ports/115289: [PATCH] update net/asterisk to 1.4.10
killfill
pneumann at gmail.com
Wed Aug 8 01:40:03 UTC 2007
>Number: 115289
>Category: ports
>Synopsis: [PATCH] update net/asterisk to 1.4.10
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: update
>Submitter-Id: current-users
>Arrival-Date: Wed Aug 08 01:40:02 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator: killfill
>Release: FreeBSD 6.2-PRERELEASE amd64
>Organization:
>Environment:
System: FreeBSD 6.2-PRERELEASE #0: Sat Dec 30 17:10:04 CLST 2006
root at fly.sofsis.cl:/usr/obj/usr/src/sys/GENERIC
>Description:
Update Asterisk to 1.4.10.
- chan_skinny bug fixed
- remove mpg123 (doc/mp3.txt)
>How-To-Repeat:
>Fix:
--- a-1.4.10.patch begins here ---
diff -ruN asterisk.orig/Makefile asterisk/Makefile
--- asterisk.orig/Makefile Sat Jul 28 08:27:29 2007
+++ asterisk/Makefile Tue Aug 7 20:59:47 2007
@@ -6,8 +6,7 @@
#
PORTNAME= asterisk
-PORTVERSION= 1.4.9
-PORTREVISION= 1
+PORTVERSION= 1.4.10
CATEGORIES= net
MASTER_SITES= http://ftp.digium.com/pub/asterisk/ \
http://ftp.digium.com/pub/asterisk/old-releases/
@@ -15,11 +14,9 @@
MAINTAINER= sobomax at FreeBSD.org
COMMENT= An Open Source PBX and telephony toolkit
-BUILD_DEPENDS= mpg123:${PORTSDIR}/audio/mpg123
LIB_DEPENDS= speex.1:${PORTSDIR}/audio/speex \
newt.51:${PORTSDIR}/devel/newt \
curl.4:${PORTSDIR}/ftp/curl
-RUN_DEPENDS= mpg123:${PORTSDIR}/audio/mpg123
ONLY_FOR_ARCHS= i386 sparc64 amd64
@@ -156,6 +153,6 @@
.endif
post-patch:
- ${REINPLACE_CMD} -e 's|/var/lib|${PREFIX}/share|g' ${WRKSRC}/configs/musiconhold.conf.sample
+ @${REINPLACE_CMD} -e 's|/var/lib|${PREFIX}/share|g' ${WRKSRC}/configs/musiconhold.conf.sample
.include <bsd.port.post.mk>
diff -ruN asterisk.orig/distinfo asterisk/distinfo
--- asterisk.orig/distinfo Thu Jul 26 22:41:09 2007
+++ asterisk/distinfo Tue Aug 7 20:47:09 2007
@@ -1,3 +1,3 @@
-MD5 (asterisk-1.4.9.tar.gz) = e47f5b3cb5323318dc8c6fb7311b767e
-SHA256 (asterisk-1.4.9.tar.gz) = c1b41503a0c29fd1f5172c834a60a3c5aacf472fd60a1272f743672af36602a6
-SIZE (asterisk-1.4.9.tar.gz) = 11182148
+MD5 (asterisk-1.4.10.tar.gz) = 69057e2916287f6e2a1e36dba6d6800d
+SHA256 (asterisk-1.4.10.tar.gz) = 72bbb19e35ec304df06dca717b7ac2cae0d3409fe47c17c2dcf75850f61ddbe1
+SIZE (asterisk-1.4.10.tar.gz) = 11208127
diff -ruN asterisk.orig/files/patch-configure asterisk/files/patch-configure
--- asterisk.orig/files/patch-configure Sun Jul 22 06:40:35 2007
+++ asterisk/files/patch-configure Tue Aug 7 20:55:05 2007
@@ -1,8 +1,8 @@
$FreeBSD: ports/net/asterisk/files/patch-configure,v 1.2 2007/07/22 10:40:35 sobomax Exp $
---- configure.orig
-+++ configure
+--- configure.orig Tue Aug 7 20:48:58 2007
++++ configure Tue Aug 7 20:54:30 2007
@@ -3926,8 +3926,6 @@
case "${host_os}" in
freebsd*)
@@ -12,23 +12,15 @@
;;
*)
ac_default_prefix=/usr
-@@ -26066,6 +26064,7 @@
+@@ -25189,6 +25187,7 @@
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
$ac_includes_default
+#include <ptlib.h>
- #include <${OPENH323DIR}/include/h323.h>
+ #include </usr/local/include/ptlib.h>
_ACEOF
rm -f conftest.$ac_objext
-@@ -26106,6 +26105,7 @@
- cat confdefs.h >>conftest.$ac_ext
- cat >>conftest.$ac_ext <<_ACEOF
- /* end confdefs.h. */
-+#include <ptlib.h>
- #include <${OPENH323DIR}/include/h323.h>
- _ACEOF
- if { (ac_try="$ac_cpp conftest.$ac_ext"
-@@ -26202,6 +26202,7 @@
+@@ -26228,6 +26227,7 @@
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
$ac_includes_default
@@ -36,7 +28,7 @@
#include <${HOME}/openh323/include/h323.h>
_ACEOF
rm -f conftest.$ac_objext
-@@ -26242,6 +26243,7 @@
+@@ -26268,6 +26268,7 @@
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
@@ -44,39 +36,7 @@
#include <${HOME}/openh323/include/h323.h>
_ACEOF
if { (ac_try="$ac_cpp conftest.$ac_ext"
-@@ -26336,6 +26338,7 @@
- cat >>conftest.$ac_ext <<_ACEOF
- /* end confdefs.h. */
- $ac_includes_default
-+#include <ptlib.h>
- #include </usr/local/include/openh323/h323.h>
- _ACEOF
- rm -f conftest.$ac_objext
-@@ -26376,6 +26379,7 @@
- cat confdefs.h >>conftest.$ac_ext
- cat >>conftest.$ac_ext <<_ACEOF
- /* end confdefs.h. */
-+#include <ptlib.h>
- #include </usr/local/include/openh323/h323.h>
- _ACEOF
- if { (ac_try="$ac_cpp conftest.$ac_ext"
-@@ -26475,6 +26479,7 @@
- cat >>conftest.$ac_ext <<_ACEOF
- /* end confdefs.h. */
- $ac_includes_default
-+#include <ptlib.h>
- #include </usr/include/openh323/h323.h>
- _ACEOF
- rm -f conftest.$ac_objext
-@@ -26515,6 +26520,7 @@
- cat confdefs.h >>conftest.$ac_ext
- cat >>conftest.$ac_ext <<_ACEOF
- /* end confdefs.h. */
-+#include <ptlib.h>
- #include </usr/include/openh323/h323.h>
- _ACEOF
- if { (ac_try="$ac_cpp conftest.$ac_ext"
-@@ -26700,7 +26706,7 @@
+@@ -26652,7 +26653,7 @@
fi
--- a-1.4.10.patch ends here ---
--- vul.diff begins here ---
--- vuln.xml.orig Tue Aug 7 21:34:13 2007
+++ vuln.xml Tue Aug 7 21:39:48 2007
@@ -34,6 +34,38 @@
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+
+ <vuln vid="1b35d5ce-4570-11dc-a2ea-0015f2171ebb">
+ <topic>asterisk -- vulnerability in skinny channel driver</topic>
+ <affects>
+ <package>
+ <name></name>
+ <range><lt>1.4.10</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Asterisk Security Advisory reports:</p>
+ <blockquote cite="http://downloads.digium.com/pub/asa/ASA-2007-019.html">
+ <p>The Asterisk Skinny channel driver, chan_skinny, has a
+ remotely exploitable crash vulnerability. A segfault can
+ occur when Asterisk receives a "CAPABILITIES_RES_MESSAGE"
+ packet where the capabilities count is greater than the
+ total number of items in the capabilities_res_message array.
+ Note that this requires an authenticated session.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>ASA-2007-019</cvename>
+ <url>http://downloads.digium.com/pub/asa/ASA-2007-019.html</url>
+ </references>
+ <dates>
+ <discovery>2007-08-07</discovery>
+ <entry>2007-08-07</entry>
+ </dates>
+ </vuln>
+
<vuln vid="4a338d17-412d-11dc-bdb0-0016179b2dd5">
<topic>fsplib -- multiple vulnerabilities</topic>
<affects>
--- vul.diff ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list