SECURITY: update to 1.2.18 from maintainer stuart henderson

ASA-2007-011: Multiple problems in SIP channel parser handling response codes ASA-2007-012: Remote Crash Vulnerability in Manager Interface
2007-05-02 17:29:25 +00:00 · 2007-05-02 17:29:25 +00:00 · e137319740
commit e137319740
parent d02e18ad69
6 changed files with 27 additions and 28 deletions
--- a/telephony/asterisk/Makefile
+++ b/telephony/asterisk/Makefile
@ -1,7 +1,7 @@
-# $OpenBSD: Makefile,v 1.18 2007/03/21 15:51:54 jolan Exp $
+# $OpenBSD: Makefile,v 1.19 2007/05/02 17:29:25 jolan Exp $

 COMMENT=	"open source multi-protocol PBX and telephony toolkit"
-DISTNAME=	asterisk-1.2.17
+DISTNAME=	asterisk-1.2.18
 CATEGORIES=	telephony
 MASTER_SITES=	http://ftp.digium.com/pub/asterisk/releases/

@ -25,14 +25,11 @@ MAKE_ENV+=	SYSCONFDIR='${SYSCONFDIR}' MAKEFLAGS+=-DWITHOUT_ZAPTEL

 post-install:
 	${INSTALL_DATA_DIR} ${PREFIX}/share/doc/asterisk
-	${INSTALL_DATA_DIR} ${PREFIX}/share/examples/asterisk/agi
 	${INSTALL_DATA_DIR} ${PREFIX}/share/examples/asterisk/default
 	${INSTALL_DATA_DIR} ${PREFIX}/share/examples/asterisk/openbsd
 	${INSTALL_DATA} ${WRKSRC}/{BUGS,SECURITY} ${PREFIX}/share/doc/asterisk
 	${INSTALL_DATA} ${WRKSRC}/doc/README.* ${PREFIX}/share/doc/asterisk
 	${INSTALL_DATA} ${WRKSRC}/doc/*.txt ${PREFIX}/share/doc/asterisk
-	${INSTALL_DATA} ${WRKSRC}/agi/agi-test.agi \
-		${PREFIX}/share/examples/asterisk/agi
 	${INSTALL_DATA} ${WRKSRC}/configs/* ${PREFIX}/share/examples/asterisk/default
 	${INSTALL_DATA} ${FILESDIR}/*.sample ${PREFIX}/share/examples/asterisk/openbsd

--- a/telephony/asterisk/distinfo
+++ b/telephony/asterisk/distinfo
@ -1,5 +1,5 @@
-MD5 (asterisk-1.2.17.tar.gz) = GkGh9KU1gTsScrrgVFx5kA==
-RMD160 (asterisk-1.2.17.tar.gz) = 8D/jAxLH5pPEgExAlB25QqsJKXY=
-SHA1 (asterisk-1.2.17.tar.gz) = 3JpsaSPeyT5XdEV5xQoavSCPeuI=
-SHA256 (asterisk-1.2.17.tar.gz) = qyCto34PKHSgxZrH1TlcWYBBnaY0TLt4tgh06bhjHPE=
-SIZE (asterisk-1.2.17.tar.gz) = 10615354
+MD5 (asterisk-1.2.18.tar.gz) = hNFusKlKPaiDy5vWy4o/yg==
+RMD160 (asterisk-1.2.18.tar.gz) = Xh5hVtdAmgHcI73L8LGKxuG2xxU=
+SHA1 (asterisk-1.2.18.tar.gz) = s1vrY8VNiHftVZpk68qrQDBuHEw=
+SHA256 (asterisk-1.2.18.tar.gz) = 8bZGS7rsBHFDVbYUs8esVEz0q39e0FMDrbrpSqUTBAM=
+SIZE (asterisk-1.2.18.tar.gz) = 10621790
--- a/telephony/asterisk/patches/patch-Makefile
+++ b/telephony/asterisk/patches/patch-Makefile
@ -1,6 +1,6 @@
-$OpenBSD: patch-Makefile,v 1.9 2006/12/22 22:16:10 jolan Exp $
--- Makefile.orig	Mon Dec 11 21:55:43 2006
-+++ Makefile	Sat Dec 16 22:04:36 2006
+$OpenBSD: patch-Makefile,v 1.10 2007/05/02 17:29:25 jolan Exp $
+--- Makefile.orig	Wed Jan 10 02:16:45 2007
+++ Makefile	Wed Apr 25 09:51:58 2007
@@ -19,8 +19,8 @@ OPTIONS=
 # CROSS_COMPILE=/opt/montavista/pro/devkit/arm/xscale_be/bin/xscale_be-
 # CROSS_COMPILE_BIN=/opt/montavista/pro/devkit/arm/xscale_be/bin/
@ -12,7 +12,7 @@ $OpenBSD: patch-Makefile,v 1.9 2006/12/22 22:16:10 jolan Exp $
 # CROSS_ARCH=Linux
 # CROSS_PROC=arm
 # SUB_PROC=xscale # or maverick
-@@ -47,8 +47,12 @@ ifneq ($(findstring dont-optimize,$(MAKE
+@@ -47,8 +47,12 @@ ifneq ($(findstring dont-optimize,$(MAKECMDGOALS)),don
 #K6OPT  = -DK6OPT
 
 #Tell gcc to optimize the code
@ -67,7 +67,7 @@ $OpenBSD: patch-Makefile,v 1.9 2006/12/22 22:16:10 jolan Exp $
 +  ASTMANDIR=$(INSTALL_PREFIX)/man
 +  
 +  MODULES_DIR=$(ASTLIBDIR)/modules
-+  AGI_DIR=/var/asterisk/agi-bin
+  AGI_DIR=$(INSTALL_PREFIX)/share/examples/asterisk/agi
 +endif
 +ifeq ($(OSARCH),SunOS)
   ASTLIBDIR=$(INSTALL_PREFIX)/opt/asterisk/lib
@ -119,7 +119,7 @@ $OpenBSD: patch-Makefile,v 1.9 2006/12/22 22:16:10 jolan Exp $
 
 all: cleantest depend asterisk subdirs 
 
-@@ -714,6 +747,7 @@ install: all datafiles bininstall instal
+@@ -714,6 +747,7 @@ install: all datafiles bininstall install-subdirs
 	@if [ -x /usr/sbin/asterisk-post-install ]; then \
 		/usr/sbin/asterisk-post-install $(DESTDIR) . ; \
 	fi
@ -127,7 +127,7 @@ $OpenBSD: patch-Makefile,v 1.9 2006/12/22 22:16:10 jolan Exp $
 	@echo " +---- Asterisk Installation Complete -------+"  
 	@echo " +                                           +"
 	@echo " +    YOU MUST READ THE SECURITY DOCUMENT    +"
-@@ -735,6 +769,7 @@ install: all datafiles bininstall instal
+@@ -735,6 +769,7 @@ install: all datafiles bininstall install-subdirs
 	@echo " + **Note** This requires that you have      +"
 	@echo " + doxygen installed on your local system    +"
 	@echo " +-------------------------------------------+"
--- a/telephony/asterisk/patches/patch-asterisk_c
+++ b/telephony/asterisk/patches/patch-asterisk_c
@ -1,6 +1,6 @@
-$OpenBSD: patch-asterisk_c,v 1.8 2007/03/15 10:56:31 jolan Exp $
--- asterisk.c.orig	Fri Feb 23 23:20:55 2007
-+++ asterisk.c	Sat Mar  3 09:03:21 2007
+$OpenBSD: patch-asterisk_c,v 1.9 2007/05/02 17:29:25 jolan Exp $
+--- asterisk.c.orig	Mon Apr  9 03:49:06 2007
+++ asterisk.c	Wed Apr 25 09:17:17 2007
@@ -454,7 +454,7 @@ int ast_safe_system(const char *s)
 		/* Close file descriptors and launch system command */
 		for (x = STDERR_FILENO + 1; x < 4096; x++)
@ -10,7 +10,7 @@ $OpenBSD: patch-asterisk_c,v 1.8 2007/03/15 10:56:31 jolan Exp $
 		_exit(1);
 	} else if (pid > 0) {
 		for(;;) {
-@@ -2045,7 +2045,7 @@ int main(int argc, char *argv[])
+@@ -2043,7 +2043,7 @@ int main(int argc, char *argv[])
 	int num;
 	int is_child_of_nonroot=0;
 	char *buf;
@ -19,7 +19,7 @@ $OpenBSD: patch-asterisk_c,v 1.8 2007/03/15 10:56:31 jolan Exp $
 
 	/* Remember original args for restart */
 	if (argc > sizeof(_argv) / sizeof(_argv[0]) - 1) {
-@@ -2173,6 +2173,8 @@ int main(int argc, char *argv[])
+@@ -2171,6 +2171,8 @@ int main(int argc, char *argv[])
 			argv[x] = argv[0] + 10;
 		}
 	}
--- a/telephony/asterisk/patches/patch-channels_Makefile
+++ b/telephony/asterisk/patches/patch-channels_Makefile
@ -1,7 +1,7 @@
-$OpenBSD: patch-channels_Makefile,v 1.4 2007/03/21 15:51:54 jolan Exp $
--- channels/Makefile.orig	Mon Mar  5 23:18:49 2007
-+++ channels/Makefile	Wed Mar 21 14:39:08 2007
-@@ -44,9 +44,11 @@ CYGSOLIB=-L.. -L. -L../res -lasterisk.dl
+$OpenBSD: patch-channels_Makefile,v 1.5 2007/05/02 17:29:25 jolan Exp $
+--- channels/Makefile.orig	Mon Mar 26 11:21:56 2007
+++ channels/Makefile	Wed Apr 25 09:17:17 2007
+@@ -44,9 +44,11 @@ CYGSOLIB=-L.. -L. -L../res -lasterisk.dll -lres_featur
 CYG_CHAN_AGENT=-lres_monitor.so
 endif
 
--- a/telephony/asterisk/pkg/PLIST
+++ b/telephony/asterisk/pkg/PLIST
@ -1,4 +1,4 @@
-@comment $OpenBSD: PLIST,v 1.10 2007/02/11 01:03:28 ian Exp $
+@comment $OpenBSD: PLIST,v 1.11 2007/05/02 17:29:25 jolan Exp $
@conflict asterisk-sounds-<=1.2.1p2
@newgroup _asterisk:545
@newuser _asterisk:545:_asterisk:daemon:asterisk user:/nonexistent:/sbin/nologin
@ -512,12 +512,14 @@ share/doc/asterisk/queuelog.txt
@comment share/doc/asterisk/voicemail_odbc_postgresql.txt
 share/examples/asterisk/
@sample /var/asterisk/
-@sample ${SYSCONFDIR}/asterisk/
 share/examples/asterisk/agi/
@sample /var/asterisk/agi-bin/
 share/examples/asterisk/agi/agi-test.agi
@sample /var/asterisk/agi-bin/agi-test.agi
+share/examples/asterisk/agi/eagi-sphinx-test
+share/examples/asterisk/agi/eagi-test
 share/examples/asterisk/default/
+@sample ${SYSCONFDIR}/asterisk/
 share/examples/asterisk/default/adsi.conf.sample
 share/examples/asterisk/default/adtranvofr.conf.sample
 share/examples/asterisk/default/agents.conf.sample