kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
pkgsrc/comms
History
jnemeth c1eef3af05 de to Asterisk 1.8.19.1; this is a security fix to fix AST-2012-14 
and AST-2012-015.

Approved for commit during freeze by: agc

The Asterisk Development Team has announced security releases for Certified
Asterisk 1.8.11 and Asterisk 1.8, 10, and 11. The available security releases
are released as versions 1.8.11-cert10, 1.8.19.1, 10.11.1, 10.11.1-digiumphones,
and 11.1.1.

The release of these versions resolve the following two issues:

* Stack overflows that occur in some portions of Asterisk that manage a TCP
  connection. In SIP, this is exploitable via a remote unauthenticated session;
  in XMPP and HTTP connections, this is exploitable via remote authenticated
  sessions.

* A denial of service vulnerability through exploitation of the device state
  cache. Anonymous calls had the capability to create devices in Asterisk that
  would never be disposed of.

These issues and their resolutions are described in the security advisories.

For more information about the details of these vulnerabilities, please read
security advisories AST-2012-014 and AST-2012-015, which were released at the
same time as this announcement.

For a full list of changes in the current releases, please see the ChangeLogs:

http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.1.1

The security advisories are available at:

 * http://downloads.asterisk.org/pub/security/AST-2012-014.pdf
 * http://downloads.asterisk.org/pub/security/AST-2012-015.pdf

Thank you for your continued support of Asterisk!
2013-01-03 02:16:17 +00:00
..
asterisk Upgrade to Asterisk 11.1.1; this is a security fix to fix AST-2012-14 2013-01-03 02:11:19 +00:00
asterisk-sounds-de-x9media Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-03 11:24:38 +00:00
asterisk-sounds-native Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-03 11:24:38 +00:00
asterisk10 Upgrade to Asterisk 10.11.1; this is a security fix to fix AST-2012-14 2013-01-03 02:14:28 +00:00
asterisk18 de to Asterisk 1.8.19.1; this is a security fix to fix AST-2012-14 2013-01-03 02:16:17 +00:00
binkd format police 2011-04-07 13:18:23 +00:00
birda Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-03 11:24:38 +00:00
bthfp Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-03 11:24:38 +00:00
conserver Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-03 11:24:38 +00:00
conserver8 Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-03 11:24:38 +00:00
deforaos-phone Imported wip/deforaos-phone, the DeforaOS telephony application, under 2012-12-17 01:16:28 +00:00
dl-ezkit Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-03 11:24:38 +00:00
efax Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-03 11:24:38 +00:00
efax-gtk Revbump after updating graphics/pango 2012-10-08 23:00:34 +00:00
estic remove obsolete patches (replaced by patch-estic-*.cc) 2012-12-13 09:08:39 +00:00
fidogate Bump all packages that use perl, or depend on a p5-* package, or 2012-10-03 21:53:53 +00:00
gammu recursive bump from cyrus-sasl libsasl2 shlib major bump. 2012-12-16 01:51:57 +00:00
gkermit Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-03 11:24:38 +00:00
gnome-pilot Bump PKGREVISION from devel/nss 3.14.0. 2012-12-15 10:36:18 +00:00
gsmlib Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-03 11:24:38 +00:00
hylafax Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-03 11:24:38 +00:00
jpilot Revbump after updating graphics/pango 2012-10-08 23:00:34 +00:00
jpilot-syncmal Revbump after updating graphics/pango 2012-10-08 23:00:34 +00:00
kermit Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-03 11:24:38 +00:00
kyopon Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-03 11:24:38 +00:00
libmal Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-03 11:24:38 +00:00
libopensync Remove -Werror to fix build with latest glib2. 2012-10-07 12:12:53 +00:00
libopensync-plugin-evolution2 Bump PKGREVISION from devel/nss 3.14.0. 2012-12-15 10:36:18 +00:00
libopensync-plugin-file Reset maintainer on his request. 2012-12-12 10:44:06 +00:00
libopensync-plugin-kdepim recursive bump from cyrus-sasl libsasl2 shlib major bump. 2012-12-16 01:51:57 +00:00
libopensync-plugin-syncml Use correct enum. 2012-12-25 21:13:18 +00:00
libsyncml Reset maintainer on his request. 2012-12-12 10:44:06 +00:00
lirc Fix build failure on some Linuxes if CHECK_INTERPRETER=yes 2012-12-25 11:41:25 +00:00
lrzsz Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-03 11:24:38 +00:00
malsync Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-03 11:24:38 +00:00
mgetty+sendfax Explicitly define SHELL to be our SH in the make environment. This prevents 2012-12-06 20:50:36 +00:00
minicom Update to 2.6.1, from diro in PR 47209. 2012-12-12 12:35:21 +00:00
modemd Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-03 11:24:38 +00:00
msynctool Reset maintainer on his request. 2012-12-12 10:44:06 +00:00
multisync-gui Revbump after updating graphics/pango 2012-10-08 23:00:34 +00:00
obexapp Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-03 11:24:38 +00:00
obexftp Bump all packages that use perl, or depend on a p5-* package, or 2012-10-03 21:53:53 +00:00
op_panel Bump all packages that use perl, or depend on a p5-* package, or 2012-10-03 21:53:53 +00:00
openobex Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-03 11:24:38 +00:00
p5-Asterisk Bump all packages that use perl, or depend on a p5-* package, or 2012-10-03 21:53:53 +00:00
p5-Data-AMF Add missing dependency on p5-DateTime, and bump PKGREVISION. 2012-12-11 10:01:38 +00:00
p5-Device-Gsm Bump all packages that use perl, or depend on a p5-* package, or 2012-10-03 21:53:53 +00:00
p5-Device-Modem Bump all packages that use perl, or depend on a p5-* package, or 2012-10-03 21:53:53 +00:00
p5-Device-SerialPort Bump all packages that use perl, or depend on a p5-* package, or 2012-10-03 21:53:53 +00:00
p5-Device-XBee-API Bump all packages that use perl, or depend on a p5-* package, or 2012-10-03 21:53:53 +00:00
p5-pilot-link Bump all packages that use perl, or depend on a p5-* package, or 2012-10-03 21:53:53 +00:00
p5-SMS-Send Bump all packages that use perl, or depend on a p5-* package, or 2012-10-03 21:53:53 +00:00
pilot-link Bump all packages that use perl, or depend on a p5-* package, or 2012-10-03 21:53:53 +00:00
pilot-link-libs Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-03 11:24:38 +00:00
pilotmgr Bump all packages that use perl, or depend on a p5-* package, or 2012-10-03 21:53:53 +00:00
plp Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-03 11:24:38 +00:00
py-gammu Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-03 11:24:38 +00:00
py-serial Add puyserial 26, which provides a uniform interface for accessing 2012-12-09 15:26:29 +00:00
qpage Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-03 11:24:38 +00:00
ruby-termios Fix build problem with ruby193-base-1.9.3p327 (Ruby 1.9.3 patchlevel 327). 2012-12-05 12:12:23 +00:00
scmxx Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-03 11:24:38 +00:00
snooper Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-03 11:24:38 +00:00
spandsp Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-03 11:24:38 +00:00
synce-librapi2 Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-03 11:24:38 +00:00
synce-libsynce Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-03 11:24:38 +00:00
synce-rra Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-03 11:24:38 +00:00
synce-serial Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-03 11:24:38 +00:00
tkhylafax Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-03 11:24:38 +00:00
tn3270 Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-03 11:24:38 +00:00
xisp Fix build on SunOS. 2012-02-17 13:49:47 +00:00
xtel Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-03 11:24:38 +00:00
Makefile Added comms/deforaos-phone (version 0.3.11) 2012-12-17 01:17:28 +00:00