54d7eb748f
This release contains a fix for a security vulnerability recently found in the chan_skinny channel driver (for Cisco SCCP phones). This vulnerability would enable an attacker to remotely execute code as the system user running Asterisk (frequently 'root'). The exploit does not require that the skinny.conf contain any valid phone entries, only that chan_skinny is loaded and operational. This release also contains a number of bug fixes, and some improvements to the chan_sip channel driver (for SIP devices) to mitigate the impacts of a certain class of denial-of-service attacks that have recently been published. All Asterisk 1.2 users are urged to update to this release if they use the chan_skinny channel driver, or to stop loading it if it is not needed ('noload=>chan_skinny.so' in modules.conf will cause this behavior).
18 lines
1,018 B
Text
18 lines
1,018 B
Text
$NetBSD: distinfo,v 1.21 2006/10/19 14:02:07 mjl Exp $
|
|
|
|
SHA1 (asterisk-1.2.13.tar.gz) = d2ec77e08f512a3fa11fd8639a7fe629a46ed242
|
|
RMD160 (asterisk-1.2.13.tar.gz) = 7cf9e00a0697b16891b463345c64a615c30015a3
|
|
Size (asterisk-1.2.13.tar.gz) = 10584113 bytes
|
|
SHA1 (patch-aa) = e457617cb3fbec6a67971258af145cc25f0ca03e
|
|
SHA1 (patch-ab) = 1bdae0ff206b63fe63373a307ecd23859c10cb79
|
|
SHA1 (patch-ac) = 4f783699c7d701030788646f8b961fa9245dc127
|
|
SHA1 (patch-ad) = fcd0fe88c5a527d7205344db83a8f195951acf45
|
|
SHA1 (patch-ae) = d3ff3a6e2340c53814d2e7ac97b798e9905a4c57
|
|
SHA1 (patch-af) = 393bfbe218e843039fc9f4bc59a42ba1b9e896bd
|
|
SHA1 (patch-ag) = 7adec0d05371f6ffa56e067770c04c8acec2d922
|
|
SHA1 (patch-ai) = 81c0ff8f8a273562a64ab7cfb301d578e18808e3
|
|
SHA1 (patch-aj) = 9111528ac9702040233308c655e5233120ee9bcf
|
|
SHA1 (patch-ak) = 3027134258138ca9163d9569548c7d4faffb874f
|
|
SHA1 (patch-al) = 1457c9a12eb5c5621eb244423c2190fb430866e7
|
|
SHA1 (patch-am) = a652b091462673390e19ab47e17500d055779094
|
|
SHA1 (patch-an) = 5bfb86853e868bc78eb0061871f4abce0df1ba2c
|