From fc1d4bc1055d8151059eac159d4df8d1602ee1f5 Mon Sep 17 00:00:00 2001 From: jnemeth Date: Mon, 17 Oct 2011 23:40:50 +0000 Subject: Update to 1.8.7.1 -- this update fixes AST-2011-012 pkgsrc change: now what sqlite3 has been imported into NetBSD, enable it Asterisk Project Security Advisory - AST-2011-012 Product Asterisk Summary Remote crash vulnerability in SIP channel driver Nature of Advisory Remote crash Susceptibility Remote authenticated sessions Severity Critical Exploits Known No Reported On October 4, 2011 Reported By Ehsan Foroughi Posted On October 17, 2011 Last Updated On October 17, 2011 Advisory Contact Terry Wilson CVE Name CVE-2011-4063 Description A remote authenticated user can cause a crash with a malformed request due to an unitialized variable. Resolution Ensure variables are initialized in all cases when parsing the request. Affected Versions Product Release Series Asterisk Open Source 1.8.x All versions Asterisk Open Source 10.x All versions (currently in beta) Corrected In Product Release Asterisk Open Source 1.8.7.1, 10.0.0-rc1 Patches Download URL Revision http://downloads.asterisk.org/pub/security/AST-2011-012-1.8.diff 1.8 http://downloads.asterisk.org/pub/security/AST-2011-012-10.diff 10 Links Asterisk Project Security Advisories are posted at http://www.asterisk.org/security This document may be superseded by later versions; if so, the latest version will be posted at http://downloads.digium.com/pub/security/AST-2011-012.pdf and http://downloads.digium.com/pub/security/AST-2011-012.html Revision History Date Editor Revisions Made Asterisk Project Security Advisory - AST-2011-012 Copyright (c) 2011 Digium, Inc. All Rights Reserved. Permission is hereby granted to distribute and publish this advisory in its original, unaltered form. --- comms/asterisk18/Makefile | 6 +++--- comms/asterisk18/PLIST | 4 +++- comms/asterisk18/distinfo | 26 +++++++++++++------------- 3 files changed, 19 insertions(+), 17 deletions(-) (limited to 'comms') diff --git a/comms/asterisk18/Makefile b/comms/asterisk18/Makefile index 4b1e70076b1..bfb86a9fe24 100644 --- a/comms/asterisk18/Makefile +++ b/comms/asterisk18/Makefile @@ -1,10 +1,9 @@ -# $NetBSD: Makefile,v 1.14 2011/10/12 03:21:07 jnemeth Exp $ +# $NetBSD: Makefile,v 1.15 2011/10/17 23:40:50 jnemeth Exp $ # # NOTE: when updating this package, there are two places that sound # tarballs need to be checked -DISTNAME= asterisk-1.8.7.0 -PKGREVISION= 1 +DISTNAME= asterisk-1.8.7.1 DIST_SUBDIR= ${PKGNAME_NOREV} DISTFILES= ${DEFAULT_DISTFILES} EXTRACT_ONLY= ${DISTNAME}.tar.gz @@ -204,6 +203,7 @@ post-install: ${INSTALL_DATA} ${WRKSRC}/doc/README.txt ${DESTDIR}${PREFIX}/share/doc/${PKGBASE} ${INSTALL_DATA} ${WRKSRC}/doc/api-1.6.2-changes.txt ${DESTDIR}${PREFIX}/share/doc/${PKGBASE} +.include "../../databases/sqlite3/buildlink3.mk" .include "../../devel/zlib/buildlink3.mk" .include "../../security/openssl/buildlink3.mk" .include "../../textproc/libxml2/buildlink3.mk" diff --git a/comms/asterisk18/PLIST b/comms/asterisk18/PLIST index 2c0ef70401f..f10a3ed28ce 100644 --- a/comms/asterisk18/PLIST +++ b/comms/asterisk18/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.8 2011/10/12 03:21:07 jnemeth Exp $ +@comment $NetBSD: PLIST,v 1.9 2011/10/17 23:40:50 jnemeth Exp $ include/asterisk.h include/asterisk/_private.h include/asterisk/abstract_jb.h @@ -211,10 +211,12 @@ lib/asterisk/modules/cdr_csv.so lib/asterisk/modules/cdr_custom.so lib/asterisk/modules/cdr_manager.so ${PLIST.unixodbc}lib/asterisk/modules/cdr_odbc.so +lib/asterisk/modules/cdr_sqlite3_custom.so lib/asterisk/modules/cdr_syslog.so lib/asterisk/modules/cel_custom.so lib/asterisk/modules/cel_manager.so ${PLIST.unixodbc}lib/asterisk/modules/cel_odbc.so +lib/asterisk/modules/cel_sqlite3_custom.so lib/asterisk/modules/chan_agent.so lib/asterisk/modules/chan_bridge.so ${PLIST.jabber}lib/asterisk/modules/chan_gtalk.so diff --git a/comms/asterisk18/distinfo b/comms/asterisk18/distinfo index 48ae7b33fe3..99a8ef9753c 100644 --- a/comms/asterisk18/distinfo +++ b/comms/asterisk18/distinfo @@ -1,17 +1,17 @@ -$NetBSD: distinfo,v 1.13 2011/10/11 03:12:55 jnemeth Exp $ +$NetBSD: distinfo,v 1.14 2011/10/17 23:40:50 jnemeth Exp $ -SHA1 (asterisk-1.8.7.0/asterisk-1.8.7.0.tar.gz) = e28ad2f52a227acc7ec6d6952f3fd41baecd6292 -RMD160 (asterisk-1.8.7.0/asterisk-1.8.7.0.tar.gz) = 84b7e2f49e1dc78c32649cc0786e6fea1bd2c9b5 -Size (asterisk-1.8.7.0/asterisk-1.8.7.0.tar.gz) = 27828568 bytes -SHA1 (asterisk-1.8.7.0/asterisk-extra-sounds-en-gsm-1.4.11.tar.gz) = 8692fa61423b4769dc8bfa78faf9ed5ef7a259b9 -RMD160 (asterisk-1.8.7.0/asterisk-extra-sounds-en-gsm-1.4.11.tar.gz) = 68170c769d739d6b5b35b00f999ad6bbf876f9f6 -Size (asterisk-1.8.7.0/asterisk-extra-sounds-en-gsm-1.4.11.tar.gz) = 3349898 bytes -SHA1 (asterisk-1.8.7.0/extract-cfile.txt) = b22874814c83a53bcd1a8d96b5911304f304971e -RMD160 (asterisk-1.8.7.0/extract-cfile.txt) = e7205fe7e95793f3ca6e384edeef1ad5713485e0 -Size (asterisk-1.8.7.0/extract-cfile.txt) = 643 bytes -SHA1 (asterisk-1.8.7.0/rfc3951.txt) = 1a6c769be750fb02456d60db2470909254496017 -RMD160 (asterisk-1.8.7.0/rfc3951.txt) = 15f7ec61653ec9953172f8f2150e7d8f6f620926 -Size (asterisk-1.8.7.0/rfc3951.txt) = 373442 bytes +SHA1 (asterisk-1.8.7.1/asterisk-1.8.7.1.tar.gz) = c29671daaca5725b4f4257a972c2fe88effbc16e +RMD160 (asterisk-1.8.7.1/asterisk-1.8.7.1.tar.gz) = e69d6f6c555f52b8c6bd16428c9e64a22988e736 +Size (asterisk-1.8.7.1/asterisk-1.8.7.1.tar.gz) = 28557326 bytes +SHA1 (asterisk-1.8.7.1/asterisk-extra-sounds-en-gsm-1.4.11.tar.gz) = 8692fa61423b4769dc8bfa78faf9ed5ef7a259b9 +RMD160 (asterisk-1.8.7.1/asterisk-extra-sounds-en-gsm-1.4.11.tar.gz) = 68170c769d739d6b5b35b00f999ad6bbf876f9f6 +Size (asterisk-1.8.7.1/asterisk-extra-sounds-en-gsm-1.4.11.tar.gz) = 3349898 bytes +SHA1 (asterisk-1.8.7.1/extract-cfile.txt) = b22874814c83a53bcd1a8d96b5911304f304971e +RMD160 (asterisk-1.8.7.1/extract-cfile.txt) = e7205fe7e95793f3ca6e384edeef1ad5713485e0 +Size (asterisk-1.8.7.1/extract-cfile.txt) = 643 bytes +SHA1 (asterisk-1.8.7.1/rfc3951.txt) = 1a6c769be750fb02456d60db2470909254496017 +RMD160 (asterisk-1.8.7.1/rfc3951.txt) = 15f7ec61653ec9953172f8f2150e7d8f6f620926 +Size (asterisk-1.8.7.1/rfc3951.txt) = 373442 bytes SHA1 (patch-aa) = 496565e1e567c42ab6ba8f996c506f52cb9c8cfe SHA1 (patch-af) = 19786616bb606c38f769ec85f2e4d118573659ab SHA1 (patch-ag) = c71c61350cefbbe53eefa99245ca7712753f22d5 -- cgit v1.2.3