kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
Automatic conversion of the NetBSD pkgsrc CVS module, use with care
167312 commits 166 branches 0 tags 1.5 GiB
Makefile 45.1%
C 34.4%
C++ 5.5%
Shell 4.2%
Roff 3.3%
Other 6.8%
Find a file
jnemeth e22ff5c255 Update to 1.8.2.2 
This is to fix AST-2011-001: Stack buffer overflow in SIP channel driver

               Asterisk Project Security Advisory - AST-2011-001

         Product        Asterisk
         Summary        Stack buffer overflow in SIP channel driver
    Nature of Advisory  Exploitable Stack Buffer Overflow
      Susceptibility    Remote Authenticated Sessions
         Severity       Moderate
      Exploits Known    No
       Reported On      January 11, 2011
       Reported By      Matthew Nicholson
        Posted On       January 18, 2011
     Last Updated On    January 18, 2011
     Advisory Contact   Matthew Nicholson <mnicholson at digium.com>
         CVE Name

   Description When forming an outgoing SIP request while in pedantic mode, a
               stack buffer can be made to overflow if supplied with
               carefully crafted caller ID information. This vulnerability
               also affects the URIENCODE dialplan function and in some
               versions of asterisk, the AGI dialplan application as well.
               The ast_uri_encode function does not properly respect the size
               of its output buffer and can write past the end of it when
               encoding URIs.

For full details, see:

http://downloads.digium.com/pub/security/AST-2011-001.html
2011-01-21 07:00:43 +00:00
archivers Fix build on AIX, from J Raynor on pkgsrc-users. 2011-01-16 07:31:12 +00:00
audio revert previous (except the build fix patch) 2011-01-20 14:23:42 +00:00
benchmarks png shlib name changed for png>=1.5.0, so bump PKGREVISIONs. 2011-01-13 13:36:05 +00:00
biology png shlib name changed for png>=1.5.0, so bump PKGREVISIONs. 2011-01-13 13:36:05 +00:00
bootstrap Allow to provide CC on Darwin 2010-12-26 11:24:21 +00:00
cad png shlib name changed for png>=1.5.0, so bump PKGREVISIONs. 2011-01-13 13:36:05 +00:00
chat fix for PR#44382 (don't use inline with sunpro compiler) 2011-01-18 18:39:13 +00:00
comms Update to 1.8.2.2 2011-01-21 07:00:43 +00:00
converters Remove "--without-libiconv-prefix", almost no configure script recognizes it. 2011-01-16 11:16:28 +00:00
cross fix PLIST for new doxygen, depend on latest version, bump PKGREVISION 2010-08-05 15:50:22 +00:00
databases Dont assume libc has a strlcpy() if the heimdal libraries happen to have 2011-01-20 12:38:49 +00:00
devel +mk-configure 2011-01-20 21:39:46 +00:00
distfiles
doc Updated comms/asterisk16 to 1.6.2.16.1 2011-01-21 05:13:52 +00:00
editors png-1.5 build fix 2011-01-19 16:04:00 +00:00
emulators Fix build with png-1.5. 2011-01-14 11:38:38 +00:00
filesystems png shlib name changed for png>=1.5.0, so bump PKGREVISIONs. 2011-01-13 13:36:05 +00:00
finance png shlib name changed for png>=1.5.0, so bump PKGREVISIONs. 2011-01-13 13:36:05 +00:00
fonts Update tex-courier to TeX Live r21101. 2011-01-18 21:39:51 +00:00
games Fix build with png-1.5. 2011-01-20 23:37:36 +00:00
geography +emerillon 2011-01-18 19:15:34 +00:00
graphics Fix build with png-1.5. 2011-01-20 23:37:36 +00:00
ham png shlib name changed for png>=1.5.0, so bump PKGREVISIONs. 2011-01-13 13:36:05 +00:00
inputmethod png shlib name changed for png>=1.5.0, so bump PKGREVISIONs. 2011-01-13 13:53:23 +00:00
lang +runawk 2011-01-20 21:45:36 +00:00
licenses Add amazon-software-license, which is used by EC2 tools provided 2011-01-16 00:34:39 +00:00
mail png shlib name changed for png>=1.5.0, so bump PKGREVISIONs. 2011-01-13 13:53:23 +00:00
math Update chat/telepathy-logger, math/gcalctool, print/evince, sysutils/brasero 2011-01-18 10:08:43 +00:00
mbone Follow HTTP redirects to new HOMEPAGEs and/or MASTER_SITES. 2010-11-13 21:08:54 +00:00
meta-pkgs Bump package revision of all packages depending on the "libXvMC" package 2011-01-19 18:12:20 +00:00
misc Import the commander Ruby gem, version 4.0.2. 2011-01-20 14:33:24 +00:00
mk Typo fix 2011-01-19 13:05:39 +00:00
multimedia Update ffmpegthumbnailer to 2.0.6: 2011-01-20 20:21:16 +00:00
net Fix build with recent gcc. 2011-01-20 12:19:30 +00:00
news Fix build with png-1.5. 2011-01-15 19:16:00 +00:00
packages
parallel png shlib name changed for png>=1.5.0, so bump PKGREVISIONs. 2011-01-13 13:36:05 +00:00
pkgtools pkgin 0.3.3.4, never say "this is the last release" 2011-01-20 18:14:09 +00:00
print Sync tex-contex-doc with tex-context. 2011-01-21 04:12:18 +00:00
regress Reset maintainer, developer lost his commit bit. 2010-03-21 16:29:38 +00:00
security 'fix' pr#43939 by providing a pointer to the root cause 2011-01-20 16:25:21 +00:00
shells Revert previous, which deleted the whole contents (hi roy!). 2010-11-30 09:04:58 +00:00
sysutils Set LICENSE. 2011-01-20 15:54:28 +00:00
templates Tell users to use "pkg_admin audit" instead of audit-packages. 2010-03-18 10:18:19 +00:00
textproc Dynamic library names are handled automatically in PkgSrc 2011-01-20 11:27:11 +00:00
time Fix the sumtitra script to work without warning from newer perl. 2011-01-17 12:52:15 +00:00
wm replace netscape with firefox in default menu config 2011-01-17 11:15:16 +00:00
www Unset any predefined LD_PRELOAD before executing npviewer.bin (emul 2011-01-20 13:06:15 +00:00
x11 Bump package revision of all packages depending on the "libXvMC" package 2011-01-19 18:12:20 +00:00
Makefile
pkglocate Fix PR 39648: 2010-11-11 19:56:34 +00:00
README

README 

$NetBSD: README,v 1.18 2005/05/07 22:18:28 wiz Exp $

Please see doc/pkgsrc.txt for information.