CVS commit: pkgsrc/comms/asterisk10

["John Nemeth" <jnemeth%netbsd.org@localhost>]

Module Name:    pkgsrc
Committed By:   jnemeth
Date:           Fri Jun 15 06:05:47 UTC 2012

Modified Files:
        pkgsrc/comms/asterisk10: Makefile distinfo

Log Message:
Update to Asterisk 10.5.1:  this fixes AST-2012-009.

The Asterisk Development Team has announced a security release for
Asterisk 10.  This security release is released as version 10.5.1.

The release is available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk/releases

The release of Asterisk 10.5.1 resolves the following issue:

* A remotely exploitable crash vulnerability was found in the Skinny
  (SCCP) Channel driver. When an SCCP client sends an Off Hook
  message, followed by a Key Pad Button Message, a structure that
  was previously set to NULL is dereferenced.  This allows remote
  authenticated connections the ability to cause a crash in the
  server, denying services to legitimate users.

This issue and its resolution is described in the security advisory.

For more information about the details of this vulnerability, please
read security advisory AST-2012-009, which was released at the same
time as this announcement.

For a full list of changes in the current releases, please see the
ChangeLog:

http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.5.1

The security advisory is available at:

 * http://downloads.asterisk.org/pub/security/AST-2012-009.pdf

Thank you for your continued support of Asterisk!


To generate a diff of this commit:
cvs rdiff -u -r1.18 -r1.19 pkgsrc/comms/asterisk10/Makefile
cvs rdiff -u -r1.13 -r1.14 pkgsrc/comms/asterisk10/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.