kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
pkgsrc/comms
History
jnemeth e22ff5c255 Update to 1.8.2.2 
This is to fix AST-2011-001: Stack buffer overflow in SIP channel driver

               Asterisk Project Security Advisory - AST-2011-001

         Product        Asterisk
         Summary        Stack buffer overflow in SIP channel driver
    Nature of Advisory  Exploitable Stack Buffer Overflow
      Susceptibility    Remote Authenticated Sessions
         Severity       Moderate
      Exploits Known    No
       Reported On      January 11, 2011
       Reported By      Matthew Nicholson
        Posted On       January 18, 2011
     Last Updated On    January 18, 2011
     Advisory Contact   Matthew Nicholson <mnicholson at digium.com>
         CVE Name

   Description When forming an outgoing SIP request while in pedantic mode, a
               stack buffer can be made to overflow if supplied with
               carefully crafted caller ID information. This vulnerability
               also affects the URIENCODE dialplan function and in some
               versions of asterisk, the AGI dialplan application as well.
               The ast_uri_encode function does not properly respect the size
               of its output buffer and can write past the end of it when
               encoding URIs.

For full details, see:

http://downloads.digium.com/pub/security/AST-2011-001.html
2011-01-21 07:00:43 +00:00
..
asterisk Recursive PKGREVISION bump for jpeg update to 8. 2010-01-17 12:02:03 +00:00
asterisk-sounds-de-x9media Change default for zip extraction to leave files as they are. 2009-08-25 11:56:34 +00:00
asterisk-sounds-extra add a conflict with asterisk >= 1.6.2 as that will include the extra sounds 2010-09-22 02:25:12 +00:00
asterisk-sounds-native Fix installation due to missing directories and add DESTDIR support. 2007-06-29 22:54:06 +00:00
asterisk16 Update to 1.6.2.16.1 2011-01-21 05:13:12 +00:00
asterisk18 Update to 1.8.2.2 2011-01-21 07:00:43 +00:00
binkd Use new ${LP64PLATFORMS} variable to restrict platforms instead of manual 2010-01-07 07:36:53 +00:00
birda Mark packages as MAKE_JOBS_SAFE=no that failed in a bulk build with 2009-06-30 00:07:09 +00:00
bthfp Use standard location for LICENSE line (in MAINTAINER/HOMEPAGE/COMMENT 2009-05-19 08:59:00 +00:00
conserver Add comment, using commit message. 2010-08-02 07:05:09 +00:00
conserver8 ftp.conserver.com re-directs to a machine that does not run an ftp 2010-12-06 10:59:10 +00:00
dl-ezkit Mechanical changes to add full DESTDIR support to packages that install 2008-03-03 05:33:32 +00:00
efax Add -dMaxStripSize=0 to default ghostscript command line in efax.rc 2010-06-03 12:53:47 +00:00
efax-gtk png shlib name changed for png>=1.5.0, so bump PKGREVISIONs. 2011-01-13 13:36:05 +00:00
estic Remove @dirrm entries from PLISTs 2009-06-14 17:38:38 +00:00
fidogate Needs group early during installation 2010-06-19 12:18:51 +00:00
gammu Follow HTTP redirects to new HOMEPAGEs and/or MASTER_SITES. 2010-11-13 21:08:54 +00:00
gkermit Remove @dirrm entries from PLISTs 2009-06-14 17:38:38 +00:00
gnome-pilot png shlib name changed for png>=1.5.0, so bump PKGREVISIONs. 2011-01-13 13:36:05 +00:00
gscmxx Bump the PKGREVISION for all packages which depend directly on perl, 2010-08-21 16:32:42 +00:00
gsmlib DESTDIR support 2010-01-29 16:27:13 +00:00
hylafax Mechanically replace references to graphics/jpeg with the suitable 2010-12-23 11:44:24 +00:00
jpilot png shlib name changed for png>=1.5.0, so bump PKGREVISIONs. 2011-01-13 13:36:05 +00:00
jpilot-syncmal png shlib name changed for png>=1.5.0, so bump PKGREVISIONs. 2011-01-13 13:36:05 +00:00
kermit Recursive PKGREVISION bump for jpeg update to 8. 2010-01-17 12:02:03 +00:00
kyopon Fix build on netbsd-5+, DESTDIR support. 2008-12-19 09:35:14 +00:00
libmal update master_sites. 2010-01-31 21:34:39 +00:00
libopensync Remove @dirrm entries from PLISTs 2009-06-14 17:38:38 +00:00
libopensync-plugin-evolution2 Bump PKGREVISION for libpng shlib name change. 2010-06-13 22:43:46 +00:00
libopensync-plugin-file Mark as destdir ready. 2008-07-14 12:55:56 +00:00
libopensync-plugin-kdepim png shlib name changed for png>=1.5.0, so bump PKGREVISIONs. 2011-01-13 13:36:05 +00:00
libopensync-plugin-syncml Remove @dirrm entries from PLISTs 2009-06-14 17:38:38 +00:00
libsyncml Remove @dirrm entries from PLISTs 2009-06-14 17:38:38 +00:00
lrzsz Convert to user-destdir. 2009-08-29 11:33:14 +00:00
malsync Remove @dirrm entries from PLISTs 2009-06-14 17:38:38 +00:00
mgetty+sendfax png shlib name changed for png>=1.5.0, so bump PKGREVISIONs. 2011-01-13 13:36:05 +00:00
minicom sort 2009-11-16 10:39:10 +00:00
modemd Include <stdlib.h> not only NetBSD. 2010-12-30 09:02:51 +00:00
msynctool Mark as destdir ready. 2008-07-14 12:55:56 +00:00
multisync-gui png shlib name changed for png>=1.5.0, so bump PKGREVISIONs. 2011-01-13 13:36:05 +00:00
obexapp update rc.d script: it is now optional to specify the RFCOMM channel 2010-12-01 19:28:25 +00:00
obexftp Bluetooth support for DragonFly. Bump PKGREVISION. PR pkg/41640. 2009-07-20 05:56:02 +00:00
op_panel Remove @dirrm entries from PLISTs 2009-06-14 17:38:38 +00:00
openobex MASTER_SITES=http://www.kernel.org/pub/linux/bluetooth/ 2009-08-09 08:00:46 +00:00
p5-Asterisk Bump the PKGREVISION for all packages which depend directly on perl, 2010-08-21 16:32:42 +00:00
p5-Device-Gsm Update to 1.56: 2010-12-02 12:07:59 +00:00
p5-Device-Modem Update to 1.53: 2010-09-06 10:51:56 +00:00
p5-Device-SerialPort Bump the PKGREVISION for all packages which depend directly on perl, 2010-08-21 16:32:42 +00:00
p5-pilot-link png shlib name changed for png>=1.5.0, so bump PKGREVISIONs. 2011-01-13 13:36:05 +00:00
pilot-link png shlib name changed for png>=1.5.0, so bump PKGREVISIONs. 2011-01-13 13:36:05 +00:00
pilot-link-libs Update to 0.12.4: 2009-08-09 08:36:34 +00:00
pilotmgr Remove @dirrm entries from PLISTs 2009-06-14 17:38:38 +00:00
plp Remove @dirrm entries from PLISTs 2009-06-14 17:38:38 +00:00
py-gammu Remove @dirrm entries from PLISTs 2009-06-14 17:38:38 +00:00
qpage DESTDIR support 2010-01-29 16:38:20 +00:00
ruby-termios Update comms/ruby-termios package to 0.9.6 2010-09-10 04:01:36 +00:00
scmxx PKG_DESTDIR_SUPPORT 2009-12-17 21:56:22 +00:00
snooper PKG_DESTDIR_SUPPORT 2009-12-17 21:43:16 +00:00
synce-dccm Add DESTDIR support. 2008-06-20 01:09:05 +00:00
synce-librapi2 Simply and speed up buildlink3.mk files and processing. 2009-03-20 19:23:50 +00:00
synce-libsynce Simply and speed up buildlink3.mk files and processing. 2009-03-20 19:23:50 +00:00
synce-rra Remove @dirrm entries from PLISTs 2009-06-14 17:38:38 +00:00
synce-serial Remove @dirrm entries from PLISTs 2009-06-14 17:38:38 +00:00
tkhylafax DESTDIR support 2010-01-29 16:38:20 +00:00
tn3270 Add a workaround for DragonFly arpa/telnet.h. 2010-12-30 09:22:43 +00:00
xisp remove dead mirror. 2010-04-17 15:48:22 +00:00
xtel Mechanically replace references to graphics/jpeg with the suitable 2010-12-23 11:44:24 +00:00
zaptel-netbsd this doesn't work on NetBSD 5+ (not even sure it will work on NetBSD 4+) 2010-03-07 23:56:17 +00:00
Makefile add and enable asterisk18 2010-12-15 03:27:39 +00:00