15699: [patch] using ast_free instead of mixmonitor_free
Category: Applications/app_queue
#14536: [patch] After a caller is processed by app_queue the queue_log
logs the hangup as TRANSFER
#15664: [patch] QUEUE_MEMBER_LIST() returns member names instead of
Category: Applications/app_stack
#15557: [patch] Gosub() dequotes once more than Macro()
#15617: [patch] crash in LOCAL() if Gosub stack is allocated but empty
Category: Applications/app_voicemail
#15717: MWI is not sent to a SIP phone upon registration, but is after the
mailbox is updated/checked
#15720: opendir() return code is not checked in last_message_index()
Category: Applications/app_voicemail/IMAP
#14496: [patch] IMAP crash multiple callers / callers hangup at beep
#14597: greetings can not be retrieved from IMAP
#14950: [patch] Greetings are stored as IMAP messages even when
imapgreetings=no
#15729: IMAP greetings not stored in dovecot
Category: CDR/General
#15751: [patch] Core dump in ast_bridge_call features.c line 2772
Category: Channels/chan_agent
#15668: AGENTACCEPTDTMF is incorrectly spelled as AGENTACCEPTDMTF in code
to recognize channel variables.
Category: Channels/chan_dahdi
#15655: [patch] Dialplan starts execution before call is accepted
#15727: [patch] Message Waiting Indication(MWI) is randomly generated when
FXO is set to DTMF Caller ID
Category: Channels/chan_misdn
#12113: [patch] asterisk crash at reload chan_misdn.so
Category: Channels/chan_sip/General
#12869: [patch] 'context' doesn't change when 'sip reload' issued when
driven from realtime
#15362: [patch] log message output is truncated
#15596: [patch] all codecs allowed, but textsupport=no crashes on T140RED
enabled call
Category: Channels/chan_sip/Registration
#14366: [patch] Registration expiry not compatible with some ITSP
#15539: [patch] Register request line contains wrong address when domain
and registrar host differ
Category: Channels/chan_sip/T.38
#15182: [patch] T.38 invite does not always comply with RFC 2327
Category: Channels/chan_sip/Video
#15121: [patch] Video support in SIP channel driver appears to be totally
broken
Category: Core/BuildSystem
#15697: most cleaner alaw don't compile
#15698: [patch] If enable DEBUG_FD_LEAKS - h323 can't start.
#15714: [patch] Asterisk won't build with curl unless curl_config is
present
Category: Core/General
#14730: [patch] Fix runlevels in Debian rc files
#15273: [patch] german time (20:01:00 oh clock) is announced wrong
#15649: T38 Faxing failing on 1.6.1 svn
#15667: LOGGER WARNING : error executing after rotate
Category: Core/ManagerInterface
#15397: [patch] segfault in action_coreshowchannels() at manager.c
#15730: [patch] manager keeps creating /tmp/ast-ami-XXXXXX files (without
deleting) when a single manager client remains logged in
Category: Core/PBX
#15242: [patch] log does not indicate which function is missing closing
parenthesis
Category: Documentation
#15755: Description in queues.conf on call recording is slightly
misleading
Category: Functions/func_iconv
#15169: When building with uClibc, configure script mistakenly assumes
iconv is always available
Category: General
#15571: [patch] 'received' typos in trunk, in 6 files
#15595: [patch] fix spelling for typos, mainly in comments.
Category: PBX/pbx_dundi
#15322: [patch] DUNDILOOKUP() does not accept comma as argument separator
Category: Resources/General
#15624: res_ais, communication ok, but wrong state send and receive.
Category: Resources/res_config_ldap
#13725: [patch] ERROR[7387]: res_config_ldap.c:1292 update_ldap: Couldn't
modify dn:cn=1001,dc=xxx,dc=xxx because Invalid syntax
#15710: Typo in LDAP schema files on line 598
Category: Resources/res_musiconhold
#15051: [patch] Moh class set in the dialplan is ignored with realtime moh
----------------------------------------------------------------------
Commits Not Associated with an Issue
[Back to Top]
This is a list of all changes that went into this release that did not
directly close an issue from the issue tracker. The commits may have been
marked as being related to an issue. If that is the case, the issue
numbers are listed here, as well.
+------------------------------------------------------------------------+
| Revision | Author | Summary | Issues |
| | | | Referenced |
|----------+------------+-----------------------------------+------------|
| | | Restore explicit export of | |
| 209058 | kpfleming | ASTCFLAGS/ASTLDFLAGS and | |
| | | underscore-variants to sub-makes. | |
|----------+------------+-----------------------------------+------------|
| 209237 | mmichelson | Gracefully handle malformed RTP | |
| | | text packets. | |
|----------+------------+-----------------------------------+------------|
| 209262 | kpfleming | Make T.38 switchover in | |
| | | ReceiveFAX synchronous. | |
|----------+------------+-----------------------------------+------------|
| 209281 | kpfleming | Cleanup T.38 negotiation changes. | |
|----------+------------+-----------------------------------+------------|
| 209327 | tilghman | Publish French extra sounds | |
|----------+------------+-----------------------------------+------------|
| | | Fix some places where | |
| 209714 | russell | ast_event_type was used instead | |
| | | of ast_event_ie_type. | |
|----------+------------+-----------------------------------+------------|
| 209781 | kpfleming | Minor changes inspired by testing | |
| | | with latest GCC. | |
|----------+------------+-----------------------------------+------------|
| 209900 | russell | Resolve a valgrind warning about | #15396 |
| | | a read from uninitialized memory. | |
|----------+------------+-----------------------------------+------------|
| 211115 | russell | Resolve a deadlock involving | |
| | | app_chanspy and masquerades. | |
|----------+------------+-----------------------------------+------------|
| 211277 | tilghman | Small oops. Clear the flags which | |
| | | have been checked. | |
|----------+------------+-----------------------------------+------------|
| 211569 | tilghman | AST-2009-005 | |
|----------+------------+-----------------------------------+------------|
| 211586 | tilghman | Conversion specifiers, not format | |
| | | specifiers | |
|----------+------------+-----------------------------------+------------|
| | | Check an actual populated | |
| 212069 | file | variable when seeing if we need | |
| | | to do video or not. | |
|----------+------------+-----------------------------------+------------|
| | | Ensure that T38FaxVersion is put | |
| 212115 | kpfleming | into outgoing SDP in the proper | |
| | | case. | |
|----------+------------+-----------------------------------+------------|
| 212386 | seanbright | Handle slin16 for extra sounds as | |
| | | well. | |
|----------+------------+-----------------------------------+------------|
| 212768 | rmudgett | Removed some deadwood and added | |
| | | some doxygen comments. | |
|----------+------------+-----------------------------------+------------|
| | | Make the default extconfig.conf | |
| 212862 | tilghman | match entries with the sample | |
| | | res_mysql.conf. | |
|----------+------------+-----------------------------------+------------|
| 212928 | kpfleming | Convert this branch to Opsound | |
| | | music-on-hold. | |
|----------+------------+-----------------------------------+------------|
| | | Remove some | |
| 212942 | kpfleming | accidentally-committed | |
| | | properties. | |
|----------+------------+-----------------------------------+------------|
| 213449 | twilson | Make LOAD_ORDER actually work | |
|----------+------------+-----------------------------------+------------|
| 213452 | twilson | Oops, committed this first. Make | |
| | | the merged property happy | |
|----------+------------+-----------------------------------+------------|
| | | Make autoheader descriptions | |
| 214365 | tilghman | render correctly in our | #14906 |
| | | autoconfig.h file. | |
|----------+------------+-----------------------------------+------------|
| | | One more build system change, to | |
| 214496 | tilghman | make the descriptions look | |
| | | better, if we have better | |
| | | information. | |
+------------------------------------------------------------------------+
|
|
This release fixes few bugs in the AT driver.
|
|
|
|
Memory usage was reduced. Tons of bugs were fixed. Support for
reading messages from Motorola phones was improved.
Also BlueTooth support was improved.
|
|
|
|
Problem reported by hasso.
|
|
20090709 - 1.25.0
[-] * Retry on timeout of usb transfer (bug #940).
[-] * Disable AT OBEX for Motorola PEBL U6 (bug #939).
[-] * Disable AT OBEX for Samsung J700 (bug #948).
[-] * Empty memory entry has length 0 (bug #947).
[-] * Handle some more fields from Nokia phonebook (bug #946), thanks to Will Sowerbutts.
20090624 - 1.24.92
[-] * Fix distutils build (bug #916).
[-] * Detect when phone does not support ATE1 (bug #918).
[-] * Do not use OBEX on Motorola L7 (bug #912).
[-] * Reinclude full SMS text in comments in backup (bug #905).
[-] * Disable AT OBEX for Samsung J750 and J700 (bug #856).
[-] * Avoid shadowing C++ bool definition (bug #920).
[-] * Do not disable CLIP for all SE phones.
[-] * Add ID for Nokia 1209.
[-] * Catch busy error from Nokia phones (bug #932, thanks to Walter Doekes).
20090527 - 1.24.91
[-] * Fix code problems caught by GCC 4.5.
[-] * Compile static libraries with -fPIC (they might be later linked
into shared ones) (bug #909).
[-] * Handle own number error code in 6510 driver (bug #910).
[-] * Add ID for Nokia 5220 (bug #910).
[-] * Handle SMSC error code in 6510 driver (bug #910).
[-] * Disable gcc warnings about non literal format strings (bug #901).
[-] * Add more fuzzy logic to detect bad encoding from phone (bug #874).
[-] * Add ID for Nokia 7500 and Nokia 7210s.
[-] * Improve searching for Bluetooth stack on OS X.
[-] * Fix ctype compile time warnings on NetBSD (bug #908).
[-] * Nokia 3110c has SMS on filesystem (bug #904).
[-] * Add ID for Nokia 5130 (bug #911).
[-] * Faster reading of Nokia filesystem.
[!] * New PDU decoder which properly parses PDU data.
[!] * AT driver uses new PDU decoder.
[!] * 6510 driver uses new PDU decoder and understands most formats of
filesystem Nokia SMS messages (bug #911).
20090512 - 1.24.90
[-] * Fix checking for MPBR (bug #873).
[-] * Fix reading of calls with wrong timestamp (bug #872).
[-] * Increase timeout for IrDA phonet (bug #867).
[-] * Better detect some weird phone states (bug #866).
[-] * Fix handling of caller group in Python bindings (bug #870).
[-] * Correctly detect empty entries from Motorola.
[-] * Better error reporting from at-charset test.
[+] * smsd-inject now shows ID of injected message.
[-] * Fix decoding of date in Nokia phonebooks (bug #876).
[-] * Fix detection of SMS message memories in AT (bug #875).
[-] * Improve documentation for savefile (bug #893).
[-] * Add stricter check for DBI version (bug #894).
|
|
|
|
Previously, zip extraction by default converted to lower case.
Fix some packages that need it and remove -L from some packages
that manually set it.
|
|
|
|
which is most likely not exploitable.
|
|
* Fix regression in 3.0.19 which causes incorrect fault handling if
efax-gtk is given an invalid postscript file.
* Provide new Emitter/EmitterArg and SafeEmitter/SafeEmitterArg
classes for thread-safe signalling.
* Provide a Callback::post() function which provides for thread-safe
disconnection of a callback if the object whose method it
encapsulates has been destroyed.
Changes 3.0.19:
* If the gtk+ version is >= 2.8.0 and X11 is the backend, use gdk
X11 functions to move the program window to the current workspace
if the user tries to start another instance.
* Include gtk/gtk.h, gdk/gdk.h and glib.h instead of individual
gtk+/glib header files.
* Correct failure to print or view logfile if the logfile user
setting does not have an absolute path name.
* Allow choice of priorities in Callback::post() function. Provide
Callback::Functor class wrapping Callback objects and further
generalise Callback objects.
* Improve iconified tracking.
* Correct the order in which tests based on the definitions in
config.h are carried out, when choosing header files to be included.
* Include fsync() call after flushing fdoutbuf stream buffer.
* Minor code layout improvements.
|
|
|
|
|
|
distfile. Requested by wiz@.
|
|
distfile. Requested by wiz@.
|
|
main new feature is Virtual root folders (per-device)
|
|
|
