pkgsrc/comms
jnemeth 5c0d086acc This update is to fix AST-2011-013 and AST-2011-014.
Asterisk Project Security Advisory - AST-2011-013

         Product        Asterisk
         Summary        Possible remote enumeration of SIP endpoints with
                        differing NAT settings
    Nature of Advisory  Unauthorized data disclosure
      Susceptibility    Remote unauthenticated sessions
         Severity       Minor
      Exploits Known    Yes
       Reported On      2011-07-18
       Reported By      Ben Williams
        Posted On
     Last Updated On    December 7, 2011
     Advisory Contact   Terry Wilson <twilson at digium.com>

         CVE Name

    Description  It is possible to enumerate SIP usernames when the general
                 and user/peer NAT settings differ in whether to respond to
                 the port a request is sent from or the port listed for
                 responses in the Via header. In 1.4 and 1.6.2, this would
                 mean if one setting was nat=yes or nat=route and the other
                 was either nat=no or nat=never. In 1.8 and 10, this would
                 mean when one was nat=force_rport or nat=yes and the other
                 was nat=no or nat=comedia.

    Resolution  Handling NAT for SIP over UDP requires the differing
                behavior introduced by these options.

                To lessen the frequency of unintended username disclosure,
                the default NAT setting was changed to always respond to the
                port from which we received the request-the most commonly
                used option.

                Warnings were added on startup to inform administrators of
                the risks of having a SIP peer configured with a different
                setting than that of the general setting. The documentation
                now strongly suggests that peers are no longer configured
                for NAT individually, but through the global setting in the
                "general" context.

                               Affected Versions
                Product              Release Series
         Asterisk Open Source             All        All versions

                                  Corrected In
     As this is more of an issue with SIP over UDP in general, there is no
     fix supplied other than documentation on how to avoid the problem. The
        default NAT setting has been changed to what we believe the most
      commonly used setting for the respective version in Asterisk 1.4.43,
                             1.6.2.21, and 1.8.7.2.

            Links

    Asterisk Project Security Advisories are posted at
    http://www.asterisk.org/security

    This document may be superseded by later versions; if so, the latest
    version will be posted at
    http://downloads.digium.com/pub/security/AST-2011-013.pdf and
    http://downloads.digium.com/pub/security/AST-2011-013.html

                                Revision History
           Date                 Editor                 Revisions Made

               Asterisk Project Security Advisory - AST-2011-013
              Copyright (c) 2011 Digium, Inc. All Rights Reserved.
  Permission is hereby granted to distribute and publish this advisory in its
                           original, unaltered form.

     __________________________________________________________________

               Asterisk Project Security Advisory - AST-2011-014

         Product        Asterisk
         Summary        Remote crash possibility with SIP and the "automon"
                        feature enabled
    Nature of Advisory  Remote crash vulnerability in a feature that is
                        disabled by default
      Susceptibility    Remote unauthenticated sessions
         Severity       Moderate
      Exploits Known    Yes
       Reported On      November 2, 2011
       Reported By      Kristijan Vrban
        Posted On       2011-11-03
     Last Updated On    December 7, 2011
     Advisory Contact   Terry Wilson <twilson at digium.com>

         CVE Name

    Description  When the "automon" feature is enabled in features.conf, it
                 is possible to send a sequence of SIP requests that cause
                 Asterisk to dereference a NULL pointer and crash.

    Resolution  Applying the referenced patches that check that the pointer
                is not NULL before accessing it will resolve the issue. The
                "automon" feature can be disabled in features.conf as a
                workaround.

                               Affected Versions
                Product              Release Series
         Asterisk Open Source           1.6.2.x      All versions
         Asterisk Open Source            1.8.x       All versions

                                  Corrected In
                   Product                              Release
            Asterisk Open Source                   1.6.2.21, 1.8.7.2

                                     Patches
                              Download URL                            Revision
   http://downloads.asterisk.org/pub/security/AST-2011-014-1.6.2.diff 1.6.2.20
   http://downloads.asterisk.org/pub/security/AST-2011-014-1.8.diff   1.8.7.1

            Links

    Asterisk Project Security Advisories are posted at
    http://www.asterisk.org/security

    This document may be superseded by later versions; if so, the latest
    version will be posted at
    http://downloads.digium.com/pub/security/AST-2011-014.pdf and
    http://downloads.digium.com/pub/security/AST-2011-014.html

                                Revision History
           Date                 Editor                 Revisions Made

               Asterisk Project Security Advisory - AST-2011-014
              Copyright (c) 2011 Digium, Inc. All Rights Reserved.
  Permission is hereby granted to distribute and publish this advisory in its
                           original, unaltered form.
2011-12-12 06:52:40 +00:00
..
asterisk Remove zaptel option, zaptel-netbsd was removed. 2011-10-06 08:35:01 +00:00
asterisk-sounds-de-x9media Change default for zip extraction to leave files as they are. 2009-08-25 11:56:34 +00:00
asterisk-sounds-extra add a conflict with asterisk >= 1.6.2 as that will include the extra sounds 2010-09-22 02:25:12 +00:00
asterisk-sounds-native
asterisk16 This update fixes AST-2011-013 and AST-2011-014. It also adapts to changes 2011-12-12 05:05:33 +00:00
asterisk18 This update is to fix AST-2011-013 and AST-2011-014. 2011-12-12 06:52:40 +00:00
binkd format police 2011-04-07 13:18:23 +00:00
birda Add missing include 2011-09-25 19:40:28 +00:00
bthfp Use standard location for LICENSE line (in MAINTAINER/HOMEPAGE/COMMENT 2009-05-19 08:59:00 +00:00
conserver update master_sites. ftp service has been suspended. 2011-03-14 12:11:50 +00:00
conserver8 ftp.conserver.com re-directs to a machine that does not run an ftp 2010-12-06 10:59:10 +00:00
dl-ezkit Reset maintainer for retired developers. 2011-02-28 14:52:37 +00:00
efax Add -dMaxStripSize=0 to default ghostscript command line in efax.rc 2010-06-03 12:53:47 +00:00
efax-gtk Recursive bump for graphics/freetype2 buildlink addition. 2011-11-01 06:00:33 +00:00
estic Fix build with newer GCC 2011-11-27 19:36:09 +00:00
fidogate Needs group early during installation 2010-06-19 12:18:51 +00:00
gammu recursive bump from gettext-lib shlib bump. 2011-04-22 13:41:54 +00:00
gkermit Remove @dirrm entries from PLISTs 2009-06-14 17:38:38 +00:00
gnome-pilot Recursive bump for graphics/freetype2 buildlink addition. 2011-11-01 06:00:33 +00:00
gscmxx Revision bump after updating perl5 to 5.14.1. 2011-08-14 07:38:55 +00:00
gsmlib Fix build with newer GCC 2011-11-24 14:16:18 +00:00
hylafax Let to use new C++ style headers first for CXX runtime check, 2011-09-03 08:52:59 +00:00
jpilot Recursive bump for graphics/freetype2 buildlink addition. 2011-11-01 06:00:33 +00:00
jpilot-syncmal Recursive bump for graphics/freetype2 buildlink addition. 2011-11-01 06:00:33 +00:00
kermit 1) Add missing mk/curses buildlink. 2011-12-06 01:19:15 +00:00
kyopon Reset maintainer for retired developers. 2011-02-28 14:52:37 +00:00
libmal update master_sites. 2010-01-31 21:34:39 +00:00
libopensync Fix previous fix. 2011-11-30 23:48:18 +00:00
libopensync-plugin-evolution2 recursive bump from textproc/icu shlib major bump. 2011-06-10 09:39:41 +00:00
libopensync-plugin-file recursive bump from textproc/icu shlib major bump. 2011-06-10 09:39:41 +00:00
libopensync-plugin-kdepim Recursive bump for graphics/freetype2 buildlink addition. 2011-11-01 06:00:33 +00:00
libopensync-plugin-syncml recursive bump from textproc/icu shlib major bump. 2011-06-10 09:39:41 +00:00
libsyncml recursive bump from gettext-lib shlib bump. 2011-04-22 13:41:54 +00:00
lrzsz recursive bump from gettext-lib shlib bump. 2011-04-22 13:41:54 +00:00
malsync Remove @dirrm entries from PLISTs 2009-06-14 17:38:38 +00:00
mgetty+sendfax Uses chown during install phase, so ensure that the user/group exists 2011-09-24 19:30:40 +00:00
minicom Put <limits.h> back and fix PR#45540 2011-12-05 08:10:18 +00:00
modemd Fix various missing includes. 2011-11-25 21:34:34 +00:00
msynctool recursive bump from textproc/icu shlib major bump. 2011-06-10 09:39:41 +00:00
multisync-gui Recursive bump for graphics/freetype2 buildlink addition. 2011-11-01 06:00:33 +00:00
obexapp update to 1.4.15 2011-07-13 20:51:41 +00:00
obexftp Bluetooth support for DragonFly. Bump PKGREVISION. PR pkg/41640. 2009-07-20 05:56:02 +00:00
op_panel Remove @dirrm entries from PLISTs 2009-06-14 17:38:38 +00:00
openobex MASTER_SITES=http://www.kernel.org/pub/linux/bluetooth/ 2009-08-09 08:00:46 +00:00
p5-Asterisk Revision bump after updating perl5 to 5.14.1. 2011-08-14 07:38:55 +00:00
p5-Device-Gsm Update to 1.58: 2011-08-16 19:58:06 +00:00
p5-Device-Modem Update to 1.54: 2011-08-16 19:56:56 +00:00
p5-Device-SerialPort Add LICENSE. 2011-11-05 23:13:27 +00:00
p5-Device-XBee-API Update to Device-XBee-API version 0.4 2011-09-01 02:29:38 +00:00
p5-pilot-link Revision bump after updating perl5 to 5.14.1. 2011-08-14 07:38:55 +00:00
p5-SMS-Send Revision bump after updating perl5 to 5.14.1. 2011-08-14 07:38:55 +00:00
pilot-link Fix build with perl 5.14.1 2011-10-14 11:26:31 +00:00
pilot-link-libs Update to 0.12.4: 2009-08-09 08:36:34 +00:00
pilotmgr Remove @dirrm entries from PLISTs 2009-06-14 17:38:38 +00:00
plp Remove @dirrm entries from PLISTs 2009-06-14 17:38:38 +00:00
py-gammu distutils package, register egg-info. 2011-10-29 13:22:16 +00:00
qpage DESTDIR support 2010-01-29 16:38:20 +00:00
ruby-termios * Remove .require_paths from PLIST 2011-11-08 15:37:33 +00:00
scmxx recursive bump from gettext-lib shlib bump. 2011-04-22 13:41:54 +00:00
snooper PKG_DESTDIR_SUPPORT 2009-12-17 21:43:16 +00:00
spandsp Add a patch for PR/44766. The issue was that older versions of gas 2011-09-01 09:22:30 +00:00
synce-librapi2 Simply and speed up buildlink3.mk files and processing. 2009-03-20 19:23:50 +00:00
synce-libsynce Simply and speed up buildlink3.mk files and processing. 2009-03-20 19:23:50 +00:00
synce-rra Remove @dirrm entries from PLISTs 2009-06-14 17:38:38 +00:00
synce-serial Remove @dirrm entries from PLISTs 2009-06-14 17:38:38 +00:00
tkhylafax DESTDIR support 2010-01-29 16:38:20 +00:00
tn3270 TOOLS+=yacc, may unbreak Linux build 2011-11-14 01:36:46 +00:00
xisp remove dead mirror. 2010-04-17 15:48:22 +00:00
xtel Fix native X build by cleaning up FONTDIR after imake. Ride previous bump. 2011-10-09 03:53:31 +00:00
Makefile Remove packages depending on the removed packages. 2011-10-02 14:32:31 +00:00