CVS commit: pkgsrc/comms/asterisk13

["John Nemeth" <jnemeth%netbsd.org@localhost>]

Module Name:    pkgsrc
Committed By:   jnemeth
Date:           Mon May 29 20:52:37 UTC 2017

Modified Files:
        pkgsrc/comms/asterisk13: Makefile distinfo

Log Message:
Add fixes for AST-2017-002, AST-2017-003, and AST-2017-004.  Note
that the first two don't affect pkgsrc as we are using chan_sip
not PJSIP.  The last only affects users of SCCP, which is Cisco's
proprietary protocol.

----- AST-2017-002

A remote crash can be triggered by sending a SIP packet to
Asterisk with a specially crafted CSeq header and a Via
header with no branch parameter. The issue is that the
PJSIP RFC 2543 transaction key generation algorithm does
not allocate a large enough buffer. By overrunning the
buffer, the memory allocation table becomes corrupted,
leading to an eventual crash.

This issue is in PJSIP, and so the issue can be fixed
without performing an upgrade of Asterisk at all. However,
we are releasing a new version of Asterisk with the bundled
PJProject updated to include the fix.

If you are running Asterisk with chan_sip, this issue does
not affect you.

----- AST-2017-003

The multi-part body parser in PJSIP contains a logical
error that can make certain multi-part body parts attempt
to read memory from outside the allowed boundaries. A
specially-crafted packet can trigger these invalid reads
and potentially induce a crash.

The issue is within the PJSIP project and not in Asterisk.
Therefore, the problem can be fixed without upgrading
Asterisk. However, we will be releasing a new version of
Asterisk where the bundled version of PJSIP has been
updated to have the bug patched.

If you are using Asterisk with chan_sip, this issue does
not affect you.

----- AST-2017-004

A remote memory exhaustion can be triggered by sending an
SCCP packet to Asterisk system with chan_skinny enabled
that is larger than the length of the SCCP header but
smaller than the packet length specified in the header. The
loop that reads the rest of the packet doesn't detect that
the call to read() returned end-of-file before the expected
number of bytes and continues infinitely. The partial
data message logging in that tight loop causes Asterisk to
exhaust all available memory.


To generate a diff of this commit:
cvs rdiff -u -r1.26 -r1.27 pkgsrc/comms/asterisk13/Makefile
cvs rdiff -u -r1.12 -r1.13 pkgsrc/comms/asterisk13/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/comms/asterisk13/Makefile
diff -u pkgsrc/comms/asterisk13/Makefile:1.26 pkgsrc/comms/asterisk13/Makefile:1.27
--- pkgsrc/comms/asterisk13/Makefile:1.26       Sat May 13 22:39:13 2017
+++ pkgsrc/comms/asterisk13/Makefile    Mon May 29 20:52:37 2017
@@ -1,10 +1,10 @@
-# $NetBSD: Makefile,v 1.26 2017/05/13 22:39:13 jnemeth Exp $
+# $NetBSD: Makefile,v 1.27 2017/05/29 20:52:37 jnemeth Exp $
 #
 # NOTE: when updating this package, there are two places that sound
 #       tarballs need to be checked; look in ${WRKSRC}/sounds/Makefile
 #       to find out the current sound file versions
 
-DISTNAME=      asterisk-13.15.0
+DISTNAME=      asterisk-13.15.1
 #PKGREVISION=  4
 CATEGORIES=    comms net audio
 MASTER_SITES=  http://downloads.asterisk.org/pub/telephony/asterisk/

Index: pkgsrc/comms/asterisk13/distinfo
diff -u pkgsrc/comms/asterisk13/distinfo:1.12 pkgsrc/comms/asterisk13/distinfo:1.13
--- pkgsrc/comms/asterisk13/distinfo:1.12       Sat May 13 22:39:13 2017
+++ pkgsrc/comms/asterisk13/distinfo    Mon May 29 20:52:37 2017
@@ -1,13 +1,13 @@
-$NetBSD: distinfo,v 1.12 2017/05/13 22:39:13 jnemeth Exp $
+$NetBSD: distinfo,v 1.13 2017/05/29 20:52:37 jnemeth Exp $
 
-SHA1 (asterisk-13.15.0/asterisk-13.15.0.tar.gz) = 6095d1456a8f10c67caaba266268caac61304c93
-RMD160 (asterisk-13.15.0/asterisk-13.15.0.tar.gz) = 374378224081f554e78195a139908f73d47d2321
-SHA512 (asterisk-13.15.0/asterisk-13.15.0.tar.gz) = 1015cc61e2fafb9f636970538cf3680af8f26b46d62dc24c6cdd8050f6b5e7db024cd1bb9e512771f9f88316d9d0695e294cb6173d47e0e8e89d06baa010dd47
-Size (asterisk-13.15.0/asterisk-13.15.0.tar.gz) = 32851716 bytes
-SHA1 (asterisk-13.15.0/asterisk-extra-sounds-en-gsm-1.5.tar.gz) = 831ae6442e23cbef1e7d1c84798778ad0b0524d1
-RMD160 (asterisk-13.15.0/asterisk-extra-sounds-en-gsm-1.5.tar.gz) = d52df795201c53fc4cd7d99ed41516e312f6f0f3
-SHA512 (asterisk-13.15.0/asterisk-extra-sounds-en-gsm-1.5.tar.gz) = c7d3c3fd2c854e6776801312d34bf69bbed78a443c16121637f508c5275f18b1d415cbb6e4f6f8c5aa3769cbbfa1a11485b9972053777f3ac39256c2c81729f1
-Size (asterisk-13.15.0/asterisk-extra-sounds-en-gsm-1.5.tar.gz) = 4256538 bytes
+SHA1 (asterisk-13.15.1/asterisk-13.15.1.tar.gz) = f7d32a31e5a45624a38f9604ac8e434c6b0ecd7c
+RMD160 (asterisk-13.15.1/asterisk-13.15.1.tar.gz) = c89f27ab4362ee64cad4376e96eb4ede630a2de1
+SHA512 (asterisk-13.15.1/asterisk-13.15.1.tar.gz) = 2ee19853431b890c988b69e03604b0d39b9764a93074c22a9975bde7d6f432582a00c2e841be6c6fd5f86fab338b9e717d4a7912e4fbac5034cb7a0dcf3b2337
+Size (asterisk-13.15.1/asterisk-13.15.1.tar.gz) = 32828857 bytes
+SHA1 (asterisk-13.15.1/asterisk-extra-sounds-en-gsm-1.5.tar.gz) = 831ae6442e23cbef1e7d1c84798778ad0b0524d1
+RMD160 (asterisk-13.15.1/asterisk-extra-sounds-en-gsm-1.5.tar.gz) = d52df795201c53fc4cd7d99ed41516e312f6f0f3
+SHA512 (asterisk-13.15.1/asterisk-extra-sounds-en-gsm-1.5.tar.gz) = c7d3c3fd2c854e6776801312d34bf69bbed78a443c16121637f508c5275f18b1d415cbb6e4f6f8c5aa3769cbbfa1a11485b9972053777f3ac39256c2c81729f1
+Size (asterisk-13.15.1/asterisk-extra-sounds-en-gsm-1.5.tar.gz) = 4256538 bytes
 SHA1 (patch-Makefile) = 1373ea4cfab46f701cef0f5c61a6a1604e710bf5
 SHA1 (patch-addons_chan__ooh323.c) = 9cba619ced6a4449604faebeac33d91a23519c48
 SHA1 (patch-apps_app__dumpchan.c) = 127ac02bdc180ad2334cd095aa6e646feb6fba10