AST-2012-007, AST-2012-008 fixed in the short-lived 1.8.12.1 release:
* A remotely exploitable crash vulnerability exists in the IAX2 channel
driver if an established call is placed on hold without a suggested music
class. Asterisk will attempt to use an invalid pointer to the music
on hold class name, potentially causing a crash.
* A remotely exploitable crash vulnerability was found in the Skinny (SCCP)
Channel driver. When an SCCP client closes its connection to the server,
a pointer in a structure is set to NULL. If the client was not in the
on-hook state at the time the connection was closed, this pointer is later
dereferenced. This allows remote authenticated connections the ability to
cause a crash in the server, denying services to legitimate users.
Also from 1.8.12.2
* Resolve crash in subscribing for MWI notifications.
ASTOBJ_UNREF sets the variable to NULL after unreffing it, so the
variable should definitely not be used after that. To solve this in
the two cases that affect subscribing for MWI notifications, we
instead save the ref locally, and unref them in the error
conditions.
- add an extra file to PLIST-calendar
- add comments to the sample sip.conf showing how to hide version numbers
- fix use of _POSIX_THREAD_PRIORITY_SCHEDULING, from Brad
alterMIME is a small program which is used to alter your mime-encoded
mailpacks as typically received by e.g. amavisd-new.
It can:
* Insert disclaimers
* Insert arbitary X-headers
* Modify existing headers
* Remove attachments based on filename or content-type
* Replace attachments based on filename
ok jasper@
so rename the current no_x11 flavour to the default (with @pkgpath to
allow updates to work), rename what was the default flavour to gtk and
mark that broken. maintainer timeout.
with newsyslog(8); this can of course by modified using syslog_ng_flags.
While here, run syslog-ng.conf(5) through tbl(1) (from sthen@).
discussed with and ok sthen@ steven@ (maintainer)
(upstream git commit b88ab981fd0a5725ed886a9f9788a5b1e721534c)
Bugfix: fix stray workspaces "number 1" being created when having
workspace number 1 in your config (upstream git commit
ec4e6d1cdf5b76c79da2879635e4094e25a01f3d)
Fix for i3bar: don't wrap when changing workspaces by mouse wheel
scrolling (upstream git commit 4f93e0587a849de00a1f50bfcd48a549009178c0)
