- crash in app_voicemail
- resource leak in SIP TCP/TLS
- ACK routing for non-2xx responses
- buffer overrun/memory leak in 'sip show peers' (race when adding peers whilst displaying)
- various locking problems
- remove unused non-working patches and framework for chan_h323;
this driver is deprecated upstream anyway.
- add patches to let the alternative chan_ooh323 addon module build.
currently unused in the port, 'make configure; cd $WRKSRC; gmake menuselect'
and enable it there if you want to play.
- sync unistim patch.
- mention the IMAP flavour in DESCR (and thus bump REVISION-main).
rthread. kern_time.c:itimerfix() requires the kevent interval timer to be
<= 100M seconds otherwise it passes an EINVAL back up, giving an error
return from kevent(). The initial timestamp is (INT_MAX-cur time) i.e.
around 800M so we hit this. Workaround by clamping tv_sec to 100M sec.
AST-2012-002: stack buffer overflow (remote unauthenticated sessions).
requires a dialplan using the Milliwatt application with the 'o' option,
and internal_timing off. Affects all 1.4+ Asterisk versions.
AST-2012-003: stack buffer overflow (remote unauth'd sessions) in HTTP
manager interface; triggered by long digest authentication strings.
Code injection possibility. Affects 1.8+.
- includes the iLBC codec which now has a free copyright license; patent
licensing has a "no litigation" clause (see codecs/ilbc/LICENSE_ADDENDUM)
so mark as not permitted for CDs
configurations with video disabled and the sRTP module loaded.
Funnily enough this didn't affect the port until about an hour
ago when sRTP was enabled.
AST-2011-008: If a remote user sends a SIP packet containing a null,
Asterisk assumes available data extends past the null to the
end of the packet when the buffer is actually truncated when
copied. This causes SIP header parsing to modify data past
the end of the buffer altering unrelated memory structures.
This vulnerability does not affect TCP/TLS connections.
-- Resolved in 1.6.2.18.1 and 1.8.4.3
AST-2011-009: A remote user sending a SIP packet containing a Contact header
with a missing left angle bracket (<) causes Asterisk to
access a null pointer.
-- Resolved in 1.8.4.3
AST-2011-010: A memory address was inadvertently transmitted over the
network via IAX2 via an option control frame and the remote party would try
to access it.
-- Resolved in 1.4.41.1, 1.6.2.18.1, and 1.8.4.3
recorded in asterisk's menuselect system, knocking out ODBC build if not
present (though this is only done, afaict, due to a missing dependency
in a unixodbc package on some linux version), so add libltdl as a
BUILD_DEPENDS.
Doesn't affect the packages, other than -odbc wasn't built before
unless you had libltdl installed, so no bump.
- Fix compliance with RFC 3261 section 18.2.2. (aka Cisco phone fix)
- Resolve a change in IPv6 header parsing due to the Cisco phone fix issue.
- Resolve potential crash when using SIP TLS support.
- Improve reliability when using SIP TLS.
- AST-2011-006, shell access via remote authenticated manager
sessions (logged-in manager users can execute shell commands via
the manager interface without having the "system" privilege that
should be required)
- AST-2011-005, DoS with remote unauthenticated sessions (add limits
to prevent unauthenticated users from tying up all available FDs for
the manager interface, SIP-over-TCP, Skinny and the built in HTTP
server).
(updating by way of upstream patch file, the full tar.gz isn't
available yet).
"Due to a failed merge, Asterisk 1.8.2.1 which should have included
the security fix did not. Asterisk 1.8.2.2 contains the the changes
which should have been included in Asterisk 1.8.2.1." ok ajacoutot@
when forming an outgoing SIP request while in pedantic mode, which
can cause a stack buffer to be made to overflow if supplied with
carefully crafted caller ID information"
http://downloads.asterisk.org/pub/security/AST-2011-001.html
This is also a major version update to the long-term support
1.8 branch, previous versions of this diff have been tested by
various ports@ readers, thanks for testing.
Please review /usr/local/share/doc/asterisk/UPGRADE.txt
(also note that memory use has increased).
ok ajacoutot@ jasper@
