kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
Automatic conversion of the NetBSD pkgsrc CVS module, use with care
172963 commits 166 branches 0 tags 1.5 GiB
Makefile 45.1%
C 34.4%
C++ 5.5%
Shell 4.2%
Roff 3.3%
Other 6.8%
Find a file
jnemeth 125c097b80 Update to Asterisk 1.8.4.4 (fixes AST-2011-011): 
Asterisk Project Security Advisory - AST-2011-011

   +------------------------------------------------------------------------+
   |      Product       | Asterisk                                          |
   |--------------------+---------------------------------------------------|
   |      Summary       | Possible enumeration of SIP users due to          |
   |                    | differing authentication responses                |
   |--------------------+---------------------------------------------------|
   | Nature of Advisory | Unauthorized data disclosure                      |
   |--------------------+---------------------------------------------------|
   |   Susceptibility   | Remote unauthenticated sessions                   |
   |--------------------+---------------------------------------------------|
   |      Severity      | Moderate                                          |
   |--------------------+---------------------------------------------------|
   |   Exploits Known   | No                                                |
   |--------------------+---------------------------------------------------|
   |      CVE Name      | CVE-2011-2536                                     |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   | Description | Asterisk may respond differently to SIP requests from an |
   |             | invalid SIP user than it does to a user configured on    |
   |             | the system, even when the alwaysauthreject option is set |
   |             | in the configuration. This can leak information about    |
   |             | what SIP users are valid on the Asterisk system.         |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   | Resolution | Respond to SIP requests from invalid and valid SIP users  |
   |            | in the same way. Asterisk 1.4 and 1.6.2 do not respond    |
   |            | identically by default due to backward-compatibility      |
   |            | reasons, and must have alwaysauthreject=yes set in        |
   |            | sip.conf. Asterisk 1.8 defaults to alwaysauthreject=yes.  |
   |            |                                                           |
   |            | IT IS ABSOLUTELY IMPERATIVE that users of Asterisk 1.4    |
   |            | and 1.6.2 set alwaysauthreject=yes in the general section |
   |            | of sip.conf.                                              |
   +------------------------------------------------------------------------+
2011-07-05 08:42:56 +00:00
archivers Changes 5.0.3: 2011-06-15 11:43:12 +00:00
audio Update distinfo after patches/patch-cmake_modules_FindTagLib.cmake has 2011-07-05 04:09:05 +00:00
benchmarks Add trivial patch to makefile, now passes MAKE_JOBS=4. 2011-05-28 23:02:33 +00:00
biology recursive bump from gettext-lib shlib bump. 2011-04-22 13:41:54 +00:00
bootstrap order the options alphabetically - makes it much easier to see what options 2011-06-12 17:46:02 +00:00
cad Explicitly disable groff configure test, so the html man pages don't 2011-06-19 06:37:44 +00:00
chat check-interpreter fix. 2011-07-04 21:22:46 +00:00
comms Update to Asterisk 1.8.4.4 (fixes AST-2011-011): 2011-07-05 08:42:56 +00:00
converters Add and enable ruby-Ascii85. 2011-06-19 14:17:51 +00:00
cross * set LICENSE (gnu-gpl-v2 AND gnu-lgpl-v2). 2011-04-16 07:47:00 +00:00
databases /usr/bin/env cleanup 2011-07-03 05:53:08 +00:00
devel Add xf86dgaproto to hopefully fix -5 native X failure. 2011-07-05 01:33:25 +00:00
distfiles
doc openssl security fix 2011-07-04 14:49:45 +00:00
editors check-interpreter fix. 2011-07-04 22:23:12 +00:00
emulators Add xf86dgaproto to hopefully fix -5 native X failure. 2011-07-05 01:33:25 +00:00
filesystems Restore a missing patch so that accessing some file cannot produce 2011-06-29 13:53:01 +00:00
finance Update ruby-activemerchant package to 1.15.0. 2011-06-19 08:15:29 +00:00
fonts Update to 0.428 2011-06-19 16:50:14 +00:00
games Add libXxf86dga and libXxf86vm and their *proto, because it wants them 2011-07-05 03:44:06 +00:00
geography Remove the part from patch-ac that modifies interpreter path. Not needed. 2011-07-03 21:42:24 +00:00
graphics Fix build with current png and gtk2. Fix patch-aa to not (inadvertently?) 2011-07-05 04:28:34 +00:00
ham /usr/bin/env cleanup 2011-07-03 07:00:14 +00:00
inputmethod Update ibus-skk to 1.3.6. 2011-06-12 12:56:27 +00:00
lang The "aot-compile" script uses python, so depend on python and deploy 2011-07-05 00:28:33 +00:00
licenses Add amaya's license, which is BSD except for an anomalous clause about 2011-07-02 22:21:01 +00:00
mail LICENSE=gnu-gpl-v2 2011-07-03 11:47:50 +00:00
math Add missing LICENSE. 2011-06-29 21:18:08 +00:00
mbone Remove patch hunks that disable --recheck in GNU configure scripts. 2011-01-25 22:22:13 +00:00
meta-pkgs Accept python 27 and 26, because just not accept 24 from py-gtk2. 2011-06-14 11:25:57 +00:00
misc check-interpreter fix. 2011-07-03 16:27:14 +00:00
mk Add php license to DEFAULT_ACCEPTABLE_LICENSES. 2011-06-24 12:00:37 +00:00
multimedia Bump PKGREVISION (to 18) for previous. 2011-07-05 03:27:49 +00:00
net Another one that installs perl scripts and uses REPLACE_PERL without 2011-07-05 01:14:20 +00:00
news Update pan to 0.135. 2011-06-17 13:07:53 +00:00
packages
parallel If it's going to install tcl scripts, and use REPLACE_INTERPRETER on them, 2011-07-05 01:30:52 +00:00
pkgtools Add "php" to default_acceptable_licenses. 2011-06-29 03:16:27 +00:00
print check-interpreter fix. Use subst.mk for substitution. 2011-07-03 20:44:45 +00:00
regress Reset maintainer, developer lost his commit bit. 2010-03-21 16:29:38 +00:00
security Fix broken build. Needs explicit -lgcrypt. Add comment to patch-aa. 2011-07-05 05:02:10 +00:00
shells Fix typo. 2011-06-17 14:02:21 +00:00
sysutils PR/34029 -- gtar is probably not required any more. 2011-07-03 13:59:53 +00:00
templates Tell users to use "pkg_admin audit" instead of audit-packages. 2010-03-18 10:18:19 +00:00
textproc check-interpreter fix. Add patch-aa for dblatex interpreter fix, see 2011-07-04 23:08:22 +00:00
time Update ruby-tzinfo package to 0.3.29. (a leaf package) 2011-07-01 03:31:01 +00:00
wm Add upstream bug report. 2011-06-18 15:34:08 +00:00
www Set DIST_SUBDIR. For some reason upstream reissued the same tarball with 2011-07-03 19:49:37 +00:00
x11 add more REPLACE_PERL 2011-07-03 21:40:44 +00:00
Makefile
pkglocate Fix PR 39648: 2010-11-11 19:56:34 +00:00
README

README 

$NetBSD: README,v 1.18 2005/05/07 22:18:28 wiz Exp $

Please see doc/pkgsrc.txt for information.