cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
53,278 Commits 1 Branch 0 Tags
Commit Graph

28 Commits

Author SHA1 Message Date
sthen
7737a925e8 Update to 1.4.26.2; mitigates IAX2 denial of service AST-2009-006. 
This makes an non-backwards-compatible change to the IAX2 protocol.
It can be disabled with various options, but is on by default.

IAX2 users, read http://downloads.digium.com/pub/security/AST-2009-006.html
and the new /usr/local/share/doc/asterisk/IAX2-security.pdf (available
online in http://svn.digium.com/svn/asterisk/tags/1.4.26.2/doc/).
 2009-09-04 00:46:35 +00:00
sthen
755a20c358 Distfiles rerolled with different music-on-hold files. 
See http://blogs.digium.com/2009/08/18/asterisk-music-on-hold-changes/
 2009-08-18 22:09:40 +00:00
sthen
c0d15916fc maintenance update to 1.4.25. disable building the speex plugin by default 
for now, it causes a SIGBUS at startup (and also did in the previous version)
which hasn't been tracked down yet.
 2009-05-22 09:05:10 +00:00
sthen
62883bdc32 Minor security update to 1.4.24.1 for AST-2009-003 "SIP responses 
expose valid usernames". This update changes "alwaysauthreject" to
return the same response for invalid username as it does for invalid
password.
 2009-04-02 19:37:25 +00:00
sthen
7f827346dd maintenance update to 1.4.24 2009-03-29 22:23:35 +00:00
sthen
baaf3b97ba SECURITY update to 1.4.22.1, fixing CVE-2009-0041: remote unauthenticated 
users with access to the IAX port can use it to verify validity of usernames.
No other code changes in this version.

While there, remove spurious @user from PLIST.
 2009-01-08 21:04:02 +00:00
naddy
a57993cf08 Change "${SYSCONFDIR}" to "/etc" for files that are *always* in the 
latter location.
 2008-10-28 15:21:48 +00:00
sthen
7dadcbac78 maintenance update to 1.4.22; many fixes. 2008-10-07 09:57:52 +00:00
sthen
cb6bf906d5 - bugfix update to 1.4.21.1, fixing a fairly major problem 
introduced in 1.4.21 by correcting the order of lock and unlock
in a deadlock avoidance macro... No other changes. Not security,
but if you're running 1.4.21, you definitely want this.

- regen PLIST to remove @bin from a symlink.
 2008-06-30 20:03:49 +00:00
sthen
d57b2a9a52 Update Asterisk to 1.4.21, lots of quality-control fixes 
ok ian
 2008-06-14 16:00:10 +00:00
sthen
7c7f03755a update to 1.4.19 
ok ian@
 2008-04-02 23:18:11 +00:00
sthen
5802de6f10 update asterisk to 1.4.18 (following testing during RC period) 
ok jolan
 2008-02-07 22:08:30 +00:00
sthen
2d388aff89 SECURITY update to 1.4.17, fixes AST-2007-027 (passwordless sip/iax peers, 
configured from "realtime" database rather than static .conf files, are not
subject to IP address restrictions).

ok ian
 2007-12-19 21:07:27 +00:00
sthen
0d8f4dba96 SECURITY update to Asterisk 1.4.15, fixes SQL problems with 
PostgreSQL drivers. AST-2007-025 (pgsql realtime) and AST-2007-026
(pgsql CDR logging).

ok jolan@
 2007-12-01 10:11:53 +00:00
sthen
ff506d6ff4 update Asterisk to 1.4.14 (with many bug fixes), and h323 flavor 
(for interactive builds only).

ok jolan, ian
 2007-11-27 10:41:04 +00:00
sthen
bb85f6fc39 bug-fix update to 1.4.12 
ok ian@
 2007-10-04 11:25:44 +00:00
sthen
9c5f5dcd0d major version update to 1.4.11, ok ian@ jolan@ 2007-09-05 22:42:52 +00:00
jolan
e137319740 SECURITY: update to 1.2.18 from maintainer stuart henderson 
ASA-2007-011: Multiple problems in SIP channel parser handling response
codes
ASA-2007-012: Remote Crash Vulnerability in Manager Interface
 2007-05-02 17:29:25 +00:00
ian
039ed98d9e 1.2.14->1.2.15 from maintainer, tested on i386 & amd64. 2007-02-11 01:03:28 +00:00
steven
27aabe3447 conflicts with asterisk-sounds-<=1.2.1p2 2006-12-29 22:21:41 +00:00
jolan
82ddf3f4d8 update to 1.2.14, from stuart henderson 2006-12-22 22:16:10 +00:00
jolan
eb7a26aef4 - install IAXy firmware in order to silence warning messages, prompted 
by jcs@

ok MAINTAINER
 2006-10-18 00:18:36 +00:00
naddy
ca6257ce12 SECURITY: 
Update to 1.2.9.1 which addresses a security vulnerability in the IAX2
channel driver (chan_iax2). The vulnerability affects all users with
IAX2 clients that might be compromised or used by a malicious user, and
can lead to denial of service attacks and random Asterisk server crashes
via a relatively trivial exploit.

From: maintainer Stuart Henderson <stu@spacehopper.org>
 2006-06-12 19:04:10 +00:00
todd
43939e07ca Work by and tested by ian@ and Stuart Henderson, comments by jolan@ 2006-02-02 03:41:36 +00:00
jolan
c7aee7ccf1 update to 1.0.9, ok jcs pval 
most notably fixes an overflow in the management interface (which is not
enabled by default)
 2005-08-15 17:36:06 +00:00
jcs
12499fc400 - drop to _asterisk user/group by default 
- move some files around and change file/directory owners to support
  this
- bump pkgname

ok mr. jolan@
 2005-05-09 16:50:05 +00:00
jcs
21340eeda8 update to asterisk-1.0.7 
- put jolan's mirror second
- RUN_DEPENDS on sox and mpg123 for music on hold
- install example indications.conf so ringing works

ok jolan@
 2005-05-01 02:12:46 +00:00
jolan
ea994b03de asterisk-1.0.0, open source pbx 2004-09-26 00:38:23 +00:00