CVSROOT: /cvs
Module name: ports
Changes by: st...@cvs.openbsd.org 2012/04/11 09:12:47
Modified files:
telephony/asterisk: Tag: OPENBSD_5_1 Makefile distinfo
telephony/asterisk/patches: Tag: OPENBSD_5_1 patch-bootstrap_sh
patch-channels_chan_unistim_c
patch-configure_ac
telephony/asterisk/pkg: Tag: OPENBSD_5_1 DESCR-main PLIST-main
Added files:
telephony/asterisk/patches: Tag: OPENBSD_5_1
patch-addons_chan_ooh323_c
patch-addons_chan_ooh323_h
patch-pbx_pbx_spool_c
Removed files:
telephony/asterisk/patches: Tag: OPENBSD_5_1
patch-channels_h323_ast_h323_cxx
patch-channels_h323_ast_h323_h
patch-main_asterisk_c
Log message:
MFC update to asterisk 1.8.11.0, relative to previous version this
includes fixes for various crash/deadlock problems and the following
SECURITY problems:
AST-2012-002: stack buffer overflow (remote unauthenticated sessions).
requires a dialplan using the Milliwatt application with the 'o' option,
and internal_timing off. Affects all 1.4+ Asterisk versions.
AST-2012-003: stack buffer overflow (remote unauth'd sessions) in HTTP
manager interface; triggered by long digest authentication strings.
Code injection possibility. Affects 1.8+.
