sthen
7dadcbac78
maintenance update to 1.4.22; many fixes.
2008-10-07 09:57:52 +00:00
sthen
2861b10c40
SECURITY update fixing several problems in IAX, both remotely
...
exploitable without authentication.
AST-2008-010: Asterisk IAX 'POKE' resource exhaustion (DoS)
AST-2008-011: Traffic amplification in IAX2, 40->1040 bytes
2008-07-23 08:57:10 +00:00
sthen
cb6bf906d5
- bugfix update to 1.4.21.1, fixing a fairly major problem
...
introduced in 1.4.21 by correcting the order of lock and unlock
in a deadlock avoidance macro... No other changes. Not security,
but if you're running 1.4.21, you definitely want this.
- regen PLIST to remove @bin from a symlink.
2008-06-30 20:03:49 +00:00
sthen
d57b2a9a52
Update Asterisk to 1.4.21, lots of quality-control fixes
...
ok ian
2008-06-14 16:00:10 +00:00
sthen
fdf610d6d7
- speex needs to be at least 1.2beta3 since the library was
...
split in two: add pkgspec, bump -speex package version
- adjust FULLPKGNAME handling so overrides can be shown clearly
at the top of the Makefile
- add space before assignment operator "FULLPKGNAME$i=" to avoid
potential ambiguity with bad values of $i
speex problem reported by jolan@, thanks!
2008-06-02 23:33:51 +00:00
sthen
e1ead9579e
update to 1.4.20.1; thanks to Pedro la Peu for additional testing.
2008-05-27 22:14:34 +00:00
sthen
f400d3023f
clean whitespace (spaces->tabs); "cvs di -w" shows no change
2008-05-27 20:56:12 +00:00
ajacoutot
9b89accee8
- fix WANTLIB after pwlib FLAVORs merge
...
- bump
2008-05-22 19:27:04 +00:00
sthen
0074d5ea7d
Update to 1.4.19.2, fixing an IAX performance problem introduced
...
by the security fix in the previous update. No change to other code.
Non-IAX users are unaffected.
2008-05-13 23:49:57 +00:00
sthen
03a107191f
SECURITY update, fixes remote amplification attack in IAX.
...
http://downloads.digium.com/pub/security/AST-2008-006.html
ok ian@
2008-04-23 07:04:09 +00:00
sthen
7c7f03755a
update to 1.4.19
...
ok ian@
2008-04-02 23:18:11 +00:00
sthen
b78d620076
SECURITY update to 1.4.18.1, fixes AST-2008-002 (buffer overflows
...
in RTP codec payload type handling) and AST-2008-003 (SIP channel
can make a call into the context specified in the general section
of sip.conf). Affects all Asterisk users with SIP enabled.
This is a security update only, no changes other than these fixes.
2008-03-19 08:18:10 +00:00
ajacoutot
4bebb7f3ca
- make the h323 FLAVOR build correctly with new pwlib/h323
...
- add a pre-build target so that we can remove IS_INTERACTIVE
(from sthen@)
ok sthen@
2008-03-15 17:41:12 +00:00
sthen
5802de6f10
update asterisk to 1.4.18 (following testing during RC period)
...
ok jolan
2008-02-07 22:08:30 +00:00
sthen
76825aff1b
SECURITY update, AST-2008-001, fixes remote crash triggerable by anyone
...
permitted to transfer SIP calls (possibly unauthenticated, depending on
config).
ok ian
2008-01-03 02:23:30 +00:00
sthen
50c645a69b
update to the asterisk release-du-jour.
...
ok ian's asterisk-ok-bot
2007-12-21 10:22:19 +00:00
sthen
9d7e6c2e89
Update to today's asterisk release. ok ian
2007-12-20 13:57:22 +00:00
sthen
2d388aff89
SECURITY update to 1.4.17, fixes AST-2007-027 (passwordless sip/iax peers,
...
configured from "realtime" database rather than static .conf files, are not
subject to IP address restrictions).
ok ian
2007-12-19 21:07:27 +00:00
sthen
0d8f4dba96
SECURITY update to Asterisk 1.4.15, fixes SQL problems with
...
PostgreSQL drivers. AST-2007-025 (pgsql realtime) and AST-2007-026
(pgsql CDR logging).
ok jolan@
2007-12-01 10:11:53 +00:00
sthen
ff506d6ff4
update Asterisk to 1.4.14 (with many bug fixes), and h323 flavor
...
(for interactive builds only).
ok jolan, ian
2007-11-27 10:41:04 +00:00
sthen
b22c11a7a4
SECURITY update for 1.4 versions (doesn't affect OpenBSD before 4.2);
...
fixes an overflow in IMAP voicemail storage reachable by anyone who can
send email to a VM box accessed from the phone. AST-2007-022, found by
sprintf audit.
ok ian@
2007-10-11 08:05:18 +00:00
sthen
bb85f6fc39
bug-fix update to 1.4.12
...
ok ian@
2007-10-04 11:25:44 +00:00
sthen
9c5f5dcd0d
major version update to 1.4.11, ok ian@ jolan@
2007-09-05 22:42:52 +00:00
sthen
e303306b19
update my email address
...
ok mbalmer@
2007-09-04 10:33:19 +00:00
robert
018b601d2c
remove empty patch; noticed by Stuart Henderson <stu@spacehopper.org>
2007-07-25 08:55:48 +00:00
ian
fab7c3a824
Upgrade to 1.2.22 to fix several remote exploits, from Stuart, tested by me
2007-07-19 01:31:27 +00:00
jolan
994a77a545
SECURITY: update to 1.2.19, from maintainer stuart henderson
...
ASA-2007-013: chan_iax2.c assumes strings are null-terminated without
validating them, potential buffer overrun/information disclosure
2007-07-02 14:03:34 +00:00
jolan
e137319740
SECURITY: update to 1.2.18 from maintainer stuart henderson
...
ASA-2007-011: Multiple problems in SIP channel parser handling response
codes
ASA-2007-012: Remote Crash Vulnerability in Manager Interface
2007-05-02 17:29:25 +00:00
espie
d4ebcd974d
more base64 checksums
2007-04-05 17:26:05 +00:00
jolan
b55e239460
SECURITY: update to 1.2.17, fixes a(nother) remote DoS in chan_sip:
...
http://voipsa.org/pipermail/voipsec_voipsa.org/2007-March/002275.html
from maintainer stuart henderson
2007-03-21 15:51:54 +00:00
jolan
7d42dc4e37
SECURITY: update to 1.2.16 which fixes a remote DoS in chan_sip
...
from maintainer stuart henderson
2007-03-15 10:56:31 +00:00
ian
039ed98d9e
1.2.14->1.2.15 from maintainer, tested on i386 & amd64.
2007-02-11 01:03:28 +00:00
steven
27aabe3447
conflicts with asterisk-sounds-<=1.2.1p2
2006-12-29 22:21:41 +00:00
jolan
82ddf3f4d8
update to 1.2.14, from stuart henderson
2006-12-22 22:16:10 +00:00
jolan
73cc4fa6d9
SECURITY: update to 1.2.13 which fixes a vulnerability in the
...
chan_skinny module. for more details see:
http://www.asterisk.org/node/109
from maintainer
2006-10-19 21:19:07 +00:00
jolan
eb7a26aef4
- install IAXy firmware in order to silence warning messages, prompted
...
by jcs@
ok MAINTAINER
2006-10-18 00:18:36 +00:00
jolan
53cc38430a
- update to 1.2.12.1
...
- be careful not to pick up odbc/popt if they happened to be installed
from maintainer stuart henderson
2006-09-24 21:09:25 +00:00
alek
a36e246105
- Don't build res_config_odbc if databases/iodbc is installed
...
- Don't build smsq if devel/popt is installed
ok maintainer
2006-07-18 19:32:54 +00:00
steven
6dc095d557
fix sample config file.
...
from maintainer Stuart Henderson, found by Steve, murdoch-technology
at bigpond dot com.
2006-06-15 06:39:50 +00:00
naddy
ca6257ce12
SECURITY:
...
Update to 1.2.9.1 which addresses a security vulnerability in the IAX2
channel driver (chan_iax2). The vulnerability affects all users with
IAX2 clients that might be compromised or used by a malicious user, and
can lead to denial of service attacks and random Asterisk server crashes
via a relatively trivial exploit.
From: maintainer Stuart Henderson <stu@spacehopper.org>
2006-06-12 19:04:10 +00:00
sturm
45d8b2e15f
use bcopy instead of memcpy to work around a gcc optimizer bug resulting
...
in unaligned accesses on sparc64
fix WANTLIB
honour CC, CFLAGS more or less
from Stuart Henderson <stu at spacehopper.org>
ok ian, jolan
2006-02-15 06:11:39 +00:00
jolan
cf55a16c2d
bison is no longer a BUILD_DEPENDS
2006-02-02 16:12:24 +00:00
todd
43939e07ca
Work by and tested by ian@ and Stuart Henderson, comments by jolan@
2006-02-02 03:41:36 +00:00
naddy
a2d49bdec4
catch up with header changes that have brought us in line with Free/NetBSD
2006-01-12 21:44:20 +00:00
jolan
c7aee7ccf1
update to 1.0.9, ok jcs pval
...
most notably fixes an overflow in the management interface (which is not
enabled by default)
2005-08-15 17:36:06 +00:00
jcs
12499fc400
- drop to _asterisk user/group by default
...
- move some files around and change file/directory owners to support
this
- bump pkgname
ok mr. jolan@
2005-05-09 16:50:05 +00:00
jcs
21340eeda8
update to asterisk-1.0.7
...
- put jolan's mirror second
- RUN_DEPENDS on sox and mpg123 for music on hold
- install example indications.conf so ringing works
ok jolan@
2005-05-01 02:12:46 +00:00
naddy
ae76d3ea1f
SIZE
2005-01-05 17:21:50 +00:00
alek
559c0cf4f4
Add WANTLIB marker
...
ok espie@
2004-12-05 15:15:20 +00:00
jolan
ea994b03de
asterisk-1.0.0, open source pbx
2004-09-26 00:38:23 +00:00