cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

SECURITY update to asterisk 11.10.1

Browse Source 
- AST-2014-006: MixMonitor manager action allows arbitrary shell commands
to be called from AMI (management interface) users without having proper
permissions.

- AST-2014-007: add a timeout to mitigate possible DoS on http interface
(connecting but making no request ties up a connection)
This commit is contained in:
sthen 2014-06-12 22:39:12 +00:00
parent e5d06a5700
commit d24707e85c
4 changed files with 12 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
telephony/asterisk/Makefile
View File

@ -1,11 +1,10 @@
# $OpenBSD: Makefile,v 1.200 2014/06/12 14:24:34 sthen Exp $
# $OpenBSD: Makefile,v 1.201 2014/06/12 22:39:12 sthen Exp $
SHARED_ONLY= Yes
COMMENT-main= open source multi-protocol PBX and telephony toolkit
VER= 11.10.0
REVISION-main= 0
VER= 11.10.1
DISTNAME= asterisk-${VER:S/beta/-beta/:S/rc/-rc/}
PKGNAME-main= asterisk-${VER}

4
telephony/asterisk/distinfo
View File

@ -1,2 +1,2 @@
SHA256 (asterisk-11.10.0.tar.gz) = Mvwpq4IMRGIGBk16j31ItX8yacVayZjP4QvGGpzKOjM=
SIZE (asterisk-11.10.0.tar.gz) = 34848342
SHA256 (asterisk-11.10.1.tar.gz) = ue9Li989RA6SN/dlrv+jJicMAaf7DZ7aqbTzP9afx40=
SIZE (asterisk-11.10.1.tar.gz) = 34848313

12
telephony/asterisk/patches/patch-channels_chan_sip_c
View File

@ -1,10 +1,10 @@
$OpenBSD: patch-channels_chan_sip_c,v 1.15 2014/05/31 00:35:31 sthen Exp $
$OpenBSD: patch-channels_chan_sip_c,v 1.16 2014/06/12 22:39:12 sthen Exp $
https://issues.asterisk.org/jira/secure/attachment/46850/fax-deadlock-v2.patch-11.3.0
--- channels/chan_sip.c.orig Tue May 13 18:40:00 2014
+++ channels/chan_sip.c Thu May 29 21:32:09 2014
@@ -8436,8 +8436,6 @@ static struct ast_frame *sip_read(struct ast_channel *
--- channels/chan_sip.c.orig Thu Jun 12 17:54:15 2014
+++ channels/chan_sip.c Thu Jun 12 23:27:59 2014
@@ -8440,8 +8440,6 @@ static struct ast_frame *sip_read(struct ast_channel *
ast_channel_unlock(ast);
if (ast_exists_extension(ast, target_context, "fax", 1,
S_COR(ast_channel_caller(ast)->id.number.valid, ast_channel_caller(ast)->id.number.str, NULL))) {
@ -13,7 +13,7 @@ https://issues.asterisk.org/jira/secure/attachment/46850/fax-deadlock-v2.patch-1
ast_verb(2, "Redirecting '%s' to fax extension due to CNG detection\n", ast_channel_name(ast));
pbx_builtin_setvar_helper(ast, "FAXEXTEN", ast_channel_exten(ast));
if (ast_async_goto(ast, target_context, "fax", 1)) {
@@ -8446,10 +8444,10 @@ static struct ast_frame *sip_read(struct ast_channel *
@@ -8450,10 +8448,10 @@ static struct ast_frame *sip_read(struct ast_channel *
ast_frfree(fr);
fr = &ast_null_frame;
} else {
@ -26,7 +26,7 @@ https://issues.asterisk.org/jira/secure/attachment/46850/fax-deadlock-v2.patch-1
}
}
@@ -10734,6 +10732,7 @@ static int process_sdp(struct sip_pvt *p, struct sip_r
@@ -10738,6 +10736,7 @@ static int process_sdp(struct sip_pvt *p, struct sip_r
ast_channel_unlock(p->owner);
if (ast_exists_extension(p->owner, target_context, "fax", 1,
S_COR(ast_channel_caller(p->owner)->id.number.valid, ast_channel_caller(p->owner)->id.number.str, NULL))) {

5
telephony/asterisk/pkg/PLIST-main
View File

@ -1,4 +1,4 @@
@comment $OpenBSD: PLIST-main,v 1.54 2014/06/12 14:24:34 sthen Exp $
@comment $OpenBSD: PLIST-main,v 1.55 2014/06/12 22:39:12 sthen Exp $
@conflict asterisk-sounds-<=1.2.1p2
@conflict asterisk-curl-*
@conflict asterisk-fax-*
@ -592,9 +592,8 @@ share/examples/asterisk/openbsd/voicemail.conf.sample
@sample /var/log/asterisk/cdr-csv/
@sample /var/log/asterisk/cdr-custom/
@sample /var/spool/asterisk/voicemail/
@owner _asterisk
@group _asterisk
@mode 755
@owner _asterisk
@sample /var/spool/asterisk/voicemail/default/
@sample /var/spool/asterisk/voicemail/default/1234/
@group