pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/comms/asterisk18



Module Name:    pkgsrc
Committed By:   jnemeth
Date:           Thu Mar 22 03:43:42 UTC 2012

Modified Files:
        pkgsrc/comms/asterisk18: Makefile PLIST distinfo options.mk
        pkgsrc/comms/asterisk18/patches: patch-aq patch-bl

Log Message:
Update to 1.8.10.1:  this fixes AST-2012-002 and AST-2012-003.

pkgsrc changes: adapt to having iLBC coded included in the asterisk
tarball and newer version of sounds tarball.

----- 1.8.10.0 -----

The Asterisk Development Team has announced the release of Asterisk 1.8.10.0.

The release of Asterisk 1.8.10.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!

The following is a sample of the issues resolved in this release:

* --- Prevent outbound SIP NOTIFY packets from displaying a port of 0 ---

* --- Include iLBC source code for distribution with Asterisk ---

* --- Fix callerid of originated calls ---

* --- Fix outbound DTMF for inband mode of chan_ooh323 ---

* --- Create and initialize udptl only when dialog requests image media ---

* --- Don't prematurely stop SIP session timer ---

For a full list of changes in this release, please see the ChangeLog:

http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.10.0

Thank you for your continued support of Asterisk!

----- 1.8.10.1 -----

The Asterisk Development Team has announced security releases for
Asterisk 1.4, 1.6.2, 1.8, and 10. The available security releases
are released as versions 1.4.44, 1.6.2.23, 1.8.10.1, and 10.2.1.

The release of Asterisk 1.8.10.1 and 10.2.1 resolve two issues.
First, they resolve the issue in app_milliwatt, wherein a buffer
can potentially be overrun on the stack, but no remote code execution
is possible.  Second, they resolve an issue in HTTP AMI where digest
authentication information can be used to overrun a buffer on the
stack, allowing for code injection and execution.

These issues and their resolution are described in the security
advisory.

For more information about the details of these vulnerabilities,
please read the security advisories AST-2012-002 and AST-2012-003,
which were released at the same time as this announcement.

For a full list of changes in the current releases, please see the ChangeLogs:

http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.10.1

The security advisories are available at:

 * http://downloads.asterisk.org/pub/security/AST-2012-002.pdf
 * http://downloads.asterisk.org/pub/security/AST-2012-003.pdf

Thank you for your continued support of Asterisk!


To generate a diff of this commit:
cvs rdiff -u -r1.27 -r1.28 pkgsrc/comms/asterisk18/Makefile
cvs rdiff -u -r1.13 -r1.14 pkgsrc/comms/asterisk18/PLIST
cvs rdiff -u -r1.22 -r1.23 pkgsrc/comms/asterisk18/distinfo
cvs rdiff -u -r1.8 -r1.9 pkgsrc/comms/asterisk18/options.mk
cvs rdiff -u -r1.7 -r1.8 pkgsrc/comms/asterisk18/patches/patch-aq
cvs rdiff -u -r1.1 -r1.2 pkgsrc/comms/asterisk18/patches/patch-bl

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.




Home | Main Index | Thread Index | Old Index