pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/comms/asterisk22



Module Name:    pkgsrc
Committed By:   jnemeth
Date:           Mon Feb 16 03:21:59 UTC 2026

Modified Files:
        pkgsrc/comms/asterisk22: Makefile PLIST distinfo

Log Message:
update to Asterisk 22.8.2:

## Change Log for Release asterisk-22.8.2

### Links:

 - [Full ChangeLog](https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-22.8.2.html)
 - [GitHub Diff](https://github.com/asterisk/asterisk/compare/22.8.1...22.8.2)

### Summary:

- Commits: 4
- Commit Authors: 2
- Issues Resolved: 0
- Security Advisories Resolved: 4
  - [GHSA-85x7-54wr-vh42](https://github.com/asterisk/asterisk/security/advisories/GHSA-85x7-54wr-vh42): Asterisk xml.c uses unsafe XML_PARSE_NOENT leading to potential XXE Injection
  - [GHSA-rvch-3jmx-3jf3](https://github.com/asterisk/asterisk/security/advisories/GHSA-rvch-3jmx-3jf3): ast_coredumper running as root sources ast_debug_tools.conf from /etc/asterisk; potentially 
leading to privilege escalation
  - [GHSA-v6hp-wh3r-cwxh](https://github.com/asterisk/asterisk/security/advisories/GHSA-v6hp-wh3r-cwxh): The Asterisk embedded web server's /httpstatus page echos user supplied values(cookie and 
query string) without sanitization
  - [GHSA-xpc6-x892-v83c](https://github.com/asterisk/asterisk/security/advisories/GHSA-xpc6-x892-v83c): ast_coredumper runs as root, and writes gdb init file to world writeable folder; leading to 
potential privilege escalation

### User Notes:

- #### ast_coredumper: check ast_debug_tools.conf permissions
  ast_debug_tools.conf must be owned by root and not be
  writable by other users or groups to be used by ast_coredumper or
  by ast_logescalator or ast_loggrabber when run as root.

### Upgrade Notes:

- #### http.c: Change httpstatus to default disabled and sanitize output.
  To prevent possible security issues, the `/httpstatus` page
  served by the internal web server is now disabled by default.  To explicitly
  enable it, set `enable_status=yes` in http.conf.


To generate a diff of this commit:
cvs rdiff -u -r1.18 -r1.19 pkgsrc/comms/asterisk22/Makefile
cvs rdiff -u -r1.6 -r1.7 pkgsrc/comms/asterisk22/PLIST
cvs rdiff -u -r1.7 -r1.8 pkgsrc/comms/asterisk22/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/comms/asterisk22/Makefile
diff -u pkgsrc/comms/asterisk22/Makefile:1.18 pkgsrc/comms/asterisk22/Makefile:1.19
--- pkgsrc/comms/asterisk22/Makefile:1.18       Fri Feb  6 10:04:21 2026
+++ pkgsrc/comms/asterisk22/Makefile    Mon Feb 16 03:21:59 2026
@@ -1,12 +1,11 @@
-# $NetBSD: Makefile,v 1.18 2026/02/06 10:04:21 wiz Exp $
+# $NetBSD: Makefile,v 1.19 2026/02/16 03:21:59 jnemeth Exp $
 #
 # NOTE: when updating this package, there are two places that sound
 #       tarballs need to be checked; look in ${WRKSRC}/sounds/Makefile
 #       to find out the current sound file versions
 #       Also look in ${WRKSRC}/third-party/versions.mak for pjproject
 
-DISTNAME=      asterisk-22.7.0
-PKGREVISION=   2
+DISTNAME=      asterisk-22.8.2
 CATEGORIES=    comms net audio
 MASTER_SITES=  https://downloads.asterisk.org/pub/telephony/asterisk/
 MASTER_SITES+= https://downloads.asterisk.org/pub/telephony/asterisk/old-releases/
@@ -215,17 +214,17 @@ CONF_FILES_PERMS+=        ${ASTEXAMPLEDIR}/${f:
        cdr_sqlite3_custom.conf cdr_tds.conf cel.conf                   \
        cel_beanstalkd.conf cel_custom.conf cel_odbc.conf               \
        cel_pgsql.conf cel_sqlite3_custom.conf cel_tds.conf             \
-       chan_dahdi.conf chan_mobile.conf cli.conf cli_aliases.conf      \
-       cli_permissions.conf codecs.conf confbridge.conf                \
-       config_test.conf console.conf dbsep.conf dnsmgr.conf dsp.conf   \
-       dundi.conf enum.conf extconfig.conf extensions.ael              \
-       extensions.conf extensions.lua extensions_minivm.conf           \
-       features.conf festival.conf followme.conf func_odbc.conf        \
-       geolocation.conf hep.conf http.conf iax.conf iaxprov.conf       \
-       indications.conf logger.conf manager.conf meetme.conf           \
-       minivm.conf modules.conf motif.conf musiconhold.conf            \
-       ooh323.conf phoneprov.conf pjproject.conf pjsip.conf            \
-       pjsip_notify.conf pjsip_wizard.conf prometheus.conf             \
+       chan_dahdi.conf chan_mobile.conf chan_websocket.conf cli.conf   \
+       cli_aliases.conf cli_permissions.conf codecs.conf               \
+       confbridge.conf config_test.conf console.conf dbsep.conf        \
+       dnsmgr.conf dsp.conf dundi.conf enum.conf extconfig.conf        \
+       extensions.ael   extensions.conf extensions.lua                 \
+       extensions_minivm.conf   features.conf festival.conf            \
+       followme.conf func_odbc.conf geolocation.conf hep.conf          \
+       http.conf iax.conf iaxprov.conf indications.conf logger.conf    \
+       manager.conf meetme.conf minivm.conf modules.conf motif.conf    \
+       musiconhold.conf ooh323.conf phoneprov.conf pjproject.conf      \
+       pjsip.conf pjsip_notify.conf pjsip_wizard.conf prometheus.conf  \
        queuerules.conf queues.conf res_config_mysql.conf               \
        res_config_odbc.conf res_config_sqlite3.conf res_corosync.conf  \
        res_curl.conf res_fax.conf res_http_media_cache.conf            \
@@ -265,6 +264,9 @@ post-install:
        ${INSTALL_DATA} ${WRKSRC}/ChangeLogs/ChangeLog-22.5.2.md ${DESTDIR}${PREFIX}/share/doc/${PKGBASE}
        ${INSTALL_DATA} ${WRKSRC}/ChangeLogs/ChangeLog-22.6.0.md ${DESTDIR}${PREFIX}/share/doc/${PKGBASE}
        ${INSTALL_DATA} ${WRKSRC}/ChangeLogs/ChangeLog-22.7.0.md ${DESTDIR}${PREFIX}/share/doc/${PKGBASE}
+       ${INSTALL_DATA} ${WRKSRC}/ChangeLogs/ChangeLog-22.8.0.md ${DESTDIR}${PREFIX}/share/doc/${PKGBASE}
+       ${INSTALL_DATA} ${WRKSRC}/ChangeLogs/ChangeLog-22.8.1.md ${DESTDIR}${PREFIX}/share/doc/${PKGBASE}
+       ${INSTALL_DATA} ${WRKSRC}/ChangeLogs/ChangeLog-22.8.2.md ${DESTDIR}${PREFIX}/share/doc/${PKGBASE}
        ${INSTALL_DATA} ${WRKSRC}/ChangeLogs/ChangeLog-22.3.0.html ${DESTDIR}${PREFIX}/share/doc/${PKGBASE}
        ${INSTALL_DATA} ${WRKSRC}/ChangeLogs/ChangeLog-22.4.0.html ${DESTDIR}${PREFIX}/share/doc/${PKGBASE}
        ${INSTALL_DATA} ${WRKSRC}/ChangeLogs/ChangeLog-22.5.0.html ${DESTDIR}${PREFIX}/share/doc/${PKGBASE}
@@ -272,6 +274,9 @@ post-install:
        ${INSTALL_DATA} ${WRKSRC}/ChangeLogs/ChangeLog-22.5.2.html ${DESTDIR}${PREFIX}/share/doc/${PKGBASE}
        ${INSTALL_DATA} ${WRKSRC}/ChangeLogs/ChangeLog-22.6.0.html ${DESTDIR}${PREFIX}/share/doc/${PKGBASE}
        ${INSTALL_DATA} ${WRKSRC}/ChangeLogs/ChangeLog-22.7.0.html ${DESTDIR}${PREFIX}/share/doc/${PKGBASE}
+       ${INSTALL_DATA} ${WRKSRC}/ChangeLogs/ChangeLog-22.8.0.html ${DESTDIR}${PREFIX}/share/doc/${PKGBASE}
+       ${INSTALL_DATA} ${WRKSRC}/ChangeLogs/ChangeLog-22.8.1.html ${DESTDIR}${PREFIX}/share/doc/${PKGBASE}
+       ${INSTALL_DATA} ${WRKSRC}/ChangeLogs/ChangeLog-22.8.2.html ${DESTDIR}${PREFIX}/share/doc/${PKGBASE}
        ${INSTALL_DATA} ${WRKSRC}/LICENSE ${DESTDIR}${PREFIX}/share/doc/${PKGBASE}
        ${INSTALL_DATA} ${WRKSRC}/README-SERIOUSLY.bestpractices.md ${DESTDIR}${PREFIX}/share/doc/${PKGBASE}
        ${INSTALL_DATA} ${WRKSRC}/README.md ${DESTDIR}${PREFIX}/share/doc/${PKGBASE}

Index: pkgsrc/comms/asterisk22/PLIST
diff -u pkgsrc/comms/asterisk22/PLIST:1.6 pkgsrc/comms/asterisk22/PLIST:1.7
--- pkgsrc/comms/asterisk22/PLIST:1.6   Mon Dec  1 04:01:41 2025
+++ pkgsrc/comms/asterisk22/PLIST       Mon Feb 16 03:21:59 2026
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.6 2025/12/01 04:01:41 jnemeth Exp $
+@comment $NetBSD: PLIST,v 1.7 2026/02/16 03:21:59 jnemeth Exp $
 lib/asterisk/libasteriskpj.so
 lib/asterisk/libasteriskpj.so.2
 lib/asterisk/modules/app_adsiprog.so
@@ -2334,6 +2334,12 @@ share/doc/asterisk/ChangeLog-22.6.0.html
 share/doc/asterisk/ChangeLog-22.6.0.md
 share/doc/asterisk/ChangeLog-22.7.0.html
 share/doc/asterisk/ChangeLog-22.7.0.md
+share/doc/asterisk/ChangeLog-22.8.0.html
+share/doc/asterisk/ChangeLog-22.8.0.md
+share/doc/asterisk/ChangeLog-22.8.1.html
+share/doc/asterisk/ChangeLog-22.8.1.md
+share/doc/asterisk/ChangeLog-22.8.2.html
+share/doc/asterisk/ChangeLog-22.8.2.md
 share/doc/asterisk/IAX2-security.pdf
 share/doc/asterisk/IAX2-security.txt
 share/doc/asterisk/LICENSE
@@ -2373,6 +2379,7 @@ share/examples/asterisk/cel_sqlite3_cust
 share/examples/asterisk/cel_tds.conf
 share/examples/asterisk/chan_dahdi.conf
 share/examples/asterisk/chan_mobile.conf
+share/examples/asterisk/chan_websocket.conf
 share/examples/asterisk/cli.conf
 share/examples/asterisk/cli_aliases.conf
 share/examples/asterisk/cli_permissions.conf

Index: pkgsrc/comms/asterisk22/distinfo
diff -u pkgsrc/comms/asterisk22/distinfo:1.7 pkgsrc/comms/asterisk22/distinfo:1.8
--- pkgsrc/comms/asterisk22/distinfo:1.7        Mon Dec  1 04:01:41 2025
+++ pkgsrc/comms/asterisk22/distinfo    Mon Feb 16 03:21:59 2026
@@ -1,17 +1,17 @@
-$NetBSD: distinfo,v 1.7 2025/12/01 04:01:41 jnemeth Exp $
+$NetBSD: distinfo,v 1.8 2026/02/16 03:21:59 jnemeth Exp $
 
-BLAKE2s (asterisk-22.7.0/asterisk-22.7.0.tar.gz) = c8e4993865b2ef2986d04ac9e4b066279cf1457198357cf38e08d479b39b360b
-SHA512 (asterisk-22.7.0/asterisk-22.7.0.tar.gz) = fd5fd9613d87f451e66f2e22aed9a5f972835abb107c8696e3cb081b508871fb3b150e7e045624c1456eebe4f5d5c99063b75a67acbce2e8c0b5cf42e6f231b1
-Size (asterisk-22.7.0/asterisk-22.7.0.tar.gz) = 26465168 bytes
-BLAKE2s (asterisk-22.7.0/asterisk-extra-sounds-en-gsm-1.5.2.tar.gz) = 3f7e5fe212d7e7cdca14c52527a2552311ab7762c3f1464b09ddedc7c66aebde
-SHA512 (asterisk-22.7.0/asterisk-extra-sounds-en-gsm-1.5.2.tar.gz) = 3f2f7bf3d5bce3544bc013f913c352f0204a3ce96239987403eb9dce8bc87e64a61d437762323a422a87b2fad1f3bf3e7a5f3d0d340f912a1b1dbfea9479d41d
-Size (asterisk-22.7.0/asterisk-extra-sounds-en-gsm-1.5.2.tar.gz) = 4253587 bytes
-BLAKE2s (asterisk-22.7.0/pjproject-2.15.1.md5) = 1bdb00828816aff69f43eaacd084bd7d0a48670af33110bd0cd6325ead45aa48
-SHA512 (asterisk-22.7.0/pjproject-2.15.1.md5) = 75963b64e702a5810fd5b8b574a07396cab1a87543d806135e7a9b9762d35129354f99283252f40ad75a6a94cd1921f164ed8e63174de0c5430e5c6913d21744
-Size (asterisk-22.7.0/pjproject-2.15.1.md5) = 172 bytes
-BLAKE2s (asterisk-22.7.0/pjproject-2.15.1.tar.bz2) = 2bcb38884531f0be966c78b6bac45ac63d8c612c060da91c584d192fe0fdf9cd
-SHA512 (asterisk-22.7.0/pjproject-2.15.1.tar.bz2) = c080eb44b49fccadb1c76ff2b3221935b0d531a1e2087b47c21b4ec2cdd8ee0e62b13c334495c9c759b348a0792204611987089a6aa6264999f0116aec8dbdfd
-Size (asterisk-22.7.0/pjproject-2.15.1.tar.bz2) = 8492214 bytes
+BLAKE2s (asterisk-22.8.2/asterisk-22.8.2.tar.gz) = db04a51d5e93ad0b822db77f08b2f5b606c255dc8cf46f20ea4d83fcec1d8f6f
+SHA512 (asterisk-22.8.2/asterisk-22.8.2.tar.gz) = 5cc8875554d3214b9d5191565cc48eacd2004e1aae0941fde46548ddc8098015199646077526cc1863953857ac75db7b7806064b1fa2fcdf29d9842d2a9c060e
+Size (asterisk-22.8.2/asterisk-22.8.2.tar.gz) = 26523526 bytes
+BLAKE2s (asterisk-22.8.2/asterisk-extra-sounds-en-gsm-1.5.2.tar.gz) = 3f7e5fe212d7e7cdca14c52527a2552311ab7762c3f1464b09ddedc7c66aebde
+SHA512 (asterisk-22.8.2/asterisk-extra-sounds-en-gsm-1.5.2.tar.gz) = 3f2f7bf3d5bce3544bc013f913c352f0204a3ce96239987403eb9dce8bc87e64a61d437762323a422a87b2fad1f3bf3e7a5f3d0d340f912a1b1dbfea9479d41d
+Size (asterisk-22.8.2/asterisk-extra-sounds-en-gsm-1.5.2.tar.gz) = 4253587 bytes
+BLAKE2s (asterisk-22.8.2/pjproject-2.15.1.md5) = 1bdb00828816aff69f43eaacd084bd7d0a48670af33110bd0cd6325ead45aa48
+SHA512 (asterisk-22.8.2/pjproject-2.15.1.md5) = 75963b64e702a5810fd5b8b574a07396cab1a87543d806135e7a9b9762d35129354f99283252f40ad75a6a94cd1921f164ed8e63174de0c5430e5c6913d21744
+Size (asterisk-22.8.2/pjproject-2.15.1.md5) = 172 bytes
+BLAKE2s (asterisk-22.8.2/pjproject-2.15.1.tar.bz2) = 2bcb38884531f0be966c78b6bac45ac63d8c612c060da91c584d192fe0fdf9cd
+SHA512 (asterisk-22.8.2/pjproject-2.15.1.tar.bz2) = c080eb44b49fccadb1c76ff2b3221935b0d531a1e2087b47c21b4ec2cdd8ee0e62b13c334495c9c759b348a0792204611987089a6aa6264999f0116aec8dbdfd
+Size (asterisk-22.8.2/pjproject-2.15.1.tar.bz2) = 8492214 bytes
 SHA1 (patch-Makefile) = 5cf3b6937ec23a82e4d056b91e493a36bc1089b9
 SHA1 (patch-addons_chan__ooh323.c) = 1775da7ca2129a962ed460bd1e78ba3ce6afa62c
 SHA1 (patch-apps_app__adsiprog.c) = 031139e5cd1ef6bb2afb0a74fee3d752eded0a2c



Home | Main Index | Thread Index | Old Index