pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/comms/asterisk10
Module Name: pkgsrc
Committed By: jnemeth
Date: Sun Mar 25 02:17:47 UTC 2012
Modified Files:
pkgsrc/comms/asterisk10: Makefile PLIST distinfo options.mk
pkgsrc/comms/asterisk10/patches: patch-channels_chan__oss.c
patch-configure patch-contrib_scripts_autosupport
Log Message:
Update to 10.2.1:
This is a security fix release. It fixes AST-2012-002 and AST-2012-003.
pkgsrc changes:
- adapt to having iLBC source code included
- fix building on Solaris
- adapt to new sound tarball
----- 10.2.0 -----
The Asterisk Development Team has announced the release of Asterisk 10.2.0.
The release of Asterisk 10.2.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following is a sample of the issues resolved in this release:
* --- Prevent outbound SIP NOTIFY packets from displaying a port of 0 ---
* --- Include iLBC source code for distribution with Asterisk ---
* --- Fix callerid of originated calls ---
* --- Fix outbound DTMF for inband mode of chan_ooh323 ---
* --- Create and initialize udptl only when dialog requests image media ---
* --- Don't prematurely stop SIP session timer ---
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-10.2.0
Thank you for your continued support of Asterisk!
----- 10.2.1 -----
The Asterisk Development Team has announced security releases for
Asterisk 1.4, 1.6.2, 1.8, and 10. The available security releases
are released as versions 1.4.44, 1.6.2.23, 1.8.10.1, and 10.2.1.
The release of Asterisk 1.8.10.1 and 10.2.1 resolve two issues.
First, they resolve the issue in app_milliwatt, wherein a buffer
can potentially be overrun on the stack, but no remote code execution
is possible. Second, they resolve an issue in HTTP AMI where digest
authentication information can be used to overrun a buffer on the
stack, allowing for code injection and execution.
These issues and their resolution are described in the security
advisory.
For more information about the details of these vulnerabilities,
please read the security advisories AST-2012-002 and AST-2012-003,
which were released at the same time as this announcement.
For a full list of changes in the current releases, please see the ChangeLogs:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.2.1
The security advisories are available at:
* http://downloads.asterisk.org/pub/security/AST-2012-002.pdf
* http://downloads.asterisk.org/pub/security/AST-2012-003.pdf
Thank you for your continued support of Asterisk!
To generate a diff of this commit:
cvs rdiff -u -r1.9 -r1.10 pkgsrc/comms/asterisk10/Makefile
cvs rdiff -u -r1.3 -r1.4 pkgsrc/comms/asterisk10/PLIST
cvs rdiff -u -r1.6 -r1.7 pkgsrc/comms/asterisk10/distinfo
cvs rdiff -u -r1.2 -r1.3 pkgsrc/comms/asterisk10/options.mk
cvs rdiff -u -r1.1.1.1 -r1.2 \
pkgsrc/comms/asterisk10/patches/patch-channels_chan__oss.c \
pkgsrc/comms/asterisk10/patches/patch-configure \
pkgsrc/comms/asterisk10/patches/patch-contrib_scripts_autosupport
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Home |
Main Index |
Thread Index |
Old Index