SECURITY; http://downloads.asterisk.org/pub/security/AST-2009-005.html

Fixes sscanf without size bounds. The biggest problem affects SIP in Asterisk 1.6.1+ (i.e. not OpenBSD ports/packages) but the update makes sense anyway...
2009-08-10 23:22:31 +00:00 · 2009-08-10 23:22:31 +00:00 · 609d715116
commit 609d715116
parent b34a46aae8
2 changed files with 7 additions and 7 deletions
--- a/telephony/asterisk/Makefile
+++ b/telephony/asterisk/Makefile
@ -1,9 +1,9 @@
-# $OpenBSD: Makefile,v 1.57 2009/07/21 22:05:24 sthen Exp $
+# $OpenBSD: Makefile,v 1.58 2009/08/10 23:22:31 sthen Exp $

 SHARED_ONLY=		Yes
 COMMENT-main=		open source multi-protocol PBX and telephony toolkit

-VER=			1.4.26
+VER=			1.4.26.1
 # you can set PATCHVER=p0, p1 etc to bump everything,
 # this takes care of the subpackage/flavor maze
 PATCHVER=		
--- a/telephony/asterisk/distinfo
+++ b/telephony/asterisk/distinfo
@ -1,5 +1,5 @@
-MD5 (asterisk-1.4.26.tar.gz) = 9U1mhVM6FJoCQcNGiojgKg==
-RMD160 (asterisk-1.4.26.tar.gz) = X0k0XuHgwsyewfA1Cm3mrwslNcs=
-SHA1 (asterisk-1.4.26.tar.gz) = Yp39ZhZ4tJ4HJmQ0QI2TuTKHsCU=
-SHA256 (asterisk-1.4.26.tar.gz) = V8QTYsno6ldEdvRoR8ajxsGODu9LDPGjP6bFM+5zaGg=
-SIZE (asterisk-1.4.26.tar.gz) = 11660061
+MD5 (asterisk-1.4.26.1.tar.gz) = vy67bIw9519PP2i9YBbeJg==
+RMD160 (asterisk-1.4.26.1.tar.gz) = S4usFYmIaHLyTHdr6MgbkSxhTaI=
+SHA1 (asterisk-1.4.26.1.tar.gz) = zOQs5rbANV2I5XpEPWCa66joLEc=
+SHA256 (asterisk-1.4.26.1.tar.gz) = iiizzIyDsBbp5SlxZS4GESvgc2fvQbH1tHhAj4rnSQk=
+SIZE (asterisk-1.4.26.1.tar.gz) = 11642301