/* * Asterisk users bridging IAX2 to any channels using RTP (most common * VOIP channels, including SIP) should upgrade asap. */
1.2 diff below (update, regen patches, remove unnecessary " while there). 1.4 testers: update at http://spacehopper.org/openbsd/asterisk.tar.gz - sorry, only tested amd64 so far... "From: The Asterisk Development Team <[EMAIL PROTECTED]> Organization: Digium, Inc. Date: Tue, 17 Jul 2007 17:22:21 -0500 To: undisclosed-recipients: ; User-Agent: Icedove 1.5.0.10 (X11/20070329) Subject: [asterisk-announce] Critical Updates: Asterisk 1.2.22 and 1.4.8 released The Asterisk development team has released Asterisk versions 1.2.22 and 1.4.8. These releases contain fixes for four critical security vulnerabilities. One of these vulnerabilities is a remotely exploitable stack buffer overflow, which could allow an attacker to execute arbitrary code on the target machine. The other three are all remotely exploitable crash vulnerabilities. We have released Asterisk Security Advisories for each of the vulnerabilities. The current version of each advisory can be downloaded from the ftp site. http://ftp.digium.com/pub/asa/ASA-2007-014.pdf * Affected systems include those that bridge calls between chan_iax2 and any channel driver that uses RTP for media http://ftp.digium.com/pub/asa/ASA-2007-015.pdf * Affected systems include any system that has chan_iax2 enabled http://ftp.digium.com/pub/asa/ASA-2007-016.pdf * Affected systems include any system that has chan_skinny enabled http://ftp.digium.com/pub/asa/ASA-2007-017.pdf * Affected systems include any 1.4 system that has any channel driver that uses RTP for media enabled All users that have systems that meet any of the criteria listed above should upgrade as soon as possible. Thank you very much for your support." Index: Makefile =================================================================== RCS file: /cvs/ports/telephony/asterisk/Makefile,v retrieving revision 1.20 diff -u -p -r1.20 Makefile --- Makefile 2 Jul 2007 14:03:34 -0000 1.20 +++ Makefile 17 Jul 2007 23:53:04 -0000 @@ -1,7 +1,7 @@ # $OpenBSD: Makefile,v 1.20 2007/07/02 14:03:34 jolan Exp $ -COMMENT= "open source multi-protocol PBX and telephony toolkit" -DISTNAME= asterisk-1.2.19 +COMMENT= open source multi-protocol PBX and telephony toolkit +DISTNAME= asterisk-1.2.22 CATEGORIES= telephony MASTER_SITES= http://ftp.digium.com/pub/asterisk/releases/ Index: distinfo =================================================================== RCS file: /cvs/ports/telephony/asterisk/distinfo,v retrieving revision 1.15 diff -u -p -r1.15 distinfo --- distinfo 2 Jul 2007 14:03:34 -0000 1.15 +++ distinfo 17 Jul 2007 23:53:04 -0000 @@ -1,5 +1,5 @@ -MD5 (asterisk-1.2.19.tar.gz) = V/zwTrOzRp4WCRMVa7DoHw== -RMD160 (asterisk-1.2.19.tar.gz) = lB3sceSsX5mz8FnwINw7da8CFjs= -SHA1 (asterisk-1.2.19.tar.gz) = MKldiKfH24YFimw9Rw/2eIa8Q4E= -SHA256 (asterisk-1.2.19.tar.gz) = GGogbhexUgYlwqLG906NcC2z9aLkuj0vvp0DJlMKTnc= -SIZE (asterisk-1.2.19.tar.gz) = 10634282 +MD5 (asterisk-1.2.22.tar.gz) = Hg8lqZFMH8jJM5oaQUEZvg== +RMD160 (asterisk-1.2.22.tar.gz) = HrHak+y2FMStQHdcIvqTeE7dZeg= +SHA1 (asterisk-1.2.22.tar.gz) = A/hY2AX4JbGfUbmgnKmMoS9xPIM= +SHA256 (asterisk-1.2.22.tar.gz) = r3Tj1ArOJPbI0sqrU/9C+0cFbPR0QmXvE3I4lgIcFxY= +SIZE (asterisk-1.2.22.tar.gz) = 10642597 Index: patches/patch-asterisk_c =================================================================== RCS file: /cvs/ports/telephony/asterisk/patches/patch-asterisk_c,v retrieving revision 1.9 diff -u -p -r1.9 patch-asterisk_c --- patches/patch-asterisk_c 2 May 2007 17:29:25 -0000 1.9 +++ patches/patch-asterisk_c 17 Jul 2007 23:53:04 -0000 @@ -1,6 +1,6 @@ $OpenBSD: patch-asterisk_c,v 1.9 2007/05/02 17:29:25 jolan Exp $ ---- asterisk.c.orig Mon Apr 9 03:49:06 2007 -+++ asterisk.c Wed Apr 25 09:17:17 2007 +--- asterisk.c.orig Thu Jun 28 00:22:13 2007 ++++ asterisk.c Wed Jul 18 00:40:27 2007 @@ -454,7 +454,7 @@ int ast_safe_system(const char *s) /* Close file descriptors and launch system command */ for (x = STDERR_FILENO + 1; x < 4096; x++) @@ -10,7 +10,7 @@ $OpenBSD: patch-asterisk_c,v 1.9 2007/05 _exit(1); } else if (pid > 0) { for(;;) { -@@ -2043,7 +2043,7 @@ int main(int argc, char *argv[]) +@@ -2046,7 +2046,7 @@ int main(int argc, char *argv[]) int num; int is_child_of_nonroot=0; char *buf; @@ -19,7 +19,7 @@ $OpenBSD: patch-asterisk_c,v 1.9 2007/05 /* Remember original args for restart */ if (argc > sizeof(_argv) / sizeof(_argv[0]) - 1) { -@@ -2171,6 +2171,8 @@ int main(int argc, char *argv[]) +@@ -2174,6 +2174,8 @@ int main(int argc, char *argv[]) argv[x] = argv[0] + 10; } } Index: patches/patch-contrib_scripts_safe_asterisk =================================================================== RCS file: patches/patch-contrib_scripts_safe_asterisk diff -N patches/patch-contrib_scripts_safe_asterisk --- patches/patch-contrib_scripts_safe_asterisk 2 Jul 2007 14:03:34 -0000 1.1 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,12 +0,0 @@ -$OpenBSD: patch-contrib_scripts_safe_asterisk,v 1.1 2007/07/02 14:03:34 jolan Exp $ ---- contrib/scripts/safe_asterisk.orig Fri May 11 11:31:03 2007 -+++ contrib/scripts/safe_asterisk Mon Jul 2 08:55:05 2007 -@@ -39,7 +39,7 @@ ulimit -c unlimited - # - # Don't die if stdout/stderr can't be written to - # --trap '' SIGPIPE -+trap '' PIPE - - # - # Run scripts to set any environment variables or do any other system-specific setup needed