![[BACK]](/icons/back.gif){kind=icon}
Up to [cvs.NetBSD.org] / pkgsrc / comms / asterisk
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.179, Sun Sep 22 19:56:09 2019 UTC (4 years ago) by jnemeth
Branch: MAIN
CVS Tags: HEAD
Changes since 1.178: +1 -1
lines
FILE REMOVED
delete ancient Asterisk 11.*
Revision 1.178 / (download) - annotate - [select for diffs], Thu Aug 22 12:22:54 2019 UTC (4 years, 1 month ago) by ryoon
Branch: MAIN
Changes since 1.177: +2 -2
lines
Diff to previous 1.177 (colored)
Recursive revbump from boost-1.71.0
Revision 1.177 / (download) - annotate - [select for diffs], Sun Aug 11 13:18:07 2019 UTC (4 years, 1 month ago) by wiz
Branch: MAIN
Changes since 1.176: +2 -2
lines
Diff to previous 1.176 (colored)
Bump PKGREVISIONs for perl 5.30.0
Revision 1.176 / (download) - annotate - [select for diffs], Sun Jul 21 22:24:32 2019 UTC (4 years, 2 months ago) by wiz
Branch: MAIN
Changes since 1.175: +2 -2
lines
Diff to previous 1.175 (colored)
*: recursive bump for gdk-pixbuf2-2.38.1
Revision 1.175 / (download) - annotate - [select for diffs], Sat Jul 20 22:46:12 2019 UTC (4 years, 2 months ago) by wiz
Branch: MAIN
Changes since 1.174: +2 -2
lines
Diff to previous 1.174 (colored)
*: recursive bump for nettle 3.5.1
Revision 1.174 / (download) - annotate - [select for diffs], Mon Jul 1 04:08:00 2019 UTC (4 years, 2 months ago) by ryoon
Branch: MAIN
Changes since 1.173: +2 -2
lines
Diff to previous 1.173 (colored)
Recursive revbump from boost-1.70.0
Revision 1.173 / (download) - annotate - [select for diffs], Wed Apr 3 00:32:28 2019 UTC (4 years, 5 months ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2019Q2-base,
pkgsrc-2019Q2
Changes since 1.172: +2 -2
lines
Diff to previous 1.172 (colored)
Recursive revbump from textproc/icu
Revision 1.172 / (download) - annotate - [select for diffs], Thu Dec 13 19:51:43 2018 UTC (4 years, 9 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2019Q1-base,
pkgsrc-2019Q1,
pkgsrc-2018Q4-base,
pkgsrc-2018Q4
Changes since 1.171: +2 -2
lines
Diff to previous 1.171 (colored)
revbump for boost 1.69.0
Revision 1.171 / (download) - annotate - [select for diffs], Sun Dec 9 21:05:32 2018 UTC (4 years, 9 months ago) by adam
Branch: MAIN
Changes since 1.170: +1 -2
lines
Diff to previous 1.170 (colored)
Removed commented-out PKGREVISIONs
Revision 1.170 / (download) - annotate - [select for diffs], Sun Dec 9 18:52:17 2018 UTC (4 years, 9 months ago) by adam
Branch: MAIN
Changes since 1.169: +2 -2
lines
Diff to previous 1.169 (colored)
revbump after updating textproc/icu
Revision 1.169 / (download) - annotate - [select for diffs], Wed Nov 14 22:21:10 2018 UTC (4 years, 10 months ago) by kleink
Branch: MAIN
Changes since 1.168: +2 -2
lines
Diff to previous 1.168 (colored)
Revbump after cairo 1.16.0 update.
Revision 1.168 / (download) - annotate - [select for diffs], Mon Nov 12 03:51:48 2018 UTC (4 years, 10 months ago) by ryoon
Branch: MAIN
Changes since 1.167: +2 -2
lines
Diff to previous 1.167 (colored)
Recursive revbump from hardbuzz-2.1.1
Revision 1.167 / (download) - annotate - [select for diffs], Mon Oct 29 17:36:57 2018 UTC (4 years, 10 months ago) by jperkin
Branch: MAIN
Changes since 1.166: +6 -1
lines
Diff to previous 1.166 (colored)
asterisk*: Fix install on SunOS.
Revision 1.166 / (download) - annotate - [select for diffs], Wed Aug 22 09:43:03 2018 UTC (5 years, 1 month ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2018Q3-base,
pkgsrc-2018Q3
Changes since 1.165: +2 -2
lines
Diff to previous 1.165 (colored)
Recursive bump for perl5-5.28.0
Revision 1.165 / (download) - annotate - [select for diffs], Thu Aug 16 18:54:37 2018 UTC (5 years, 1 month ago) by adam
Branch: MAIN
Changes since 1.164: +2 -2
lines
Diff to previous 1.164 (colored)
revbump after boost-libs update
Revision 1.164 / (download) - annotate - [select for diffs], Fri Jul 20 03:34:04 2018 UTC (5 years, 2 months ago) by ryoon
Branch: MAIN
Changes since 1.163: +2 -1
lines
Diff to previous 1.163 (colored)
Recursive revbump from textproc/icu-62.1
Revision 1.163 / (download) - annotate - [select for diffs], Mon Jul 16 23:21:58 2018 UTC (5 years, 2 months ago) by jnemeth
Branch: MAIN
Changes since 1.162: +3 -3
lines
Diff to previous 1.162 (colored)
Update to Asterisk 11.25.3. This is a security update to fix
AST-2017-005, AST-2017-006, and AST-2017-008. There was no release
announcement as only security patches were issued. I just found
this update while looking to see what updates I was missing for
more recent versions of Asterisk. The Asterisk 11.x series was
declared end-of-life on Oct. 25th, 2017, so there will not be any
more updates to this package (other then PKGREVISION bumps for
dependencies) before it gets deleted. There is a reasonable chance
that there are unpatched vulnerabilities in this package. Anybody
still using it should upgrade a newer version as soon as possibble.
----- AST-2017-2005 -----
Description The "strictrtp" option in rtp.conf enables a feature of the
RTP stack that learns the source address of media for a
session and drops any packets that do not originate from
the expected address. This option is enabled by default in
Asterisk 11 and above.
The "nat" and "rtp_symmetric" options for chan_sip and
chan_pjsip respectively enable symmetric RTP support in the
RTP stack. This uses the source address of incoming media
as the target address of any sent media. This option is not
enabled by default but is commonly enabled to handle
devices behind NAT.
A change was made to the strict RTP support in the RTP
stack to better tolerate late media when a reinvite occurs.
When combined with the symmetric RTP support this
introduced an avenue where media could be hijacked. Instead
of only learning a new address when expected the new code
allowed a new source address to be learned at all times.
If a flood of RTP traffic was received the strict RTP
support would allow the new address to provide media and
with symmetric RTP enabled outgoing traffic would be sent
to this new address, allowing the media to be hijacked.
Provided the attacker continued to send traffic they would
continue to receive traffic as well.
Resolution The RTP stack will now only learn a new source address if it
has been told to expect the address to change. The RTCP
support has now also been updated to drop RTCP reports that
are not regarding the RTP session currently in progress. The
strict RTP learning progress has also been improved to guard
against a flood of RTP packets attempting to take over the
media stream.
----- AST-2017-006 -----
Description The app_minivm module has an "externnotify" program
configuration option that is executed by the MinivmNotify
dialplan application. The application uses the caller-id
name and number as part of a built string passed to the OS
shell for interpretation and execution. Since the caller-id
name and number can come from an untrusted source, a
crafted caller-id name or number allows an arbitrary shell
command injection.
Resolution Patched Asterisk's app_minivm module to use a different
system call that passes argument strings in an array instead
of having the OS shell determine the application parameter
boundaries.
----- AST-2017-008 -----
Description This is a follow up advisory to AST-2017-005.
Insufficient RTCP packet validation could allow reading
stale buffer contents and when combined with the "nat" and
"symmetric_rtp" options allow redirecting where Asterisk
sends the next RTCP report.
The RTP stream qualification to learn the source address of
media always accepted the first RTP packet as the new
source and allowed what AST-2017-005 was mitigating. The
intent was to qualify a series of packets before accepting
the new source address.
Resolution The RTP/RTCP stack will now validate RTCP packets before
processing them. Packets failing validation are discarded.
RTP stream qualification now requires the intended series of
packets from the same address without seeing packets from a
different source address to accept a new source address.
Revision 1.162 / (download) - annotate - [select for diffs], Sun Apr 29 21:31:29 2018 UTC (5 years, 4 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2018Q2-base,
pkgsrc-2018Q2
Changes since 1.161: +2 -2
lines
Diff to previous 1.161 (colored)
revbump for boost-libs update
Revision 1.161 / (download) - annotate - [select for diffs], Mon Apr 16 14:34:14 2018 UTC (5 years, 5 months ago) by wiz
Branch: MAIN
Changes since 1.160: +2 -2
lines
Diff to previous 1.160 (colored)
Recursive bump for new fribidi dependency in pango.
Revision 1.160 / (download) - annotate - [select for diffs], Sat Apr 14 07:34:11 2018 UTC (5 years, 5 months ago) by adam
Branch: MAIN
Changes since 1.159: +2 -2
lines
Diff to previous 1.159 (colored)
revbump after icu update
Revision 1.159 / (download) - annotate - [select for diffs], Mon Mar 12 11:16:12 2018 UTC (5 years, 6 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2018Q1-base,
pkgsrc-2018Q1
Changes since 1.158: +2 -2
lines
Diff to previous 1.158 (colored)
Recursive bumps for fontconfig and libzip dependency changes.
Revision 1.158 / (download) - annotate - [select for diffs], Mon Jan 1 21:18:17 2018 UTC (5 years, 8 months ago) by adam
Branch: MAIN
Changes since 1.157: +2 -2
lines
Diff to previous 1.157 (colored)
Revbump after boost update
Revision 1.157 / (download) - annotate - [select for diffs], Thu Nov 30 16:45:16 2017 UTC (5 years, 9 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2017Q4-base,
pkgsrc-2017Q4
Changes since 1.156: +2 -2
lines
Diff to previous 1.156 (colored)
Revbump after textproc/icu update
Revision 1.156 / (download) - annotate - [select for diffs], Mon Sep 18 09:53:12 2017 UTC (6 years ago) by maya
Branch: MAIN
CVS Tags: pkgsrc-2017Q3-base,
pkgsrc-2017Q3
Changes since 1.155: +2 -2
lines
Diff to previous 1.155 (colored)
revbump for requiring ICU 59.x
Revision 1.155 / (download) - annotate - [select for diffs], Thu Aug 24 20:03:07 2017 UTC (6 years ago) by adam
Branch: MAIN
Changes since 1.154: +2 -2
lines
Diff to previous 1.154 (colored)
Revbump for boost update
Revision 1.154 / (download) - annotate - [select for diffs], Sun Apr 30 01:21:30 2017 UTC (6 years, 4 months ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2017Q2-base,
pkgsrc-2017Q2
Changes since 1.153: +2 -2
lines
Diff to previous 1.153 (colored)
Recursive revbump from boost update
Revision 1.153 / (download) - annotate - [select for diffs], Sat Apr 22 21:03:26 2017 UTC (6 years, 5 months ago) by adam
Branch: MAIN
Changes since 1.152: +2 -2
lines
Diff to previous 1.152 (colored)
Revbump after icu update
Revision 1.152 / (download) - annotate - [select for diffs], Sun Feb 12 06:25:09 2017 UTC (6 years, 7 months ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2017Q1-base,
pkgsrc-2017Q1
Changes since 1.151: +2 -2
lines
Diff to previous 1.151 (colored)
Recursive revbump from fonts/harfbuzz
Revision 1.151 / (download) - annotate - [select for diffs], Mon Feb 6 13:55:09 2017 UTC (6 years, 7 months ago) by wiz
Branch: MAIN
Changes since 1.150: +2 -2
lines
Diff to previous 1.150 (colored)
Recursive bump for harfbuzz's new graphite2 dependency.
Revision 1.150 / (download) - annotate - [select for diffs], Thu Jan 19 18:52:04 2017 UTC (6 years, 8 months ago) by agc
Branch: MAIN
Changes since 1.149: +4 -4
lines
Diff to previous 1.149 (colored)
Convert all occurrences (353 by my count) of MASTER_SITES= site1 \ site2 style continuation lines to be simple repeated MASTER_SITES+= site1 MASTER_SITES+= site2 lines. As previewed on tech-pkg. With thanks to rillig for fixing pkglint accordingly.
Revision 1.149 / (download) - annotate - [select for diffs], Sun Jan 1 16:06:05 2017 UTC (6 years, 8 months ago) by adam
Branch: MAIN
Changes since 1.148: +2 -1
lines
Diff to previous 1.148 (colored)
Revbump after boost update
Revision 1.148 / (download) - annotate - [select for diffs], Sun Dec 11 00:50:15 2016 UTC (6 years, 9 months ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2016Q4-base,
pkgsrc-2016Q4
Changes since 1.147: +2 -3
lines
Diff to previous 1.147 (colored)
Update to Asterisk 11.25.1: this fixes AST-2016-009.
Asterisk Project Security Advisory - ASTERISK-2016-009
Product Asterisk
Summary
Nature of Advisory Authentication Bypass
Susceptibility Remote unauthenticated sessions
Severity Minor
Exploits Known No
Reported On October 3, 2016
Reported By Walter Doekes
Posted On
Last Updated On December 8, 2016
Advisory Contact Mmichelson AT digium DOT com
CVE Name
Description The chan_sip channel driver has a liberal definition for
whitespace when attempting to strip the content between a
SIP header name and a colon character. Rather than
following RFC 3261 and stripping only spaces and horizontal
tabs, Asterisk treats any non-printable ASCII character as
if it were whitespace. This means that headers such as
Contact\x01:
will be seen as a valid Contact header.
This mostly does not pose a problem until Asterisk is
placed in tandem with an authenticating SIP proxy. In such
a case, a crafty combination of valid and invalid To
headers can cause a proxy to allow an INVITE request into
Asterisk without authentication since it believes the
request is an in-dialog request. However, because of the
bug described above, the request will look like an
out-of-dialog request to Asterisk. Asterisk will then
process the request as a new call. The result is that
Asterisk can process calls from unvetted sources without
any authentication.
If you do not use a proxy for authentication, then this
issue does not affect you.
If your proxy is dialog-aware (meaning that the proxy keeps
track of what dialogs are currently valid), then this issue
does not affect you.
If you use chan_pjsip instead of chan_sip, then this issue
l
does not affect you.
Resolution chan_sip has been patched to only treat spaces and
horizontal tabs as whitespace following a header name. This
allows for Asterisk and authenticating proxies to view
requests the same way
Affected Versions
Product Release
Series
Asterisk Open Source 11.x All Releases
Asterisk Open Source 13.x All Releases
Asterisk Open Source 14.x All Releases
Certified Asterisk 13.8 All Releases
Corrected In
Product Release
Asterisk Open Source 11.25.1, 13.13.1, 14.2.1
Certified Asterisk 11.6-cert16, 13.8-cert4
Patches
SVN URL Revision
Links
Asterisk Project Security Advisories are posted at
http://www.asterisk.org/security
This document may be superseded by later versions; if so, the latest
version will be posted at
http://downloads.digium.com/pub/security/ASTERISK-2016-009.pdf and
http://downloads.digium.com/pub/security/ASTERISK-2016-009.html
Revision History
Date Editor Revisions Made
November 28, 2016 Mark Michelson Initial writeup
Asterisk Project Security Advisory - ASTERISK-2016-009
Copyright (c) 2016 Digium, Inc. All Rights Reserved.
Permission is hereby granted to distribute and publish this advisory in its
original, unaltered form.
Revision 1.147 / (download) - annotate - [select for diffs], Sun Dec 4 05:17:19 2016 UTC (6 years, 9 months ago) by ryoon
Branch: MAIN
Changes since 1.146: +2 -1
lines
Diff to previous 1.146 (colored)
Recursive revbump from textproc/icu 58.1
Revision 1.146 / (download) - annotate - [select for diffs], Sun Nov 27 04:42:26 2016 UTC (6 years, 9 months ago) by jnemeth
Branch: MAIN
Changes since 1.145: +2 -2
lines
Diff to previous 1.145 (colored)
Update to Asterisk 11.25.0: this is a bug fix release.
The Asterisk Development Team has announced the release of Asterisk 11.25.0.
The release of Asterisk 11.25.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following are the issues resolved in this release:
Bugs fixed in this release:
-----------------------------------
* ASTERISK-26503 - app_voicemail: Asterisk crashes when
MailboxExists is used (Reported by Doug Lytle)
* ASTERISK-26480 - [patch] CLI: core set debug: Auto-completes
File not Module (Reported by Alexander Traud)
* ASTERISK-26356 - menuselect: invalid test for GTK2 (Reported by
Tzafrir Cohen)
* ASTERISK-26462 - [patch] app_queue: While using queues with
realtime, setting back to an empty context doesn't stop the exit
key usage (Reported by Leandro Dardini)
* ASTERISK-26457 - [patch] force_rport,auto_comedia: No NAT
detection triggered. (Reported by Alexander Traud)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.25.0
Thank you for your continued support of Asterisk!
Revision 1.145 / (download) - annotate - [select for diffs], Fri Oct 28 07:26:26 2016 UTC (6 years, 10 months ago) by jnemeth
Branch: MAIN
Changes since 1.144: +2 -2
lines
Diff to previous 1.144 (colored)
Update to Asterisk 11.24.1: this is a critical bug fix release.
The Asterisk Development Team has announced the release of Asterisk 11.24.1.
The release of Asterisk 11.24.1 resolves an issue reported by the
community and would have not been possible without your participation.
Thank you!
The following is the issue resolved in this release:
Bugs fixed in this release:
-----------------------------------
* ASTERISK-26503 - app_voicemail: Asterisk crashes when
MailboxExists is used (Reported by Doug Lytle)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.24.1
Thank you for your continued support of Asterisk!
Revision 1.144 / (download) - annotate - [select for diffs], Wed Oct 26 05:53:37 2016 UTC (6 years, 10 months ago) by jnemeth
Branch: MAIN
Changes since 1.143: +2 -3
lines
Diff to previous 1.143 (colored)
Update to Asterisk 11.24.0: this is a bug fix release.
The Asterisk Development Team has announced the release of Asterisk 11.24.0.
The release of Asterisk 11.24.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following are the issues resolved in this release:
Bugs fixed in this release:
-----------------------------------
* ASTERISK-26438 - [patch] chan_sip: auto_force_rport: No NAT = No
Symmetric Response. (Reported by Alexander Traud)
* ASTERISK-18232 - Broken REGISTER sent to IPv4 server when
bindaddr=[::] (Reported by Jacek)
* ASTERISK-26359 - [patch] cdr_mysql: fails to use UTC if so
instructed (Reported by Tzafrir Cohen)
* ASTERISK-19968 - TCP Session-Timers not dropping call (Reported
by Aaron Hamstra)
* ASTERISK-26360 - app_queue: "queue show" output gets "failed to
extend from 240 to 327" msgs. (Reported by Richard Mudgett)
* ASTERISK-26272 - chan_sip: File descriptors leak (UDP sockets)
(Reported by Etienne Lessard)
* ASTERISK-26288 - followme: fails to reset config items to
default values on reload (Reported by Tzafrir Cohen)
* ASTERISK-26282 - AEL: macro-call in Dial application, macro
"lacks 's' extension" (Reported by chris de rock)
* ASTERISK-26226 - pbx: Asterisk crash on AMI action
"ShowDialplan" when there's a circular dependency between
contexts (Reported by Etienne Lessard)
* ASTERISK-26299 - app_queue: Queue application sometimes stops
calling members with Local interface (Reported by Etienne
Lessard)
* ASTERISK-26306 - channel: Hang-up crashes, chan_pjsip not
cleaning up properly (Reported by Alexander Traud)
* ASTERISK-26203 - res_fax: Deadlock when using
FAXOPT(gateway)=yes with Local channels (Reported by Etienne
Lessard)
* ASTERISK-24822 - Deadlock: Fax Gateway framehook creates locking
inversion in T.38 query option with features bridging code
(Reported by David Brillert)
* ASTERISK-22732 - Deadlock potential in res_fax and CCSS with
local channels. (Reported by Richard Mudgett)
* ASTERISK-24841 - ConfBridge: Strange sampling rates chosen when
channels have multiple native formats (Reported by Matt Jordan)
* ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of
SSLv3, security fix POODLE (CVE-2014-3566) (Reported by
abelbeck)
* ASTERISK-25706 - pbx: Abort asterisk on features reload
(handle_hint_change) (Reported by Krzysztof Trempala)
* ASTERISK-26233 - pbx: Failure to remove inconsistent extension
names (Reported by Corey Farrell)
* ASTERISK-26267 - ast_register_atexit callbacks should be run on
failed startup. (Reported by Corey Farrell)
* ASTERISK-26265 - Errors ignored from some parts of system
initialization. (Reported by Corey Farrell)
* ASTERISK-25996 - Remove "live_dangerously" requirement on
DB(read) (Reported by Andrew Nagy)
* ASTERISK-26237 - Fax is detected on regular calls. (Reported by
Richard Mudgett)
* ASTERISK-23013 - [patch] Deadlock between 'sip show channels'
command and attended transfer handling (Reported by Ben
Smithurst)
* ASTERISK-26211 - Unit tests: AST_TEST_DEFINE should be used in
conditional code. (Reported by Corey Farrell)
* ASTERISK-26207 - [patch] sRTP: Count a roll-over of the sequence
number even on lost packets. (Reported by Alexander Traud)
* ASTERISK-26038 - 'make install' doesn't seem to install OS/X
init files (Reported by Tzafrir Cohen)
* ASTERISK-26133 - app_queue: Queue members receive multiple calls
(Reported by Richard Miller)
* ASTERISK-26196 - pbx: Time based includes can leak timezone
string (Reported by Corey Farrell)
* ASTERISK-25659 - res_rtp_asterisk: ECDH not negotiated causing
DTLS failure occurred on RTP instance (Reported by Edwin
Vandamme)
* ASTERISK-26046 - [patch] Avoid obsolete warnings on autoconf.
(Reported by Alexander Traud)
* ASTERISK-25289 - Build System does not respect CFLAGS and
CXXFLAGS when building menuselect (Reported by Jeffrey Walton)
* ASTERISK-26119 - [patch] fix: memory leaks, resource leaks, out
of bounds and bugs (Reported by Alexei Gradinari)
* ASTERISK-26179 - chan_sip: Second T.38 request fails (Reported
by Joshua Colp)
* ASTERISK-26157 - Build: Fix errors highlighted by GCC 6.x
(Reported by George Joseph)
Improvements made in this release:
-----------------------------------
* ASTERISK-26220 - Add support for noreturn function attributes.
(Reported by Corey Farrell)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.24.0
Thank you for your continued support of Asterisk!
Revision 1.143 / (download) - annotate - [select for diffs], Sun Oct 9 21:41:55 2016 UTC (6 years, 11 months ago) by wiz
Branch: MAIN
Changes since 1.142: +2 -2
lines
Diff to previous 1.142 (colored)
Recursive bump for all users of pgsql now that the default is 95.
Revision 1.142 / (download) - annotate - [select for diffs], Fri Oct 7 18:25:40 2016 UTC (6 years, 11 months ago) by adam
Branch: MAIN
Changes since 1.141: +2 -1
lines
Diff to previous 1.141 (colored)
Revbump post boost update
Revision 1.141 / (download) - annotate - [select for diffs], Fri Sep 23 19:16:29 2016 UTC (6 years, 11 months ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2016Q3-base,
pkgsrc-2016Q3
Changes since 1.140: +9 -3
lines
Diff to previous 1.140 (colored)
Update to Asterisk 11.23.1: this is a security fix release to fix AST-2016-007. Note that on Oct. 25th, this branch of Asterisk will switch to security fixes, and one year later it will read end-of-life. pkgsrc changes: - don't use gethostbyname_r on NetBSD - eliminate conflict with new hmac(1) function on NetBSd ----- AST-2016-007 The overlap dialing feature in chan_sip allows chan_sip to report to a device that the number that has been dialed is incomplete and more digits are required. If this functionality is used with a device that has performed username/password authentication RTP resources are leaked. This occurs because the code fails to release the old RTP resources before allocating new ones in this scenario. If all resources are used then RTP port exhaustion will occur and no RTP sessions are able to be set up.
Revision 1.140 / (download) - annotate - [select for diffs], Wed Aug 3 10:22:34 2016 UTC (7 years, 1 month ago) by adam
Branch: MAIN
Changes since 1.139: +2 -1
lines
Diff to previous 1.139 (colored)
Revbump after graphics/gd update
Revision 1.139 / (download) - annotate - [select for diffs], Sat Jul 23 08:27:44 2016 UTC (7 years, 2 months ago) by jnemeth
Branch: MAIN
Changes since 1.138: +2 -3
lines
Diff to previous 1.138 (colored)
Update to Asterisk 11.23.0: this is a bug fix release.
The Asterisk Development Team has announced the release of Asterisk 11.23.0.
The release of Asterisk 11.23.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following are the issues resolved in this release:
Bugs fixed in this release:
-----------------------------------
* ASTERISK-26141 - res_fax: fax_v21_session_new leaks reference to
v21_details (Reported by Corey Farrell)
* ASTERISK-26140 - res_rtp_asterisk: gcc 6 caught a
self-comparison (Reported by George Joseph)
* ASTERISK-26138 - chan_unistim: Under FreeBSD, chan_unistim
generates a compile error (Reported by George Joseph)
* ASTERISK-26130 - [patch] WebRTC: Should use latest DTLS version.
(Reported by Alexander Traud)
* ASTERISK-26126 - [patch] leverage 'bindaddr' for TLS in
http.conf (Reported by Alexander Traud)
* ASTERISK-26069 - Asterisk truncates To: header, dropping the
closing '>' (Reported by Vasil Kolev)
* ASTERISK-26097 - [patch] CLI: show maximum file descriptors
(Reported by Alexander Traud)
* ASTERISK-24436 - Missing header in res/res_srtp.c when compiling
against libsrtp-1.5.0 (Reported by Patrick Laimbock)
* ASTERISK-26091 - [patch] ar cru creates warning, instead use ar
cr (Reported by Alexander Traud)
* ASTERISK-26038 - 'make install' doesn't seem to install OS/X
init files (Reported by Tzafrir Cohen)
* ASTERISK-26034 - T.38 passthrough problem behind firewall due to
early nosignal packet (Reported by George Joseph)
* ASTERISK-26030 - call cut because of double Session-Expires
header in re-invite after proxy authentication is required
(Reported by George Joseph)
* ASTERISK-26008 - app_followme does not delete recorded name
prompt (Reported by Tzafrir Cohen)
* ASTERISK-24463 - Voicemail email address corrupt or not sent
when message is in the process of being recorded during reload
(Reported by John Campbell)
* ASTERISK-25917 - [patch]app_voicemail: passwordlocation=spooldir
only works if you manually add secret.conf yourself (Reported by
Jonathan R. Rose)
* ASTERISK-25954 - Manager QueueSummary and QueueStatus Actions
are case sensitive to QueueName (Reported by Javier Acosta)
* ASTERISK-16115 - [patch] problem with ringinuse=no, queue
members receive sometimes two calls (Reported by nik600)
* ASTERISK-25934 - chan_sip should not require sipregs or
updateable sippeers table unless rt (Reported by Jaco Kroon)
* ASTERISK-25888 - Frequent segfaults in function can_ring_entry()
of app_queue.c (Reported by Sébastien Couture)
* ASTERISK-25874 - app_voicemail: Stack buffer overflow in
test_voicemail_notify_endl (Reported by Badalian Vyacheslav)
* ASTERISK-25912 - chan_local passes AST_CONTROL_PVT_CAUSE_CODE
without adding them to the local hangupcauses via
ast_channel_hangupcause_hash_set (Reported by Jaco Kroon)
* ASTERISK-25407 - Asterisk fails to log to multiple syslog
destinations (Reported by Elazar Broad)
* ASTERISK-25510 - [patch]Log to syslog failing (Reported by
Michael Newton)
Improvements made in this release:
-----------------------------------
* ASTERISK-25444 - [patch]Music On Hold Warning misleading
(Reported by Conrad de Wet)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.23.0
Thank you for your continued support of Asterisk!
Revision 1.138 / (download) - annotate - [select for diffs], Sat Jul 9 06:37:55 2016 UTC (7 years, 2 months ago) by wiz
Branch: MAIN
Changes since 1.137: +2 -1
lines
Diff to previous 1.137 (colored)
Bump PKGREVISION for perl-5.24.0 for everything mentioning perl.
Revision 1.137 / (download) - annotate - [select for diffs], Thu May 5 02:00:33 2016 UTC (7 years, 4 months ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2016Q2-base,
pkgsrc-2016Q2
Changes since 1.136: +7 -7
lines
Diff to previous 1.136 (colored)
Update to Asterisk 11.22.0: this is mostly a bug fix release.
----- 11.22.0
The Asterisk Development Team has announced the release of Asterisk 11.22.0.
The release of Asterisk 11.22.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following are the issues resolved in this release:
Bugs fixed in this release:
-----------------------------------
* ASTERISK-25857 - func_aes: incorrect use of strlen() leads to
data corruption (Reported by Gianluca Merlo)
* ASTERISK-25321 - [patch]DeadLock ChanSpy with call over Local
channel (Reported by Filip Frank)
* ASTERISK-25800 - [patch] Calculate talktime when is first call
answered (Reported by Rodrigo Ramirez Norambuena)
* ASTERISK-25272 - [patch]The ICONV dialplan function sometimes
returns garbage (Reported by Etienne Lessard)
* ASTERISK-20987 - non-admin users, who join muted conference are
not being muted (Reported by hristo)
* ASTERISK-24972 - Transport Layer Security (TLS) Protocol BEAST
Vulnerability - Investigate vulnerability of HTTP server
(Reported by Alex A. Welzl)
* ASTERISK-25603 - [patch]udptl: Uninitialized lengths and bufs in
udptl_rx_packet cause ast_frdup crash (Reported by Walter
Doekes)
* ASTERISK-25742 - Secondary IFP Packets can result in accessing
uninitialized pointers and a crash (Reported by Torrey Searle)
* ASTERISK-25397 - [patch]chan_sip: File descriptor leak with
non-default timert1 (Reported by Alexander Traud)
* ASTERISK-25730 - build: make uninstall after make distclean
tries to remove root (Reported by George Joseph)
* ASTERISK-25722 - ASAN & testsute: stack-buffer-overflow in
sip_sipredirect (Reported by Badalian Vyacheslav)
* ASTERISK-25714 - ASAN:heap-buffer-overflow in logger.c (Reported
by Badalian Vyacheslav)
* ASTERISK-24801 - ASAN: ast_el_read_char stack-buffer-overflow
(Reported by Badalian Vyacheslav)
* ASTERISK-25701 - core: Endless loop in "core show
taskprocessors" (Reported by ibercom)
* ASTERISK-25700 - main/config: Clean config maps on shutdown.
(Reported by Corey Farrell)
* ASTERISK-25690 - Hanging up when executing connected line sub
does not cause hangup (Reported by Joshua Colp)
* ASTERISK-25687 - res_musiconhold: Concurrent invocations of 'moh
reload' cause a crash (Reported by Sean Bright)
* ASTERISK-25394 - pbx: Incorrect device and presence state when
changing hint details (Reported by Joshua Colp)
* ASTERISK-25640 - pbx: Deadlock on features reload and state
change hint. (Reported by Krzysztof Trempala)
* ASTERISK-25681 - devicestate: Engine thread is not shut down
(Reported by Corey Farrell)
* ASTERISK-25680 - manager: manager_channelvars is not cleaned at
shutdown (Reported by Corey Farrell)
* ASTERISK-25679 - res_calendar leaks scheduler. (Reported by
Corey Farrell)
* ASTERISK-25677 - pbx_dundi: leaks during failed load. (Reported
by Corey Farrell)
* ASTERISK-25673 - res_crypto leaks CLI entries (Reported by Corey
Farrell)
* ASTERISK-25647 - bug of cel_radius.c: wrong point of
ADD_VENDOR_CODE (Reported by Aaron An)
* ASTERISK-25614 - DTLS negotiation delays (Reported by Dade
Brandon)
* ASTERISK-25442 - using realtime (mysql) queue members are never
updated in wait_our_turn function (app_queue.c) (Reported by
Carlos Oliva)
* ASTERISK-25624 - AMI Event OriginateResponse bug (Reported by
sungtae kim)
Improvements made in this release:
-----------------------------------
* ASTERISK-24813 - asterisk.c: #if statement in listener()
confuses code folding editors (Reported by Corey Farrell)
* ASTERISK-25767 - [patch] Add check to configure for sanitizes
(Reported by Badalian Vyacheslav)
* ASTERISK-25068 - Move commonly used FreePBX extra sounds to the
core set (Reported by Rusty Newton)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.22.0
Thank you for your continued support of Asterisk!
----- 11.21.2
The Asterisk Development Team has announced the release of Asterisk 11.21.2.
The release of Asterisk 11.21.2 resolves an issue reported by the
community and would have not been possible without your participation.
Thank you!
The following is the issue resolved in this release:
Bugs fixed in this release:
-----------------------------------
* ASTERISK-25770 - Check for OpenSSL defines before trying to use
them. (Reported by Kevin Harwell)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.21.2
Thank you for your continued support of Asterisk!
Revision 1.136 / (download) - annotate - [select for diffs], Mon Apr 11 19:01:43 2016 UTC (7 years, 5 months ago) by ryoon
Branch: MAIN
Changes since 1.135: +2 -2
lines
Diff to previous 1.135 (colored)
Recursive revbump from textproc/icu 57.1
Revision 1.135 / (download) - annotate - [select for diffs], Sat Mar 5 11:28:10 2016 UTC (7 years, 6 months ago) by jperkin
Branch: MAIN
CVS Tags: pkgsrc-2016Q1-base,
pkgsrc-2016Q1
Changes since 1.134: +2 -1
lines
Diff to previous 1.134 (colored)
Bump PKGREVISION for security/openssl ABI bump.
Revision 1.134 / (download) - annotate - [select for diffs], Thu Feb 25 11:32:19 2016 UTC (7 years, 6 months ago) by jperkin
Branch: MAIN
Changes since 1.133: +3 -5
lines
Diff to previous 1.133 (colored)
Use OPSYSVARS.
Revision 1.133 / (download) - annotate - [select for diffs], Sun Feb 7 08:18:43 2016 UTC (7 years, 7 months ago) by jnemeth
Branch: MAIN
Changes since 1.132: +19 -17
lines
Diff to previous 1.132 (colored)
Update to Asterisk 11.21.1: this is mainly a bug patch update plus
fixes for AST-2016-001, AST-2016-002, and AST-2016-003. Also some
pkglinting.
----- 11.21.1
The Asterisk Development Team has announced security releases for Certified
Asterisk 11.6 and 13.1 and Asterisk 11 and 13. The available security releases
are released as versions 11.6-cert12, 11.21.1, 13.1-cert3, and 13.7.1.
The release of these versions resolves the following security vulnerabilities:
* AST-2016-001: BEAST vulnerability in HTTP server
The Asterisk HTTP server currently has a default configuration which allows
the BEAST vulnerability to be exploited if the TLS functionality is enabled.
This can allow a man-in-the-middle attack to decrypt data passing through it.
* AST-2016-002: File descriptor exhaustion in chan_sip
Setting the sip.conf timert1 value to a value higher than 1245 can cause an
integer overflow and result in large retransmit timeout times. These large
timeout values hold system file descriptors hostage and can cause the system
to run out of file descriptors.
* AST-2016-003: Remote crash vulnerability receiving UDPTL FAX data.
If no UDPTL packets are lost there is no problem. However, a lost packet
causes Asterisk to use the available error correcting redundancy packets. If
those redundancy packets have zero length then Asterisk uses an uninitialized
buffer pointer and length value which can cause invalid memory accesses later
when the packet is copied.
For a full list of changes in the current releases, please see the ChangeLogs:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.21.1
The security advisories are available at:
* http://downloads.asterisk.org/pub/security/AST-2016-001.pdf
* http://downloads.asterisk.org/pub/security/AST-2016-002.pdf
* http://downloads.asterisk.org/pub/security/AST-2016-003.pdf
Thank you for your continued support of Asterisk!
----- 11.21.0
The Asterisk Development Team has announced the release of Asterisk 11.21.0.
The release of Asterisk 11.21.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following are the issues resolved in this release:
Bugs fixed in this release:
-----------------------------------
* ASTERISK-25640 - pbx: Deadlock on features reload and state
change hint. (Reported by Krzysztof Trempala)
* ASTERISK-25364 - [patch]Issue a TCP connection(kernel) and
thread of asterisk is not released (Reported by Hiroaki Komatsu)
* ASTERISK-25569 - app_meetme: Audio quality issues (Reported by
Corey Farrell)
* ASTERISK-25609 - [patch]Asterisk may crash when calling
ast_channel_get_t38_state(c) (Reported by Filip Jenicek)
* ASTERISK-24146 - [patch]No audio on WebRtc caller side when
answer waiting time is more than ~7sec (Reported by Aleksei
Kulakov)
* ASTERISK-25599 - [patch] SLIN Resampling Codec only 80 msec
(Reported by Alexander Traud)
* ASTERISK-25616 - Warning with a Codec Module which supports PLC
with FEC (Reported by Alexander Traud)
* ASTERISK-25610 - Asterisk crash during "sip reload" (Reported by
Dudás József)
* ASTERISK-25498 - Asterisk crashes when negotiating g729 without
that module installed (Reported by Ben Langfeld)
* ASTERISK-25476 - chan_sip loses registrations after a while
(Reported by Michael Keuter)
* ASTERISK-25593 - fastagi: record file closed after sending
result (Reported by Kevin Harwell)
* ASTERISK-25585 - [patch]rasterisk never hits most of main(), but
it's assumed to (Reported by Walter Doekes)
* ASTERISK-25552 - hashtab: Improve NULL tolerance (Reported by
Joshua Colp)
* ASTERISK-25449 - main/sched: Regression introduced by
5c713fdf18f causes erroneous duplicate RTCP messages; other
potential scheduling issues in chan_sip/chan_skinny (Reported by
Matt Jordan)
* ASTERISK-25537 - [patch] format-attribute module: RFC or
internal defaults? (Reported by Alexander Traud)
* ASTERISK-25373 - add documentation for CALLERID(pres) and also
the CONNECTEDLINE and REDIRECTING variants (Reported by Walter
Doekes)
* ASTERISK-25527 - Quirky xmldoc description wrapping (Reported by
Walter Doekes)
* ASTERISK-25434 - Compiler flags not reported in 'core show
settings' despite usage during compilation (Reported by Rusty
Newton)
* ASTERISK-25494 - build: GCC 5.1.x catches some new const, array
bounds and missing paren issues (Reported by George Joseph)
* ASTERISK-7803 - [patch] Update the maximum packetization values
in frame.c (Reported by dea)
* ASTERISK-25461 - Nested dialplan #includes don't work as
expected. (Reported by Richard Mudgett)
* ASTERISK-25455 - Deadlock of PJSIP realtime over
res_config_pgsql (Reported by mdu113)
* ASTERISK-25135 - [patch]RTP Timeout hangup cause code missing
(Reported by Olle Johansson)
* ASTERISK-25400 - Hints broken when "CustomPresence" doesn't
exist in AstDB (Reported by Andrew Nagy)
* ASTERISK-25443 - [patch]IPv6 - Potential issue in via header
parsing (Reported by ffs)
* ASTERISK-25391 - AMI GetConfigJSON returns invalid JSON
(Reported by Bojan Nemi)
* ASTERISK-25438 - res_rtp_asterisk: ICE role message even when
ICE is not enabled (Reported by Joshua Colp)
Improvements made in this release:
-----------------------------------
* ASTERISK-24718 - [patch]Add inital support of "sanitize" to
configure (Reported by Badalian Vyacheslav)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.21.0
Thank you for your continued support of Asterisk!
Revision 1.132 / (download) - annotate - [select for diffs], Mon Nov 2 12:02:23 2015 UTC (7 years, 10 months ago) by tnn
Branch: MAIN
CVS Tags: pkgsrc-2015Q4-base,
pkgsrc-2015Q4
Changes since 1.131: +2 -2
lines
Diff to previous 1.131 (colored)
extraneous parenthesis crept in in Darwin conditional
Revision 1.131 / (download) - annotate - [select for diffs], Mon Nov 2 00:34:04 2015 UTC (7 years, 10 months ago) by tnn
Branch: MAIN
Changes since 1.130: +8 -8
lines
Diff to previous 1.130 (colored)
appease pkglint
Revision 1.130 / (download) - annotate - [select for diffs], Mon Nov 2 00:03:59 2015 UTC (7 years, 10 months ago) by tnn
Branch: MAIN
Changes since 1.129: +17 -7
lines
Diff to previous 1.129 (colored)
Use ${COMPILER_INCLUDE_DIRS} instead of hardcoded /usr/include
Revision 1.129 / (download) - annotate - [select for diffs], Tue Oct 27 08:49:01 2015 UTC (7 years, 10 months ago) by jnemeth
Branch: MAIN
Changes since 1.128: +14 -6
lines
Diff to previous 1.128 (colored)
Update Asterisk to 11.20.0: this is mainly a bug fix release.
pkgsrc changes:
- from joerg@
- srtp support
- new asterisk-config option to control installing of sample config files
- manifest.xml for Solaris' SMF
- various bugfixes, some reworked by myself
- backport kqueue timer update from Asterisk 13
-----
The Asterisk Development Team has announced the release of Asterisk 11.20.0.
The release of Asterisk 11.20.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following are the issues resolved in this release:
Bugs fixed in this release:
-----------------------------------
* ASTERISK-25449 - main/sched: Regression introduced by
5c713fdf18f causes erroneous duplicate RTCP messages; other
potential scheduling issues in chan_sip/chan_skinny (Reported by
Matt Jordan)
* ASTERISK-25438 - res_rtp_asterisk: ICE role message even when
ICE is not enabled (Reported by Joshua Colp)
* ASTERISK-25427 - Callerid change does not always emit
NewCallerid AMI event (Reported by Ivan Poddubny)
* ASTERISK-25407 - Asterisk fails to log to multiple syslog
destinations (Reported by Elazar Broad)
* ASTERISK-25410 - app_record: RECORDED_FILE variable not being
populated (Reported by Kevin Harwell)
* ASTERISK-25394 - pbx: Incorrect device and presence state when
changing hint details (Reported by Joshua Colp)
* ASTERISK-25396 - chan_sip: Extremely long callerid name causes
invalid SIP (Reported by Walter Doekes)
* ASTERISK-25353 - [patch] Transcoding while different in Frame
size = Frames lost (Reported by Alexander Traud)
* ASTERISK-25227 - No audio at in-band announcements in ooh323
channel (Reported by Alexandr Dranchuk)
* ASTERISK-25346 - chan_sip: Overwriting answered elsewhere hangup
cause on call pickup (Reported by Joshua Colp)
* ASTERISK-25215 - Differences in queue.log between Set
QUEUE_MEMBER and using PauseQueueMember (Reported by Lorne
Gaetz)
* ASTERISK-25320 - chan_sip.c: sip_report_security_event searches
for wrong or non existent peer on invite (Reported by Kevin
Harwell)
* ASTERISK-25315 - DAHDI channels send shortened duration DTMF
tones. (Reported by Richard Mudgett)
* ASTERISK-25312 - res_http_websocket: Terminate connection on
fatal cases (Reported by Joshua Colp)
* ASTERISK-25265 - [patch]DTLS Failure when calling WebRTC-peer on
Firefox 39 - add ECDH support and fallback to prime256v1
(Reported by Stefan Engström)
Improvements made in this release:
-----------------------------------
* ASTERISK-25310 - [patch]on FreeBSD also pthread_attr_init()
defaults to PTHREAD_EXPLICIT_SCHED (Reported by Guido Falsi)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.20.0
Thank you for your continued support of Asterisk!
Revision 1.128 / (download) - annotate - [select for diffs], Sat Oct 10 01:58:01 2015 UTC (7 years, 11 months ago) by ryoon
Branch: MAIN
Changes since 1.127: +2 -2
lines
Diff to previous 1.127 (colored)
Recursive revbump from textproc/icu
Revision 1.127 / (download) - annotate - [select for diffs], Tue Aug 18 07:31:03 2015 UTC (8 years, 1 month ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2015Q3-base,
pkgsrc-2015Q3
Changes since 1.126: +2 -1
lines
Diff to previous 1.126 (colored)
Bump all packages that depend on curses.bui* or terminfo.bui* since they might incur ncurses dependencies on some platforms, and ncurses just bumped its shlib. Some packages were bumped twice now, sorry for that.
Revision 1.126 / (download) - annotate - [select for diffs], Sun Aug 9 04:10:01 2015 UTC (8 years, 1 month ago) by jnemeth
Branch: MAIN
Changes since 1.125: +1 -2
lines
Diff to previous 1.125 (colored)
quickly eliminate PKGREVISION on update
Revision 1.125 / (download) - annotate - [select for diffs], Sun Aug 9 04:07:13 2015 UTC (8 years, 1 month ago) by jnemeth
Branch: MAIN
Changes since 1.124: +3 -3
lines
Diff to previous 1.124 (colored)
Update to Asterisk 11.19.0: this is mainly a bug fix release with
minor features
pkgsrc changes:
- new version of core sounds
- add options for SNMP and PostgreSQL from Mike Bowie in PR/49661
and by popular demand
- add back support for menuselect personalization as that's how I was
doing menuselect non-interactively
- XXX need to look at a better way of doing this
- disable PJSIP for now as it doesn't work well on NetBSD from Mike Bowie
Since I added an option for PostgreSQL I also looked at adding an
option for directly using MySQL. Turns out that all the MySQL
modules are in the addons directory and are marked as being
deprecated. So I didn't bother. While investigating this, I also
noted that all the pgsql modules are marked as "extended" support.
This basically means that it is supported by the community, but
there is no one person listed as being responsible who would take
the lead for maintaining them. This basically means that they are
unsupported / low priority. See
https://wiki.asterisk.org/wiki/display/AST/Asterisk+Module+Support+States .
Also with the pgsql modules, there is no way to do a database query
from the dialplan. Thus it is recommended to use the unixodbc
option as the modules are supported and offer the most functionality.
-----
The Asterisk Development Team has announced the release of Asterisk 11.19.0.
The release of Asterisk 11.19.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following are the issues resolved in this release:
Bugs fixed in this release:
-----------------------------------
* ASTERISK-25250 - chan_sip - Despite the channel being answered,
caller on a call established via Local channel continues to hear
ringback (Reported by Etienne Lessard)
* ASTERISK-25247 - choppy audio when spying on a g722 channel,
chan_sip or chan_pjsip (Reported by hristo)
* ASTERISK-24853 - Documentation claims chan_sip outbound
registrations support WS or WSS as valid transports (not true)
(Reported by PSDK)
* ASTERISK-25257 - [patch]channels/sig_pri.h -> sig_pri_span ->
force_restart_unavailable_chans in wrong scope (Reported by
Patric Marschall)
* ASTERISK-25103 - Roundup - investigate Asterisk DTLS crashes
(Reported by Rusty Newton)
* ASTERISK-22805 - res_rtp_asterisk: Crash when calling
BIO_ctrl_pending in dtls_srtp_check_pending when dialed by JSSIP
(Reported by Dmitry Burilov)
* ASTERISK-24550 - res_rtp_asterisk: Crash in
ast_rtp_on_ice_complete during DTLS handshake (Reported by
Osaulenko Alexander)
* ASTERISK-24651 - [patch] Fix race condition in DTLS (Reported by
Badalian Vyacheslav)
* ASTERISK-24832 - [patch]DTLS-crashes within openssl (Reported
by Stefan Engström)
* ASTERISK-25127 - DTLS crashes following "Unable to cancel
schedule ID" in dtls_srtp_check_pending (Reported by Dade
Brandon)
* ASTERISK-25213 - [patch]Possibility of deadlock in chan_sip
INVITE early Replace code (Reported by Walter Doekes)
* ASTERISK-25220 - [patch]Closing of fd -1 in chan_mgcp.c
(Reported by Walter Doekes)
* ASTERISK-25219 - [patch]Source and destination overlap in memcpy
in rtp_engine.c (Reported by Walter Doekes)
* ASTERISK-25212 - [patch]Segfault when using DEBUG_FD_LEAKS
(Reported by Walter Doekes)
* ASTERISK-19277 - [patch]endlessly repeating error: "poll failed:
Bad file descriptor" (Reported by Barry Chern)
* ASTERISK-25202 - Hints extension state broken between 13.3.2 and
13.4 (Reported by cervajs)
* ASTERISK-25154 - [patch]fromtag may need to be updated after
successful call dialog match (Reported by Damian Ivereigh)
* ASTERISK-25139 - Malicious transfer sequence locks up Asterisk
(Reported by Gregory Massel)
* ASTERISK-25094 - PBX core: Investigate thread safety issues
(Reported by Corey Farrell)
* ASTERISK-22559 - gcc 4.6 and higher supports weakref attribute
but asterisk doesn't detect it. (Reported by ibercom)
* ASTERISK-24717 - ASAN: global-buffer-overflow codec_{ilbc | gsm
| adpcm | ipc10} (Reported by Badalian Vyacheslav)
* ASTERISK-25100 - asterisk coredump if host has an IPv6 address
that end with ::80 (Reported by Mark Petersen)
Improvements made in this release:
-----------------------------------
* ASTERISK-25040 - pbx: Improve performance of reloads by making
hint destruction more performant (Reported by Matt Jordan)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.19.0
Thank you for your continued support of Asterisk!
-----
The Asterisk Development Team has announced the release of Asterisk 11.18.0.
The release of Asterisk 11.18.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following are the issues resolved in this release:
Bugs fixed in this release:
-----------------------------------
* ASTERISK-25112 - Logger: Configuration settings are not reset to
default during reload. (Reported by Corey Farrell)
* ASTERISK-24887 - [patch]tags in a=crypto lines do not accept 2
or more digits (Reported by Makoto Dei)
* ASTERISK-24944 - main/audiohook.c change prevents G722 call
recording (Reported by Ronald Raikes)
* ASTERISK-25083 - Message.c: Message channel becomes saturated
with frames leading to spammy log messages (Reported by Jonathan
Rose)
* ASTERISK-25041 - [patch]Broken column type checking in
res_config_mysql addon (Reported by Alexandre Fournier)
* ASTERISK-21893 - Segfault after call hangup, in
ast_channel_hangupcause_set, at channel_internal_api.c (Reported
by Alexandr Gordeev)
* ASTERISK-25074 - Regression: Recent clang-related change broke
cross compiling of Asterisk (Reported by Sebastian Kemper)
* ASTERISK-25042 - asterisk.conf options override command-line
options. (Reported by Corey Farrell)
* ASTERISK-24442 - Outgoing call files don't work properly when
set in the future (Reported by tootai)
* ASTERISK-25034 - chan_dahdi: Some telco switches occasionally
ignore ISDN RESTART requests. (Reported by Richard Mudgett)
* ASTERISK-25038 - Queue log "EXITWITHTIMEOUT" does not always
contain waiting time (Reported by Etienne Lessard)
* ASTERISK-22708 - res_odbc.conf negative_connection_cache option
not respected, failover between DSNs doesn't work (Reported by
JoshE)
* ASTERISK-25028 - Build System: Unneeded defines in
asterisk/buildopts.h (Reported by Corey Farrell)
* ASTERISK-19608 - Asterisk-1.8.x starts rejecting calls with
cause code 44 after some time. (Reported by Denis Alberto
Martinez)
* ASTERISK-24976 - cdr_odbc not include new columns added on 1.8
(Reported by Rodrigo Ramirez Norambuena)
* ASTERISK-25022 - Memory leak setting up DTLS/SRTP calls
(Reported by Steve Davies)
* ASTERISK-22790 - check_modem_rate() may return incorrect rate
for V.27 (Reported by not here)
* ASTERISK-23231 - Since 405693 If we have res_fax.conf file set
to minrate=2400, then res_fax refuse to load (Reported by David
Brillert)
* ASTERISK-24955 - res_fax: v.27ter support baud rate of 2400,
which is disallowed in res_fax's check_modem_rate (Reported by
Matt Jordan)
* ASTERISK-24916 - Increasing memory usage when multiple reinvite
during call (Reported by Christophe Osuna)
* ASTERISK-19538 - Asterisk segfaults on sippeers realtime
redundancy (Reported by Alex)
* ASTERISK-24749 - ConfBridge: Wrong language on playing
conf-hasjoin and conf-hasleft when played to bridge (Reported by
Philippe Bolduc)
* ASTERISK-24991 - Check for ao2_alloc failure in
__ast_channel_internal_alloc (Reported by Corey Farrell)
* ASTERISK-24895 - After hangup on the side of the ISDN network no
HangupRequest event comes for the dahdi channel. (Reported by
Andrew Zherdin)
* ASTERISK-24774 - Segfault in ast_context_destroy with
extensions.ael and extensions.conf (Reported by Corey Farrell)
* ASTERISK-24975 - Enabling 'DEBUG_THREADLOCALS' Causes the Build
to Fail (Reported by Ashley Sanders)
* ASTERISK-24959 - [patch]CLI command cdr show pgsql status
(Reported by Rodrigo Ramirez Norambuena)
* ASTERISK-24954 - Git migration: Asterisk version numbers are
incompatible with the Test Suite (Reported by Matt Jordan)
* ASTERISK-21777 - Asterisk tries to transcode video instead of
audio (Reported by Nick Ruggles)
* ASTERISK-24380 - core: Native formats are set to h264 with
certain audio/video codec configuration, resulting in path
translation WARNINGs (Reported by Matt Jordan)
* ASTERISK-22352 - [patch] IAX2 custom qualify timer is not taken
into account (Reported by Frederic Van Espen)
* ASTERISK-24894 - [patch] iax2_poke_noanswer expiration timer too
short (Reported by Y Ateya)
* ASTERISK-23319 - Segmentation fault in queue_exec at app_queue.c
(Reported by Vadim)
* ASTERISK-24847 - [security] [patch] tcptls: certificate CN NULL
byte prefix bug (Reported by Matt Jordan)
* ASTERISK-21211 - chan_iax2 - unprotected access of
iaxs[peer->callno] potentially results in segfault (Reported by
Jaco Kroon)
* ASTERISK-18032 - [patch] - IPv6 and IPv4 NAT not working
(Reported by Christoph Timm)
* ASTERISK-24942 - Voicemail API: message is deleted when
destination mailbox is at maxmsg (Reported by Scott Griepentrog)
* ASTERISK-24932 - Asterisk 13.x does not build with GCC 5.0
(Reported by Jeffrey C. Ollie)
* ASTERISK-21854 - Long Asterisk-version strings display
improperly in the 'Connected to ...' line upon remote console
connection (Reported by klaus3000)
* ASTERISK-24155 - [patch]Non-portable and non-reliable recursion
detection in ast_malloc (Reported by Timo Teräs)
* ASTERISK-24142 - CCSS: crash during shutdown due to device
lookup in destroyed container (Reported by David Brillert)
* ASTERISK-24683 - Crash in PBX ast_hashtab_lookup_internal during
core restart now (Reported by Peter Katzmann)
* ASTERISK-24805 - [patch] - ASAN: Race condition
(heap-use-after-free) on asterisk closing (Reported by Badalian
Vyacheslav)
* ASTERISK-24881 - ast_register_atexit should only be used when
absolutely needed (Reported by Corey Farrell)
* ASTERISK-24864 - app_confbridge: file playback blocks dtmf
(Reported by Kevin Harwell)
* ASTERISK-14233 - [patch] Buddies are always auto-registered when
processing the roster (Reported by Simon Arlott)
* ASTERISK-24780 - [patch] - Buddies are always auto-registered
when processing the roster (Reported by Simon Arlott)
Improvements made in this release:
-----------------------------------
* ASTERISK-24744 - Swedish Core Voice prompts (Reported by Tove
Hjelm)
* ASTERISK-25043 - [patch] Avoiding ERR_remove_state in OpenSSL
(Reported by Alexander Traud)
* ASTERISK-24917 - [patch] clang compilation warnings (Reported by
Diederik de Groot)
* ASTERISK-25040 - pbx: Improve performance of reloads by making
hint destruction more performant (Reported by Matt Jordan)
* ASTERISK-24965 - cel_pgsql - log_error string references CDR
instead of CEL (Reported by Rodrigo Ramirez Norambuena)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.18.0
Thank you for your continued support of Asterisk!
Revision 1.124 / (download) - annotate - [select for diffs], Fri Jun 12 10:48:29 2015 UTC (8 years, 3 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2015Q2-base,
pkgsrc-2015Q2
Changes since 1.123: +2 -1
lines
Diff to previous 1.123 (colored)
Recursive PKGREVISION bump for all packages mentioning 'perl', having a PKGNAME of p5-*, or depending such a package, for perl-5.22.0.
Revision 1.123 / (download) - annotate - [select for diffs], Tue May 19 07:52:14 2015 UTC (8 years, 4 months ago) by jnemeth
Branch: MAIN
Changes since 1.122: +2 -3
lines
Diff to previous 1.122 (colored)
Update to Asterisk 11.17.1: this contains a security fix, plus various bugs.
pkgsrc changes:
- adapt to upstream support for clang
- more comprehensive sweep for 64-bit time_t related stuff
- XXX pjsip has its own time related stuff that is 32-bit only
-----
The Asterisk Development Team has announced security releases for Certified
Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available
security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11,
11.17.1, 12.8.2, 13.1-cert2, and 13.3.2.
The release of these versions resolves the following security vulnerability:
* AST-2015-003: TLS Certificate Common name NULL byte exploit
When Asterisk registers to a SIP TLS device and and verifies the server,
Asterisk will accept signed certificates that match a common name other than
the one Asterisk is expecting if the signed certificate has a common name
containing a null byte after the portion of the common name that Asterisk
expected. This potentially allows for a man in the middle attack.
For more information about the details of this vulnerability, please read
security advisory AST-2015-003, which was released at the same time as this
announcement.
For a full list of changes in the current releases, please see the ChangeLogs:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1
The security advisory is available at:
* http://downloads.asterisk.org/pub/security/AST-2015-003.pdf
Thank you for your continued support of Asterisk!
-----
The Asterisk Development Team has announced the release of Asterisk 11.17.0.
The release of Asterisk 11.17.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following are the issues resolved in this release:
New Features made in this release:
-----------------------------------
* ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation
(Reported by Dwayne Hubbard)
Bugs fixed in this release:
-----------------------------------
* ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in
res_odbc (Reported by ibercom)
* ASTERISK-22436 - [patch] No BYE to masqueraded channel on INVITE
with replaces (Reported by Eelco Brolman)
* ASTERISK-24479 - Enable REF_DEBUG for module references
(Reported by Corey Farrell)
* ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to
fully disconnect underlying socket, leading to events being
dropped with no additional information (Reported by Matt Jordan)
* ASTERISK-24772 - ODBC error in realtime sippeers when device
unregisters under MariaDB (Reported by Richard Miller)
* ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove
(Reported by Corey Farrell)
* ASTERISK-24799 - [patch] make fails with undefined reference to
SSLv3_client_method (Reported by Alexander Traud)
* ASTERISK-24787 - [patch] - Microsoft exchange incompatibility
for playing back messages stored in IMAP - play_message: No
origtime (Reported by Graham Barnett)
* ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc
OSX with 64 bit integers (Reported by Corey Farrell)
* ASTERISK-24796 - Codecs and bucket schema's prevent module
unload (Reported by Corey Farrell)
* ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML
(Reported by Ashley Sanders)
* ASTERISK-24797 - bridge_softmix: G.729 codec license held
(Reported by Kevin Harwell)
* ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid
thread ID being passed to pthread_kill (Reported by JoshE)
* ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime
fail (Reported by Terry Wilson)
* ASTERISK-23214 - chan_sip WARNING message 'We are requesting
SRTP for audio, but they responded without it' is ambiguous and
wrong in some cases (Reported by Rusty Newton)
* ASTERISK-15434 - [patch] When ast_pbx_start failed, both an
error response and BYE are sent to the caller (Reported by
Makoto Dei)
* ASTERISK-18105 - most of asterisk modules are unbuildable in
cygwin environment (Reported by feyfre)
* ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell)
* ASTERISK-24838 - chan_sip: Locking inversion occurs when
building a peer causes a peer poke during request handling
(Reported by Richard Mudgett)
* ASTERISK-24825 - Caller ID not recognized using
Centrex/Distinctive dialing (Reported by Richard Mudgett)
* ASTERISK-24739 - [patch] - Out of files -- call fails --
numerous files with inodes from under /usr/share/zoneinfo,
mostly posixrules (Reported by Ed Hynan)
* ASTERISK-23390 - NewExten Event with application AGI shows up
before and after AGI runs (Reported by Benjamin Keith Ford)
* ASTERISK-24786 - [patch] - Asterisk terminates when playing a
voicemail stored in LDAP (Reported by Graham Barnett)
* ASTERISK-24808 - res_config_odbc: Improper escaping of
backslashes occurs with MySQL (Reported by Javier Acosta)
* ASTERISK-20850 - [patch]Nested functions aren't portable.
Adapting RAII_VAR to use clang/llvm blocks to get the
same/similar functionality. (Reported by Diederik de Groot)
* ASTERISK-19470 - Documentation on app_amd is incorrect (Reported
by Frank DiGennaro)
* ASTERISK-21038 - Bad command completion of "core set debug
channel" (Reported by Richard Kenner)
* ASTERISK-18708 - func_curl hangs channel under load (Reported by
Dave Cabot)
* ASTERISK-16779 - Cannot disallow unknown format '' (Reported by
Atis Lezdins)
* ASTERISK-24876 - Investigate reference leaks from
tests/channels/local/local_optimize_away (Reported by Corey
Farrell)
* ASTERISK-24817 - init_logger_chain: unreachable code block
(Reported by Corey Farrell)
* ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by
snuffy)
* ASTERISK-24879 - [patch]Compilation fails due to 64bit time
under OpenBSD (Reported by snuffy)
Improvements made in this release:
-----------------------------------
* ASTERISK-24790 - Reduce spurious noise in logs from voicemail -
Couldn't find mailbox %s in context (Reported by Graham Barnett)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.17.0
Thank you for your continued support of Asterisk!
-----
The Asterisk Development Team has announced the release of Asterisk 11.16.0.
The release of Asterisk 11.16.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following are the issues resolved in this release:
Bugs fixed in this release:
-----------------------------------
* ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS
from JSSIP (Reported by Badalian Vyacheslav)
* ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag
enabled (Reported by Richard Mudgett)
* ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is
enabled (Reported by Andreas Steinmetz)
* ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly
casts char to unsigned int (Reported by Walter Doekes)
* ASTERISK-24337 - Spammy DEBUG message needs to be at a higher
level - 'Remote address is null, most likely RTP has been
stopped' (Reported by Rusty Newton)
* ASTERISK-23733 - 'reload acl' fails if acl.conf is not present
on startup (Reported by Richard Kenner)
* ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong
destination when 'sendrpid=yes' (in proxy environment) (Reported
by Karsten Wemheuer)
* ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT
(Reported by Kristian Høgh)
* ASTERISK-20744 - [patch] Security event logging does not work
over syslog (Reported by Michael Keuter)
* ASTERISK-23850 - Park Application does not respect Return
Context Priority (Reported by Andrew Nagy)
* ASTERISK-23991 - [patch]asterisk.pc file contains a small error
in the CFlags returned (Reported by Diederik de Groot)
* ASTERISK-24288 - [patch] - ODBC usage with app_voicemail -
voicemail is not deleted after review, hangup (Reported by LEI
FU)
* ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects
32-bit packages on 64-bit hosts (Reported by Ben Klang)
* ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor
m() option does not queue an MWI event (Reported by Gareth
Palmer)
* ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive
column comparison for 'defaultuser' (Reported by
HZMI8gkCvPpom0tM)
* ASTERISK-24719 - ConfBridge recording channels get stuck when
recording started/stopped more than once (Reported by Richard
Mudgett)
* ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported
by Kevin Harwell)
* ASTERISK-24728 - tcptls: Bad file descriptor error when
reloading chan_sip (Reported by Kevin Harwell)
* ASTERISK-24676 - Security Vulnerability: URL request injection
in libCURL (CVE-2014-8150) (Reported by Matt Jordan)
* ASTERISK-24711 - DTLS handshake broken with latest OpenSSL
versions (Reported by Jared Biel)
* ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by
Stephan Eisvogel)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.16.0
Thank you for your continued support of Asterisk!
Revision 1.122 / (download) - annotate - [select for diffs], Sun Apr 26 11:52:18 2015 UTC (8 years, 4 months ago) by ryoon
Branch: MAIN
Changes since 1.121: +2 -2
lines
Diff to previous 1.121 (colored)
Recursive revbump from databases/unixodbc.
Revision 1.121 / (download) - annotate - [select for diffs], Sat Apr 25 14:20:29 2015 UTC (8 years, 4 months ago) by tnn
Branch: MAIN
Changes since 1.120: +2 -2
lines
Diff to previous 1.120 (colored)
Recursive revbump following MesaLib update, categories a through f.
Revision 1.120 / (download) - annotate - [select for diffs], Mon Apr 6 08:17:22 2015 UTC (8 years, 5 months ago) by adam
Branch: MAIN
Changes since 1.119: +2 -1
lines
Diff to previous 1.119 (colored)
Revbump after updating textproc/icu
Revision 1.119 / (download) - annotate - [select for diffs], Sun Mar 15 22:26:26 2015 UTC (8 years, 6 months ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2015Q1-base,
pkgsrc-2015Q1
Changes since 1.118: +2 -2
lines
Diff to previous 1.118 (colored)
NOT_FOR_PLATFORM->BROKEN_ON_PLATFORM as requested by dholland@
Revision 1.118 / (download) - annotate - [select for diffs], Thu Jan 29 21:54:33 2015 UTC (8 years, 7 months ago) by jnemeth
Branch: MAIN
Changes since 1.117: +2 -2
lines
Diff to previous 1.117 (colored)
Update to Asterisk 11.15.1: this is a security fix.
pkgsrc change: adapt to splitting up of speex
The Asterisk Development Team has announced security releases for Certified
Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available
security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10,
11.15.1, 12.8.1, and 13.1.1.
The release of these versions resolves the following security vulnerabilities:
* AST-2015-001: File descriptor leak when incompatible codecs are offered
Asterisk may be configured to only allow specific audio or
video codecs to be used when communicating with a
particular endpoint. When an endpoint sends an SDP offer
that only lists codecs not allowed by Asterisk, the offer
is rejected. However, in this case, RTP ports that are
allocated in the process are not reclaimed.
This issue only affects the PJSIP channel driver in
Asterisk. Users of the chan_sip channel driver are not
affected.
* AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability
CVE-2014-8150 reported an HTTP request injection
vulnerability in libcURL. Asterisk uses libcURL in its
func_curl.so module (the CURL() dialplan function), as well
as its res_config_curl.so (cURL realtime backend) modules.
Since Asterisk may be configured to allow for user-supplied
URLs to be passed to libcURL, it is possible that an
attacker could use Asterisk as an attack vector to inject
unauthorized HTTP requests if the version of libcURL
installed on the Asterisk server is affected by
CVE-2014-8150.
For more information about the details of these vulnerabilities, please read
security advisory AST-2015-001 and AST-2015-002, which were released at the same
time as this announcement.
For a full list of changes in the current releases, please see the ChangeLogs:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1
The security advisories are available at:
* http://downloads.asterisk.org/pub/security/AST-2015-001.pdf
* http://downloads.asterisk.org/pub/security/AST-2015-002.pdf
Thank you for your continued support of Asterisk!
Revision 1.117 / (download) - annotate - [select for diffs], Tue Dec 16 01:00:22 2014 UTC (8 years, 9 months ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2014Q4-base,
pkgsrc-2014Q4
Changes since 1.116: +2 -2
lines
Diff to previous 1.116 (colored)
Update to Asterisk 11.15.0: this is mostly a bug fix release.
The Asterisk Development Team has announced the release of Asterisk 11.15.0.
The release of Asterisk 11.15.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following are the issues resolved in this release:
Bugs fixed in this release:
-----------------------------------
* ASTERISK-20127 - [Regression] Config.c config_text_file_load()
unescapes semicolons ("\;" -> ";") turning them into comments
(corruption) on rewrite of a config file (Reported by George
Joseph)
* ASTERISK-24307 - Unintentional memory retention in stringfields
(Reported by Etienne Lessard)
* ASTERISK-24492 - main/file.c: ast_filestream sometimes causes
extra calls to ast_module_unref (Reported by Corey Farrell)
* ASTERISK-24504 - chan_console: Fix reference leaks to pvt
(Reported by Corey Farrell)
* ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS
length exceeds 50 (roughly) national symbols (Reported by
Dmitriy Bubnov)
* ASTERISK-24500 - Regression introduced in chan_mgcp by SVN
revision r227276 (Reported by Xavier Hienne)
* ASTERISK-20402 - Unable to cancel (features.conf) attended
transfer (Reported by Matt Riddell)
* ASTERISK-24505 - manager: http connections leak references
(Reported by Corey Farrell)
* ASTERISK-24502 - Build fails when dev-mode, dont optimize and
coverage are enabled (Reported by Corey Farrell)
* ASTERISK-24444 - PBX: Crash when generating extension for
pattern matching hint (Reported by Leandro Dardini)
* ASTERISK-24522 - ConfBridge: delay occurs between kicking all
endmarked users when last marked user leaves (Reported by Matt
Jordan)
* ASTERISK-15242 - transmit_refer leaks sip_refer structures
(Reported by David Woolley)
* ASTERISK-24440 - Call leak in Confbridge (Reported by Ben Klang)
* ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs
allow blocked addresses through (Reported by Matt Jordan)
* ASTERISK-24516 - [patch]Asterisk segfaults when playing back
voicemail under high concurrency with an IMAP backend (Reported
by David Duncan Ross Palmer)
* ASTERISK-24572 - [patch]App_meetme is loaded without its
defaults when the configuration file is missing (Reported by
Nuno Borges)
* ASTERISK-24573 - [patch]Out of sync conversation recording when
divided in multiple recordings (Reported by Nuno Borges)
Improvements made in this release:
-----------------------------------
* ASTERISK-24283 - [patch]Microseconds precision in the eventtime
column in the cel_odbc module (Reported by Etienne Lessard)
* ASTERISK-24530 - [patch] app_record stripping 1/4 second from
recordings (Reported by Ben Smithurst)
* ASTERISK-24577 - Speed up loopback switches by avoiding unneeded
lookups (Reported by Birger "WIMPy" Harzenetter)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.15.0
Thank you for your continued support of Asterisk!
Revision 1.111.2.2 / (download) - annotate - [select for diffs], Sun Dec 14 09:52:57 2014 UTC (8 years, 9 months ago) by tron
Branch: pkgsrc-2014Q3
Changes since 1.111.2.1: +1 -1
lines
Diff to previous 1.111.2.1 (colored) to branchpoint 1.111 (colored) next main 1.112 (colored)
Pullup ticket #4572 - requested by jnemeth
comms/asterisk: security update
Revisions pulled up:
- comms/asterisk/Makefile 1.116
- comms/asterisk/distinfo 1.70
---
Module Name: pkgsrc
Committed By: jnemeth
Date: Fri Dec 12 22:12:56 UTC 2014
Modified Files:
pkgsrc/comms/asterisk: Makefile distinfo
Log Message:
Update to Asterisk 11.14.2: this is a security fix release.
The Asterisk Development Team has announced security releases for
Certified Asterisk 11.6 and Asterisk 11, 12, and 13. The available
security releases are released as versions 11.6-cert9, 11.14.2,
12.7.2, and 13.0.2.
The release of these versions resolves the following security vulnerability:
* AST-2014-019: Remote Crash Vulnerability in WebSocket Server
When handling a WebSocket frame the res_http_websocket module
dynamically changes the size of the memory used to allow the
provided payload to fit. If a payload length of zero was received
the code would incorrectly attempt to resize to zero. This
operation would succeed and end up freeing the memory but be
treated as a failure. When the session was subsequently torn down
this memory would get freed yet again causing a crash.
For more information about the details of this vulnerability, please read
security advisory AST-2014-019, which was released at the same time as this
announcement.
For a full list of changes in the current releases, please see the Change Logs:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2
The security advisory is available at:
* http://downloads.asterisk.org/pub/security/AST-2014-019.pdf
Thank you for your continued support of Asterisk!
Revision 1.116 / (download) - annotate - [select for diffs], Fri Dec 12 22:12:56 2014 UTC (8 years, 9 months ago) by jnemeth
Branch: MAIN
Changes since 1.115: +2 -2
lines
Diff to previous 1.115 (colored)
Update to Asterisk 11.14.2: this is a security fix release. The Asterisk Development Team has announced security releases for Certified Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. The release of these versions resolves the following security vulnerability: * AST-2014-019: Remote Crash Vulnerability in WebSocket Server When handling a WebSocket frame the res_http_websocket module dynamically changes the size of the memory used to allow the provided payload to fit. If a payload length of zero was received the code would incorrectly attempt to resize to zero. This operation would succeed and end up freeing the memory but be treated as a failure. When the session was subsequently torn down this memory would get freed yet again causing a crash. For more information about the details of this vulnerability, please read security advisory AST-2014-019, which was released at the same time as this announcement. For a full list of changes in the current releases, please see the Change Logs: http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 The security advisory is available at: * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf Thank you for your continued support of Asterisk!
Revision 1.111.2.1 / (download) - annotate - [select for diffs], Sat Dec 6 16:57:53 2014 UTC (8 years, 9 months ago) by tron
Branch: pkgsrc-2014Q3
Changes since 1.111: +5 -5
lines
Diff to previous 1.111 (colored)
Pullup ticket #4566 - requested by jnemeth
comms/asterisk:: security update
comms/asterisk18: security update
Revisions pulled up:
- comms/asterisk/Makefile 1.113-1.115
- comms/asterisk/PLIST 1.9
- comms/asterisk/distinfo 1.67-1.69
- comms/asterisk/patches/patch-contrib_scripts_autosupport deleted
- comms/asterisk18/Makefile 1.88-1.90
- comms/asterisk18/PLIST 1.25
- comms/asterisk18/distinfo 1.56-1.58
---
Module Name: pkgsrc
Committed By: jnemeth
Date: Tue Oct 14 03:35:05 UTC 2014
Modified Files:
pkgsrc/comms/asterisk18: Makefile PLIST distinfo
Log Message:
Update Asterisk to 1.8.31.0. This is mostly a bugfix release:
The Asterisk Development Team has announced the release of Asterisk 1.8.31.0.
The release of Asterisk 1.8.31.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following are the issues resolved in this release:
Bugs fixed in this release:
-----------------------------------
* ASTERISK-24032 - Gentoo compilation emits warning:
"_FORTIFY_SOURCE" redefined (Reported by Kilburn)
* ASTERISK-24225 - Dial option z is broken (Reported by
dimitripietro)
* ASTERISK-24178 - [patch]fromdomainport used even if not set
(Reported by Elazar Broad)
* ASTERISK-24019 - When a Music On Hold stream starts it restarts
at beginning of file. (Reported by Jason Richards)
* ASTERISK-24211 - testsuite: Fix the dial_LS_options test
(Reported by Matt Jordan)
* ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash
Mohod)
Improvements made in this release:
-----------------------------------
* ASTERISK-24171 - [patch] Provide a manpage for the aelparse
utility (Reported by Jeremy Lainé)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.31.0
Thank you for your continued support of Asterisk!
---
Module Name: pkgsrc
Committed By: jnemeth
Date: Tue Oct 14 03:36:40 UTC 2014
Modified Files:
pkgsrc/comms/asterisk: Makefile PLIST distinfo
Log Message:
Update Asterisk to 11.13.0. This is mostly a bugfix release:
The Asterisk Development Team has announced the release of Asterisk 11.13.0.
The release of Asterisk 11.13.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following are the issues resolved in this release:
Bugs fixed in this release:
-----------------------------------
* ASTERISK-24032 - Gentoo compilation emits warning:
"_FORTIFY_SOURCE" redefined (Reported by Kilburn)
* ASTERISK-24225 - Dial option z is broken (Reported by
dimitripietro)
* ASTERISK-24178 - [patch]fromdomainport used even if not set
(Reported by Elazar Broad)
* ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload
warnings and ref leaks (Reported by Walter Doekes)
* ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP
ICE candidates in SDP answer (Reported by Badalian Vyacheslav)
* ASTERISK-24019 - When a Music On Hold stream starts it restarts
at beginning of file. (Reported by Jason Richards)
* ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying
if ever not able to resolve (Reported by David Herselman)
* ASTERISK-24211 - testsuite: Fix the dial_LS_options test
(Reported by Matt Jordan)
* ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash
Mohod)
* ASTERISK-23577 - res_rtp_asterisk: Crash in
ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by
Jay Jideliov)
* ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10)
concurrent WebRTC (avpg/encryption/icesupport) calls (Reported
by Roman Skvirsky)
* ASTERISK-24301 - Security: Out of call MESSAGE requests
processed via Message channel driver can crash Asterisk
(Reported by Matt Jordan)
Improvements made in this release:
-----------------------------------
* ASTERISK-24171 - [patch] Provide a manpage for the aelparse
utility (Reported by Jeremy Lainé)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0
Thank you for your continued support of Asterisk!
---
Module Name: pkgsrc
Committed By: jnemeth
Date: Wed Nov 19 08:30:57 UTC 2014
Modified Files:
pkgsrc/comms/asterisk18: Makefile distinfo
Log Message:
Update to Asterisk 1.8.32.0: this is mostly a bug fix release.
The Asterisk Development Team has announced the release of Asterisk 1.8.32.0.
The release of Asterisk 1.8.32.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following are the issues resolved in this release:
Bugs fixed in this release:
-----------------------------------
* ASTERISK-24348 - Built-in editline tab complete segfault with
MALLOC_DEBUG (Reported by Walter Doekes)
* ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to
INVITE retransmissions of rejected calls (Reported by Torrey
Searle)
* ASTERISK-23768 - [patch] Asterisk man page contains a (new)
unquoted minus sign (Reported by Jeremy Lainé)
* ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits
(Reported by Jeremy Lainé)
* ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with
realtime peers (Reported by ibercom)
* ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with
ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell)
* ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too
high on linux systems with lots of RAM (Reported by Michael
Myles)
* ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE
results in a SIP channel leak (Reported by NITESH BANSAL)
* ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP
Re-INVITE results in a SIP channel leak (Reported by Torrey
Searle)
* ASTERISK-24406 - Some caller ID strings are parsed differently
since 11.13.0 (Reported by Etienne Lessard)
* ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30
(Reported by Tzafrir Cohen)
* ASTERISK-13797 - [patch] relax badshell tilde test (Reported by
Tzafrir Cohen)
* ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE
(Reported by Paolo Compagnini)
* ASTERISK-18923 - res_fax_spandsp usage counter is wrong
(Reported by Grigoriy Puzankin)
* ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout
(Reported by Dmitry Melekhov)
* ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy
when sending qualify requests (Reported by Damian Ivereigh)
* ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of
SSLv3, security fix POODLE (CVE-2014-3566) (Reported by
abelbeck)
* ASTERISK-24436 - Missing header in res/res_srtp.c when compiling
against libsrtp-1.5.0 (Reported by Patrick Laimbock)
* ASTERISK-21721 - SIP Failed to parse multiple Supported: headers
(Reported by Olle Johansson)
* ASTERISK-24190 - IMAP voicemail causes segfault (Reported by
Nick Adams)
* ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled
(Reported by Corey Farrell)
* ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream
leaks (Reported by Corey Farrell)
* ASTERISK-24307 - Unintentional memory retention in stringfields
(Reported by Etienne Lessard)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.32.0
Thank you for your continued support of Asterisk!
---
Module Name: pkgsrc
Committed By: jnemeth
Date: Wed Nov 19 08:32:48 UTC 2014
Modified Files:
pkgsrc/comms/asterisk: Makefile distinfo
Removed Files:
pkgsrc/comms/asterisk/patches: patch-contrib_scripts_autosupport
Log Message:
Update to Asterisk 11.14.0: this is mostly a bugfix release.
The Asterisk Development Team has announced the release of Asterisk 11.14.0.
The release of Asterisk 11.14.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following are the issues resolved in this release:
Bugs fixed in this release:
-----------------------------------
* ASTERISK-24348 - Built-in editline tab complete segfault with
MALLOC_DEBUG (Reported by Walter Doekes)
* ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to
INVITE retransmissions of rejected calls (Reported by Torrey
Searle)
* ASTERISK-23768 - [patch] Asterisk man page contains a (new)
unquoted minus sign (Reported by Jeremy Lainé)
* ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits
(Reported by Jeremy Lainé)
* ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir
Cohen)
* ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with
realtime peers (Reported by ibercom)
* ASTERISK-24384 - chan_motif: format capabilities leak on module
load error (Reported by Corey Farrell)
* ASTERISK-24385 - chan_sip: process_sdp leaks on an error path
(Reported by Corey Farrell)
* ASTERISK-24378 - Release AMI connections on shutdown (Reported
by Corey Farrell)
* ASTERISK-24354 - AMI sendMessage closes AMI connection on error
(Reported by Peter Katzmann)
* ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with
ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell)
* ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are
incorrectly attempted (Reported by Joshua Colp)
* ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too
high on linux systems with lots of RAM (Reported by Michael
Myles)
* ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates
received for component (Reported by Kevin Harwell)
* ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE
results in a SIP channel leak (Reported by NITESH BANSAL)
* ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP
Re-INVITE results in a SIP channel leak (Reported by Torrey
Searle)
* ASTERISK-24406 - Some caller ID strings are parsed differently
since 11.13.0 (Reported by Etienne Lessard)
* ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30
(Reported by Tzafrir Cohen)
* ASTERISK-13797 - [patch] relax badshell tilde test (Reported by
Tzafrir Cohen)
* ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE
(Reported by Paolo Compagnini)
* ASTERISK-18923 - res_fax_spandsp usage counter is wrong
(Reported by Grigoriy Puzankin)
* ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by
Corey Farrell)
* ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout
(Reported by Dmitry Melekhov)
* ASTERISK-23846 - Unistim multilines. Loss of voice after second
call drops (on a second line). (Reported by Rustam Khankishyiev)
* ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy
when sending qualify requests (Reported by Damian Ivereigh)
* ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of
SSLv3, security fix POODLE (CVE-2014-3566) (Reported by
abelbeck)
* ASTERISK-24436 - Missing header in res/res_srtp.c when compiling
against libsrtp-1.5.0 (Reported by Patrick Laimbock)
* ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing
leak (Reported by Corey Farrell)
* ASTERISK-24430 - missing letter "p" in word response in
OriginateResponse event documentation (Reported by Dafi Ni)
* ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by
Corey Farrell)
* ASTERISK-21721 - SIP Failed to parse multiple Supported: headers
(Reported by Olle Johansson)
* ASTERISK-24304 - asterisk crashing randomly because of unistim
channel (Reported by dhanapathy sathya)
* ASTERISK-24190 - IMAP voicemail causes segfault (Reported by
Nick Adams)
* ASTERISK-24466 - app_queue: fix a couple leaks to struct
call_queue (Reported by Corey Farrell)
* ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled
(Reported by Corey Farrell)
* ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream
leaks (Reported by Corey Farrell)
* ASTERISK-24307 - Unintentional memory retention in stringfields
(Reported by Etienne Lessard)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0
Thank you for your continued support of Asterisk!
---
Module Name: pkgsrc
Committed By: jnemeth
Date: Wed Dec 3 01:00:23 UTC 2014
Modified Files:
pkgsrc/comms/asterisk18: Makefile distinfo
Log Message:
Update to Asterisk 1.8.32.1: this is a security fix release.
The Asterisk Development Team has announced security releases for Certified
Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available
security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1,
11.14.1, 12.7.1, and 13.0.1.
The release of these versions resolves the following security vulnerabilities:
* AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP
address families
Many modules in Asterisk that service incoming IP traffic have ACL options
("permit" and "deny") that can be used to whitelist or blacklist address
ranges. A bug has been discovered where the address family of incoming
packets is only compared to the IP address family of the first entry in the
list of access control rules. If the source IP address for an incoming
packet is not of the same address as the first ACL entry, that packet
bypasses all ACL rules.
* AST-2014-018: Permission Escalation through DB dialplan function
The DB dialplan function when executed from an external protocol, such as AMI,
could result in a privilege escalation. Users with a lower class authorization
in AMI can access the internal Asterisk database without the required SYSTEM
class authorization.
For more information about the details of these vulnerabilities, please read
security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015,
AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same
time as this announcement.
For a full list of changes in the current releases, please see the ChangeLogs:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1
The security advisories are available at:
* http://downloads.asterisk.org/pub/security/AST-2014-012.pdf
* http://downloads.asterisk.org/pub/security/AST-2014-018.pdf
Thank you for your continued support of Asterisk!
---
Module Name: pkgsrc
Committed By: jnemeth
Date: Wed Dec 3 01:57:37 UTC 2014
Modified Files:
pkgsrc/comms/asterisk: Makefile distinfo
Log Message:
Update to Asterisk 11.14.1: this is a security fix release.
The Asterisk Development Team has announced security releases for Certified
Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available
security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1,
11.14.1, 12.7.1, and 13.0.1.
The release of these versions resolves the following security vulnerabilities:
* AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP
address families
Many modules in Asterisk that service incoming IP traffic have ACL options
("permit" and "deny") that can be used to whitelist or blacklist address
ranges. A bug has been discovered where the address family of incoming
packets is only compared to the IP address family of the first entry in the
list of access control rules. If the source IP address for an incoming
packet is not of the same address as the first ACL entry, that packet
bypasses all ACL rules.
* AST-2014-018: Permission Escalation through DB dialplan function
The DB dialplan function when executed from an external protocol, such as AMI,
could result in a privilege escalation. Users with a lower class authorization
in AMI can access the internal Asterisk database without the required SYSTEM
class authorization.
In addition, the release of 11.6-cert8 and 11.14.1 resolves the following
security vulnerability:
* AST-2014-014: High call load with ConfBridge can result in resource exhaustion
The ConfBridge application uses an internal bridging API to implement
conference bridges. This internal API uses a state model for channels within
the conference bridge and transitions between states as different things
occur. Unload load it is possible for some state transitions to be delayed
causing the channel to transition from being hung up to waiting for media. As
the channel has been hung up remotely no further media will arrive and the
channel will stay within ConfBridge indefinitely.
In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves
the following security vulnerability:
* AST-2014-017: Permission Escalation via ConfBridge dialplan function and
AMI ConfbridgeStartRecord Action
The CONFBRIDGE dialplan function when executed from an external protocol (such
as AMI) can result in a privilege escalation as certain options within that
function can affect the underlying system. Additionally, the AMI
ConfbridgeStartRecord action has options that would allow modification of the
underlying system, and does not require SYSTEM class authorization in AMI.
For a full list of changes in the current releases, please see the ChangeLogs:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1
The security advisories are available at:
* http://downloads.asterisk.org/pub/security/AST-2014-012.pdf
* http://downloads.asterisk.org/pub/security/AST-2014-014.pdf
* http://downloads.asterisk.org/pub/security/AST-2014-017.pdf
* http://downloads.asterisk.org/pub/security/AST-2014-018.pdf
Thank you for your continued support of Asterisk!
Revision 1.115 / (download) - annotate - [select for diffs], Wed Dec 3 01:57:37 2014 UTC (8 years, 9 months ago) by jnemeth
Branch: MAIN
Changes since 1.114: +2 -2
lines
Diff to previous 1.114 (colored)
Update to Asterisk 11.14.1: this is a security fix release.
The Asterisk Development Team has announced security releases for Certified
Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available
security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1,
11.14.1, 12.7.1, and 13.0.1.
The release of these versions resolves the following security vulnerabilities:
* AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP
address families
Many modules in Asterisk that service incoming IP traffic have ACL options
("permit" and "deny") that can be used to whitelist or blacklist address
ranges. A bug has been discovered where the address family of incoming
packets is only compared to the IP address family of the first entry in the
list of access control rules. If the source IP address for an incoming
packet is not of the same address as the first ACL entry, that packet
bypasses all ACL rules.
* AST-2014-018: Permission Escalation through DB dialplan function
The DB dialplan function when executed from an external protocol, such as AMI,
could result in a privilege escalation. Users with a lower class authorization
in AMI can access the internal Asterisk database without the required SYSTEM
class authorization.
In addition, the release of 11.6-cert8 and 11.14.1 resolves the following
security vulnerability:
* AST-2014-014: High call load with ConfBridge can result in resource exhaustion
The ConfBridge application uses an internal bridging API to implement
conference bridges. This internal API uses a state model for channels within
the conference bridge and transitions between states as different things
occur. Unload load it is possible for some state transitions to be delayed
causing the channel to transition from being hung up to waiting for media. As
the channel has been hung up remotely no further media will arrive and the
channel will stay within ConfBridge indefinitely.
In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves
the following security vulnerability:
* AST-2014-017: Permission Escalation via ConfBridge dialplan function and
AMI ConfbridgeStartRecord Action
The CONFBRIDGE dialplan function when executed from an external protocol (such
as AMI) can result in a privilege escalation as certain options within that
function can affect the underlying system. Additionally, the AMI
ConfbridgeStartRecord action has options that would allow modification of the
underlying system, and does not require SYSTEM class authorization in AMI.
For a full list of changes in the current releases, please see the ChangeLogs:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1
The security advisories are available at:
* http://downloads.asterisk.org/pub/security/AST-2014-012.pdf
* http://downloads.asterisk.org/pub/security/AST-2014-014.pdf
* http://downloads.asterisk.org/pub/security/AST-2014-017.pdf
* http://downloads.asterisk.org/pub/security/AST-2014-018.pdf
Thank you for your continued support of Asterisk!
Revision 1.114 / (download) - annotate - [select for diffs], Wed Nov 19 08:32:48 2014 UTC (8 years, 10 months ago) by jnemeth
Branch: MAIN
Changes since 1.113: +2 -2
lines
Diff to previous 1.113 (colored)
Update to Asterisk 11.14.0: this is mostly a bugfix release.
The Asterisk Development Team has announced the release of Asterisk 11.14.0.
The release of Asterisk 11.14.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following are the issues resolved in this release:
Bugs fixed in this release:
-----------------------------------
* ASTERISK-24348 - Built-in editline tab complete segfault with
MALLOC_DEBUG (Reported by Walter Doekes)
* ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to
INVITE retransmissions of rejected calls (Reported by Torrey
Searle)
* ASTERISK-23768 - [patch] Asterisk man page contains a (new)
unquoted minus sign (Reported by Jeremy Lainé)
* ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits
(Reported by Jeremy Lainé)
* ASTERISK-20567 - bashism in autosupport (Reported by Tzafrir
Cohen)
* ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with
realtime peers (Reported by ibercom)
* ASTERISK-24384 - chan_motif: format capabilities leak on module
load error (Reported by Corey Farrell)
* ASTERISK-24385 - chan_sip: process_sdp leaks on an error path
(Reported by Corey Farrell)
* ASTERISK-24378 - Release AMI connections on shutdown (Reported
by Corey Farrell)
* ASTERISK-24354 - AMI sendMessage closes AMI connection on error
(Reported by Peter Katzmann)
* ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with
ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell)
* ASTERISK-24326 - res_rtp_asterisk: ICE-TCP candidates are
incorrectly attempted (Reported by Joshua Colp)
* ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too
high on linux systems with lots of RAM (Reported by Michael
Myles)
* ASTERISK-24383 - res_rtp_asterisk: Crash if no candidates
received for component (Reported by Kevin Harwell)
* ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE
results in a SIP channel leak (Reported by NITESH BANSAL)
* ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP
Re-INVITE results in a SIP channel leak (Reported by Torrey
Searle)
* ASTERISK-24406 - Some caller ID strings are parsed differently
since 11.13.0 (Reported by Etienne Lessard)
* ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30
(Reported by Tzafrir Cohen)
* ASTERISK-13797 - [patch] relax badshell tilde test (Reported by
Tzafrir Cohen)
* ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE
(Reported by Paolo Compagnini)
* ASTERISK-18923 - res_fax_spandsp usage counter is wrong
(Reported by Grigoriy Puzankin)
* ASTERISK-24392 - res_fax: fax gateway sessions leak (Reported by
Corey Farrell)
* ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout
(Reported by Dmitry Melekhov)
* ASTERISK-23846 - Unistim multilines. Loss of voice after second
call drops (on a second line). (Reported by Rustam Khankishyiev)
* ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy
when sending qualify requests (Reported by Damian Ivereigh)
* ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of
SSLv3, security fix POODLE (CVE-2014-3566) (Reported by
abelbeck)
* ASTERISK-24436 - Missing header in res/res_srtp.c when compiling
against libsrtp-1.5.0 (Reported by Patrick Laimbock)
* ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing
leak (Reported by Corey Farrell)
* ASTERISK-24430 - missing letter "p" in word response in
OriginateResponse event documentation (Reported by Dafi Ni)
* ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by
Corey Farrell)
* ASTERISK-21721 - SIP Failed to parse multiple Supported: headers
(Reported by Olle Johansson)
* ASTERISK-24304 - asterisk crashing randomly because of unistim
channel (Reported by dhanapathy sathya)
* ASTERISK-24190 - IMAP voicemail causes segfault (Reported by
Nick Adams)
* ASTERISK-24466 - app_queue: fix a couple leaks to struct
call_queue (Reported by Corey Farrell)
* ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled
(Reported by Corey Farrell)
* ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream
leaks (Reported by Corey Farrell)
* ASTERISK-24307 - Unintentional memory retention in stringfields
(Reported by Etienne Lessard)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.14.0
Thank you for your continued support of Asterisk!
Revision 1.113 / (download) - annotate - [select for diffs], Tue Oct 14 03:36:40 2014 UTC (8 years, 11 months ago) by jnemeth
Branch: MAIN
Changes since 1.112: +5 -6
lines
Diff to previous 1.112 (colored)
Update Asterisk to 11.13.0. This is mostly a bugfix release:
The Asterisk Development Team has announced the release of Asterisk 11.13.0.
The release of Asterisk 11.13.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following are the issues resolved in this release:
Bugs fixed in this release:
-----------------------------------
* ASTERISK-24032 - Gentoo compilation emits warning:
"_FORTIFY_SOURCE" redefined (Reported by Kilburn)
* ASTERISK-24225 - Dial option z is broken (Reported by
dimitripietro)
* ASTERISK-24178 - [patch]fromdomainport used even if not set
(Reported by Elazar Broad)
* ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload
warnings and ref leaks (Reported by Walter Doekes)
* ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP
ICE candidates in SDP answer (Reported by Badalian Vyacheslav)
* ASTERISK-24019 - When a Music On Hold stream starts it restarts
at beginning of file. (Reported by Jason Richards)
* ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying
if ever not able to resolve (Reported by David Herselman)
* ASTERISK-24211 - testsuite: Fix the dial_LS_options test
(Reported by Matt Jordan)
* ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash
Mohod)
* ASTERISK-23577 - res_rtp_asterisk: Crash in
ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by
Jay Jideliov)
* ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10)
concurrent WebRTC (avpg/encryption/icesupport) calls (Reported
by Roman Skvirsky)
* ASTERISK-24301 - Security: Out of call MESSAGE requests
processed via Message channel driver can crash Asterisk
(Reported by Matt Jordan)
Improvements made in this release:
-----------------------------------
* ASTERISK-24171 - [patch] Provide a manpage for the aelparse
utility (Reported by Jeremy Lainé)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0
Thank you for your continued support of Asterisk!
Revision 1.112 / (download) - annotate - [select for diffs], Tue Oct 7 16:47:19 2014 UTC (8 years, 11 months ago) by adam
Branch: MAIN
Changes since 1.111: +2 -1
lines
Diff to previous 1.111 (colored)
Revbump after updating libwebp and icu
Revision 1.111 / (download) - annotate - [select for diffs], Sat Sep 20 19:12:16 2014 UTC (9 years ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2014Q3-base
Branch point for: pkgsrc-2014Q3
Changes since 1.110: +2 -2
lines
Diff to previous 1.110 (colored)
Update to Asterisk 11.12.1: this is mainly a security fix for AST-2014-010.
The Asterisk Development Team has announced security releases for Certified
Asterisk 11.6 and Asterisk 11 and 12. The available security releases are
released as versions 11.6-cert6, 11.12.1, and 12.5.1.
Please note that the release of these versions resolves the following security
vulnerability:
* AST-2014-010: Remote Crash when Handling Out of Call Message in Certain
Dialplan Configurations
Note that the crash described in AST-2014-010 can be worked around through
dialplan configuration. Given the likelihood of the issue, an advisory was
deemed to be warranted.
For more information about the details of these vulnerabilities, please read
security advisories AST-2014-009 and AST-2014-010, which were released at the
same time as this announcement.
For a full list of changes in the current releases, please see the ChangeLogs:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.12.1
The security advisories are available at:
* http://downloads.asterisk.org/pub/security/AST-2014-010.pdf
Thank you for your continued support of Asterisk!
Revision 1.110 / (download) - annotate - [select for diffs], Thu Aug 28 01:19:12 2014 UTC (9 years ago) by jnemeth
Branch: MAIN
Changes since 1.109: +2 -2
lines
Diff to previous 1.109 (colored)
Update to Asterisk 11.12.0: this is mainly a bugfix release.
The Asterisk Development Team has announced the release of Asterisk 11.12.0.
The release of Asterisk 11.12.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following are the issues resolved in this release:
Bugs fixed in this release:
-----------------------------------
* ASTERISK-23911 - URIENCODE/URIDECODE: WARNING about passing an
empty string is a bit over zealous (Reported by Matt Jordan)
* ASTERISK-23985 - PresenceState Action response does not contain
ActionID; duplicates Message Header (Reported by Matt Jordan)
* ASTERISK-23814 - No call started after peer dialed (Reported by
Igor Goncharovsky)
* ASTERISK-24087 - [patch]chan_sip: sip_subscribe_mwi_destroy
should not call sip_destroy (Reported by Corey Farrell)
* ASTERISK-23818 - PBX_Lua: after asterisk startup module is
loaded, but dialplan not available (Reported by Dennis Guse)
* ASTERISK-18345 - [patch] sips connection dropped by asterisk
with a large INVITE (Reported by Stephane Chazelas)
* ASTERISK-23508 - Memory Corruption in
__ast_string_field_ptr_build_va (Reported by Arnd Schmitter)
Improvements made in this release:
-----------------------------------
* ASTERISK-21178 - Improve documentation for manager command
Getvar, Setvar (Reported by Rusty Newton)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.12.0
Thank you for your continued support of Asterisk!
Revision 1.109 / (download) - annotate - [select for diffs], Tue Jul 29 04:20:55 2014 UTC (9 years, 1 month ago) by jnemeth
Branch: MAIN
Changes since 1.108: +3 -2
lines
Diff to previous 1.108 (colored)
Update to Asterisk 11.11.0: this is primarily a bugfix release.
pkgsrc change: MAKE_JOBS_SAFE=NO from joerg@
The Asterisk Development Team has announced the release of Asterisk 11.11.0.
The release of Asterisk 11.11.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following are the issues resolved in this release:
Bugs fixed in this release:
-----------------------------------
* ASTERISK-22551 - Session timer : UAS (Asterisk) starts counting
at Invite, UAC starts counting at 200 OK. (Reported by i2045)
* ASTERISK-23792 - Mutex left locked in chan_unistim.c (Reported
by Peter Whisker)
* ASTERISK-23582 - [patch]Inconsistent column length in *odbc
(Reported by Walter Doekes)
* ASTERISK-23803 - AMI action UpdateConfig EmptyCat clears all
categories but the requested one (Reported by zvision)
* ASTERISK-23035 - ConfBridge with name longer than max (32 chars)
results in several bridges with same conf_name (Reported by
Iñaki CÃvico)
* ASTERISK-23824 - ConfBridge: Users cannot be muted via CLI or
AMI when waiting to enter a conference (Reported by Matt Jordan)
* ASTERISK-23683 - #includes - wildcard character in a path more
than one directory deep - results in no config parsing on module
reload (Reported by tootai)
* ASTERISK-23827 - autoservice thread doesn't exit at shutdown
(Reported by Corey Farrell)
* ASTERISK-23609 - Security: AMI action MixMonitor allows
arbitrary programs to be run (Reported by Corey Farrell)
* ASTERISK-23673 - Security: DOS by consuming the number of
allowed HTTP connections. (Reported by Richard Mudgett)
* ASTERISK-23246 - DEBUG messages in sdp_crypto.c display despite
a DEBUG level of zero (Reported by Rusty Newton)
* ASTERISK-23766 - [patch] Specify timeout for database write in
SQLite (Reported by Igor Goncharovsky)
* ASTERISK-23844 - Load of pbx_lua fails on sample extensions.lua
with Lua 5.2 or greater due to addition of goto statement
(Reported by Rusty Newton)
* ASTERISK-23818 - PBX_Lua: after asterisk startup module is
loaded, but dialplan not available (Reported by Dennis Guse)
* ASTERISK-23834 - res_rtp_asterisk debug message gives wrong
length if ICE (Reported by Richard Kenner)
* ASTERISK-23790 - [patch] - SIP From headers longer than 256
characters result in dropped call and 'No closing bracket'
warnings. (Reported by uniken1)
* ASTERISK-23917 - res_http_websocket: Delay in client processing
large streams of data causes disconnect and stuck socket
(Reported by Matt Jordan)
* ASTERISK-23908 - [patch]When using FEC error correction,
asterisk tries considers negative sequence numbers as missing
(Reported by Torrey Searle)
* ASTERISK-23921 - refcounter.py uses excessive ram for large refs
files (Reported by Corey Farrell)
* ASTERISK-23948 - REF_DEBUG fails to record ao2_ref against
objects that were already freed (Reported by Corey Farrell)
* ASTERISK-23916 - [patch]SIP/SDP fmtp line may include whitespace
between attributes (Reported by Alexander Traud)
* ASTERISK-23984 - Infinite loop possible in ast_careful_fwrite()
(Reported by Steve Davies)
* ASTERISK-23897 - [patch]Change in SETUP ACK handling (checking
PI) in revision 413765 breaks working environments (Reported by
Pavel Troller)
Improvements made in this release:
-----------------------------------
* ASTERISK-23492 - Add option to safe_asterisk to disable
backgrounding (Reported by Walter Doekes)
* ASTERISK-22961 - [patch] DTLS-SRTP not working with SHA-256
(Reported by Jay Jideliov)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.11.0
Thank you for your continued support of Asterisk!
Revision 1.108 / (download) - annotate - [select for diffs], Wed Jul 2 03:06:24 2014 UTC (9 years, 2 months ago) by jnemeth
Branch: MAIN
Changes since 1.107: +5 -6
lines
Diff to previous 1.107 (colored)
Update to Asterisk 11.10.2: this fixes multiple security issues along
with general bug fixes. The security issues fixed are: AST-2014-001,
AST-2014-002, AST-2014-006, and AST-2014-007.
-----
The Asterisk Development Team has announced security releases for
Certified Asterisk 1.8.15, 11.6, and Asterisk 1.8, 11, and 12. The
available security releases are released as versions 1.8.15-cert7,
11.6-cert4, 1.8.28.2, 11.10.2, and 12.3.2.
These releases resolve security vulnerabilities that were previously
fixed in 1.8.15-cert6, 11.6-cert3, 1.8.28.1, 11.10.1, and 12.3.1.
Unfortunately, the fix for AST-2014-007 inadvertently introduced
a regression in Asterisk's TCP and TLS handling that prevented
Asterisk from sending data over these transports. This regression
and the security vulnerabilities have been fixed in the versions
specified in this release announcement.
Please note that the release of these versions resolves the following security
vulnerabilities:
* AST-2014-006: Permission Escalation via Asterisk Manager User Unauthorized
Shell Access
* AST-2014-007: Denial of Service via Exhaustion of Allowed Concurrent HTTP
Connections
For more information about the details of these vulnerabilities,
please read security advisories AST-2014-005, AST-2014-006,
AST-2014-007, and AST-2014-008, which were released with the previous
versions that addressed these vulnerabilities.
For a full list of changes in the current releases, please see the ChangeLogs:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.10.2
The security advisories are available at:
* http://downloads.asterisk.org/pub/security/AST-2014-006.pdf
* http://downloads.asterisk.org/pub/security/AST-2014-007.pdf
Thank you for your continued support of Asterisk!
-----
The Asterisk Development Team has announced security releases for
Certified Asterisk 1.8.15, 11.6, and Asterisk 1.8, 11, and 12. The
available security releases are released as versions 1.8.15-cert6,
11.6-cert3, 1.8.28.1, 11.10.1, and 12.3.1.
The release of these versions resolves the following issue:
* AST-2014-007: Denial of Service via Exhaustion of Allowed Concurrent HTTP
Connections
Establishing a TCP or TLS connection to the configured HTTP or HTTPS port
respectively in http.conf and then not sending or completing a HTTP request
will tie up a HTTP session. By doing this repeatedly until the maximum number
of open HTTP sessions is reached, legitimate requests are blocked.
Additionally, the release of 11.6-cert3, 11.10.1, and 12.3.1 resolves the
following issue:
* AST-2014-006: Permission Escalation via Asterisk Manager User Unauthorized
Shell Access
Manager users can execute arbitrary shell commands with the MixMonitor manager
action. Asterisk does not require system class authorization for a manager
user to use the MixMonitor action, so any manager user who is permitted to use
manager commands can potentially execute shell commands as the user executing
the Asterisk process.
These issues and their resolutions are described in the security advisories.
For more information about the details of these vulnerabilities,
please read security advisories AST-2014-005, AST-2014-006,
AST-2014-007, and AST-2014-008, which were released at the same
time as this announcement.
For a full list of changes in the current releases, please see the ChangeLogs:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.10.1
The security advisories are available at:
* http://downloads.asterisk.org/pub/security/AST-2014-006.pdf
* http://downloads.asterisk.org/pub/security/AST-2014-007.pdf
Thank you for your continued support of Asterisk!
-----
The Asterisk Development Team has announced the release of Asterisk 11.10.0.
The release of Asterisk 11.10.0 resolves several issues reported
by the community and would have not been possible without your
participation. Thank you!
The following are the issues resolved in this release:
Bugs fixed in this release:
-----------------------------------
* ASTERISK-23547 - [patch] app_queue removing callers from queue
when reloading (Reported by Italo Rossi)
* ASTERISK-23559 - app_voicemail fails to load after fix to
dialplan functions (Reported by Corey Farrell)
* ASTERISK-22846 - testsuite: masquerade super test fails on all
branches (still) (Reported by Matt Jordan)
* ASTERISK-23545 - Confbridge talker detection settings
configuration load bug (Reported by John Knott)
* ASTERISK-23546 - CB_ADD_LEN does not do what you'd think
(Reported by Walter Doekes)
* ASTERISK-23620 - Code path in app_stack fails to unlock list
(Reported by Bradley Watkins)
* ASTERISK-23616 - Big memory leak in logger.c (Reported by
ibercom)
* ASTERISK-23576 - Build failure on SmartOS / Illumos / SunOS
(Reported by Sebastian Wiedenroth)
* ASTERISK-23550 - Newer sound sets don't show up in menuselect
(Reported by Rusty Newton)
* ASTERISK-18331 - app_sms failure (Reported by David Woodhouse)
* ASTERISK-19465 - P-Asserted-Identity Privacy (Reported by
Krzysztof Chmielewski)
* ASTERISK-23605 - res_http_websocket: Race condition in shutting
down websocket causes crash (Reported by Matt Jordan)
* ASTERISK-23707 - Realtime Contacts: Apparent mismatch between
PGSQL database state and Asterisk state (Reported by Mark
Michelson)
* ASTERISK-23381 - [patch]ChanSpy- Barge only works on the initial
'spy', if the spied-on channel makes a new call, unable to
barge. (Reported by Robert Moss)
* ASTERISK-23665 - Wrong mime type for codec H263-1998 (h263+)
(Reported by Guillaume Maudoux)
* ASTERISK-23664 - Incorrect H264 specification in SDP. (Reported
by Guillaume Maudoux)
* ASTERISK-22977 - chan_sip+CEL: missing ANSWER and PICKUP event
for INVITE/w/replaces pickup (Reported by Walter Doekes)
* ASTERISK-23709 - Regression in Dahdi/Analog/waitfordialtone
(Reported by Steve Davies)
Improvements made in this release:
-----------------------------------
* ASTERISK-23649 - [patch]Support for DTLS retransmission
(Reported by NITESH BANSAL)
* ASTERISK-23564 - [patch]TLS/SRTP status of channel not currently
available in a CLI command (Reported by Patrick Laimbock)
* ASTERISK-23754 - [patch] Use var/lib directory for log file
configured in asterisk.conf (Reported by Igor Goncharovsky)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.10.0
Thank you for your continued support of Asterisk!
-----
The Asterisk Development Team has announced the release of Asterisk 11.9.0.
The release of Asterisk 11.9.0 resolves several issues reported by
the community and would have not been possible without your
participation. Thank you!
The following are the issues resolved in this release:
Bugs fixed in this release:
-----------------------------------
* ASTERISK-22790 - check_modem_rate() may return incorrect rate
for V.27 (Reported by Paolo Compagnini)
* ASTERISK-23034 - [patch] manager Originate doesn't abort on
failed format_cap allocation (Reported by Corey Farrell)
* ASTERISK-23061 - [Patch] 'textsupport' setting not mentioned in
sip.conf.sample (Reported by Eugene)
* ASTERISK-23028 - [patch] Asterisk man pages contains unquoted
minus signs (Reported by Jeremy Lainé)
* ASTERISK-23046 - Custom CDR fields set during a GoSUB called
from app_queue are not inserted (Reported by Denis Pantsyrev)
* ASTERISK-23027 - [patch] Spelling typo "transfered" instead of
"transferred" (Reported by Jeremy Lainé)
* ASTERISK-23008 - Local channels loose CALLERID name when DAHDI
channel connects (Reported by Michael Cargile)
* ASTERISK-23100 - [patch] In chan_mgcp the ident in transmitted
request and request queue may differ - fix for locking (Reported
by adomjan)
* ASTERISK-22988 - [patch]T38 , SIP 488 after Rejecting image
media offer due to invalid or unsupported syntax (Reported by
adomjan)
* ASTERISK-22861 - [patch]Specifying a null time as parameter to
GotoIfTime or ExecIfTime causes segmentation fault (Reported by
Sebastian Murray-Roberts)
* ASTERISK-17837 - extconfig.conf - Maximum Include level (1)
exceeded (Reported by pz)
* ASTERISK-22662 - Documentation fix? - queues.conf says
persistentmembers defaults to yes, it appears to lie (Reported
by Rusty Newton)
* ASTERISK-23134 - [patch] res_rtp_asterisk port selection cannot
handle selinux port restrictions (Reported by Corey Farrell)
* ASTERISK-23220 - STACK_PEEK function with no arguments causes
crash/core dump (Reported by James Sharp)
* ASTERISK-19773 - Asterisk crash on issuing Asterisk-CLI 'reload'
command multiple times on cli_aliases (Reported by Joel Vandal)
* ASTERISK-22757 - segfault in res_clialiases.so on reload when
mapping "module reload" command (Reported by Gareth Blades)
* ASTERISK-17727 - [patch] TLS doesn't get all certificate chain
(Reported by LN)
* ASTERISK-23178 - devicestate.h: device state setting functions
are documented with the wrong return values (Reported by
Jonathan Rose)
* ASTERISK-23232 - LocalBridge AMI Event LocalOptimization value
is opposite to what's expected (Reported by Leon Roy)
* ASTERISK-23098 - [patch]possible null pointer dereference in
format.c (Reported by Marcello Ceschia)
* ASTERISK-23297 - Asterisk 12, pbx_config.so segfaults if
res_parking.so is not loaded, or if res_parking.conf has no
configuration (Reported by CJ Oster)
* ASTERISK-23069 - Custom CDR variable not recorded when set in
macro called from app_queue (Reported by Bryan Anderson)
* ASTERISK-19499 - ConfBridge MOH is not working for transferee
after attended transfer (Reported by Timo Teräs)
* ASTERISK-23261 - [patch]Output mixup in
${CHANNEL(rtpqos,audio,all)} (Reported by rsw686)
* ASTERISK-23279 - [patch]Asterisk doesn't support the dynamic
payload change in rtp mapping in the 200 OK response (Reported
by NITESH BANSAL)
* ASTERISK-23255 - UUID included for Redhat, but missing for
Debian distros in install_prereq script (Reported by Rusty
Newton)
* ASTERISK-23260 - [patch]ForkCDR v option does not keep CDR
variables for subsequent records (Reported by zvision)
* ASTERISK-23141 - Asterisk crashes on Dial(), in
pbx_find_extension at pbx.c (Reported by Maxim)
* ASTERISK-23336 - Asterisk warning "Don't know how to indicate
condition 33 on ooh323c" on outgoing calls from H323 to SIP peer
(Reported by Alexander Semych)
* ASTERISK-23231 - Since 405693 If we have res_fax.conf file set
to minrate=2400, then res_fax refuse to load (Reported by David
Brillert)
* ASTERISK-23135 - Crash - segfault in ast_channel_hangupcause_set
- probably introduced in 11.7.0 (Reported by OK)
* ASTERISK-23323 - [patch]chan_sip: missing p->owner checks in
handle_response_invite (Reported by Walter Doekes)
* ASTERISK-23406 - [patch]Fix typo in "sip show peer" (Reported by
ibercom)
* ASTERISK-23310 - bridged channel crashes in bridge_p2p_rtp_write
(Reported by Jeremy Lainé)
* ASTERISK-22911 - [patch]Asterisk fails to resume WebRTC call
from hold (Reported by Vytis Valentinaviius)
* ASTERISK-23104 - Specifying the SetVar AMI without a Channel
cause Asterisk to crash (Reported by Joel Vandal)
* ASTERISK-21930 - [patch]WebRTC over WSS is not working.
(Reported by John)
* ASTERISK-23383 - Wrong sense test on stat return code causes
unchanged config check to break with include files. (Reported by
David Woolley)
* ASTERISK-20149 - Crash when faxing SIP to SIP with strictrtp set
to yes (Reported by Alexandr Gordeev)
* ASTERISK-17523 - Qualify for static realtime peers does not work
(Reported by Maciej Krajewski)
* ASTERISK-21406 - [patch] chan_sip deadlock on monlock between
unload_module and do_monitor (Reported by Corey Farrell)
* ASTERISK-23373 - [patch]Security: Open FD exhaustion with
chan_sip Session-Timers (Reported by Corey Farrell)
* ASTERISK-23340 - Security Vulnerability: stack allocation of
cookie headers in loop allows for unauthenticated remote denial
of service attack (Reported by Matt Jordan)
* ASTERISK-23311 - Manager - MoH Stop Event fails to show up when
leaving Conference (Reported by Benjamin Keith Ford)
* ASTERISK-23420 - [patch]Memory leak in manager_add_filter
function in manager.c (Reported by Etienne Lessard)
* ASTERISK-23488 - Logic error in callerid checksum processing
(Reported by Russ Meyerriecks)
* ASTERISK-23461 - Only first user is muted when joining
confbridge with 'startmuted=yes' (Reported by Chico Manobela)
* ASTERISK-20841 - fromdomain not honored on outbound INVITE
request (Reported by Kelly Goedert)
* ASTERISK-22079 - Segfault: INTERNAL_OBJ (user_data=0x6374652f)
at astobj2.c:120 (Reported by Jamuel Starkey)
* ASTERISK-23509 - [patch]SayNumber for Polish language tries to
play empty files for numbers divisible by 100 (Reported by
zvision)
* ASTERISK-23103 - [patch]Crash in ast_format_cmp, in ao2_find
(Reported by JoshE)
* ASTERISK-23391 - Audit dialplan function usage of channel
variable (Reported by Corey Farrell)
* ASTERISK-23548 - POST to ARI sometimes returns no body on
success (Reported by Scott Griepentrog)
* ASTERISK-23460 - ooh323 channel stuck if call is placed directly
and gatekeeper is not available (Reported by Dmitry Melekhov)
Improvements made in this release:
-----------------------------------
* ASTERISK-22980 - [patch]Allow building cdr_radius and cel_radius
against libfreeradius-client (Reported by Jeremy Lainé)
* ASTERISK-22661 - Unable to exit ChanSpy if spied channel does
not have a call in progress (Reported by Chris Hillman)
* ASTERISK-23099 - [patch] WSS: enable ast_websocket_read()
function to read the whole available data at first and then wait
for any fragmented packets (Reported by Thava Iyer)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.9.0
Thank you for your continued support of Asterisk!
-----
The Asterisk Development Team has announced security releases for
Certified Asterisk 1.8.15, 11.6, and Asterisk 1.8, 11, and 12. The
available security releases are released as versions 1.8.15-cert5,
11.6-cert2, 1.8.26.1, 11.8.1, and 12.1.1.
The release of these versions resolve the following issues:
* AST-2014-001: Stack overflow in HTTP processing of Cookie headers.
Sending a HTTP request that is handled by Asterisk with a large number of
Cookie headers could overflow the stack.
Another vulnerability along similar lines is any HTTP request with a
ridiculous number of headers in the request could exhaust system memory.
* AST-2014-002: chan_sip: Exit early on bad session timers request
This change allows chan_sip to avoid creation of the channel and
consumption of associated file descriptors altogether if the inbound
request is going to be rejected anyway.
These issues and their resolutions are described in the security advisories.
For more information about the details of these vulnerabilities,
please read security advisories AST-2014-001, AST-2014-002,
AST-2014-003, and AST-2014-004, which were released at the same
time as this announcement.
For a full list of changes in the current releases, please see the ChangeLogs:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.8.1
The security advisories are available at:
* http://downloads.asterisk.org/pub/security/AST-2014-001.pdf
* http://downloads.asterisk.org/pub/security/AST-2014-002.pdf
Thank you for your continued support of Asterisk!
-----
The Asterisk Development Team has announced the release of Asterisk 11.8.0.
The release of Asterisk 11.8.0 resolves several issues reported by
the community and would have not been possible without your
participation. Thank you!
The following are the issues resolved in this release:
Bugs fixed in this release:
-----------------------------------
* ASTERISK-22544 - Italian prompt vm-options has advertisement in
it (Reported by Rusty Newton)
* ASTERISK-21383 - STUN Binding Requests Not Being Sent Back from
Asterisk to Chrome (Reported by Shaun Clark)
* ASTERISK-22478 - [patch]Can't use pound(hash) symbol for custom
DTMF menus in ConfBridge (processed as directive) (Reported by
Nicolas Tanski)
* ASTERISK-12117 - chan_sip creates a new local tag (from-tag) for
every register message (Reported by Pawel Pierscionek)
* ASTERISK-20862 - Asterisk min and max member penalties not
honored when set with 0 (Reported by Schmooze Com)
* ASTERISK-22746 - [patch]Crash in chan_dahdi during caller id
read (Reported by Michael Walton)
* ASTERISK-22788 - [patch] main/translate.c: access to variable f
after free in ast_translate() (Reported by Corey Farrell)
* ASTERISK-21242 - Segfault when T.38 re-invite retransmission
receives 200 OK (Reported by Ashley Winters)
* ASTERISK-22590 - BufferOverflow in unpacksms16() when receiving
16 bit multipart SMS with app_sms (Reported by Jan Juergens)
* ASTERISK-22905 - Prevent Asterisk functions that are 'dangerous'
from being executed from external interfaces (Reported by Matt
Jordan)
* ASTERISK-23021 - Typos in code : "avaliable" instead of
"available" (Reported by Jeremy Lainé)
* ASTERISK-22970 - [patch]Documentation fix for QUOTE() (Reported
by Gareth Palmer)
* ASTERISK-21960 - ooh323 channels stuck (Reported by Dmitry
Melekhov)
* ASTERISK-22350 - DUNDI - core dump on shutdown - segfault in
sqlite3_reset from /usr/lib/libsqlite3.so.0 (Reported by Birger
"WIMPy" Harzenetter)
* ASTERISK-22942 - [patch] - Asterisk crashed after
Set(FAXOPT(faxdetect)=t38) (Reported by adomjan)
* ASTERISK-22856 - [patch]SayUnixTime in polish reads minutes
instead of seconds (Reported by Robert Mordec)
* ASTERISK-22854 - [patch] - Deadlock between cel_pgsql unload and
core_event_dispatcher taskprocessor thread (Reported by Etienne
Lessard)
* ASTERISK-22910 - [patch] - REPLACE() calls strcpy on overlapping
memory when <replace-char> is empty (Reported by Gareth Palmer)
* ASTERISK-22871 - cel_pgsql module not loading after "reload" or
"reload cel_pgsql.so" command (Reported by Matteo)
* ASTERISK-23084 - [patch]rasterisk needlessly prints the
AST-2013-007 warning (Reported by Tzafrir Cohen)
* ASTERISK-17138 - [patch] Asterisk not re-registering after it
receives "Forbidden - wrong password on authentication"
(Reported by Rudi)
* ASTERISK-23011 - [patch]configure.ac and pbx_lua don't support
lua 5.2 (Reported by George Joseph)
* ASTERISK-22834 - Parking by blind transfer when lot full orphans
channels (Reported by rsw686)
* ASTERISK-23047 - Orphaned (stuck) channel occurs during a failed
SIP transfer to parking space (Reported by Tommy Thompson)
* ASTERISK-22946 - Local From tag regression with sipgate.de
(Reported by Stephan Eisvogel)
* ASTERISK-23010 - No BYE message sent when sip INVITE is received
(Reported by Ryan Tilton)
* ASTERISK-23135 - Crash - segfault in ast_channel_hangupcause_set
- probably introduced in 11.7.0 (Reported by OK)
Improvements made in this release:
-----------------------------------
* ASTERISK-22728 - [patch] Improve Understanding Of 'Forcerport'
When Running "sip show peers" (Reported by Michael L. Young)
* ASTERISK-22659 - Make a new core and extra sounds release
(Reported by Rusty Newton)
* ASTERISK-22919 - core show channeltypes slicing (Reported by
outtolunc)
* ASTERISK-22918 - dahdi show channels slices PRI channel dnid on
output (Reported by outtolunc)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.8.0
Thank you for your continued support of Asterisk!
Revision 1.107 / (download) - annotate - [select for diffs], Thu May 29 23:35:20 2014 UTC (9 years, 3 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2014Q2-base,
pkgsrc-2014Q2
Changes since 1.106: +2 -2
lines
Diff to previous 1.106 (colored)
Bump for perl-5.20.0. Do it for all packages that * mention perl, or * have a directory name starting with p5-*, or * depend on a package starting with p5- like last time, for 5.18, where this didn't lead to complaints. Let me know if you have any this time.
Revision 1.106 / (download) - annotate - [select for diffs], Mon May 5 00:47:41 2014 UTC (9 years, 4 months ago) by ryoon
Branch: MAIN
Changes since 1.105: +2 -2
lines
Diff to previous 1.105 (colored)
Recursive revbump from x11/pixman Fix PR pkg/48777
Revision 1.105 / (download) - annotate - [select for diffs], Wed Apr 9 07:27:03 2014 UTC (9 years, 5 months ago) by obache
Branch: MAIN
Changes since 1.104: +2 -2
lines
Diff to previous 1.104 (colored)
recursive bump from icu shlib major bump.
Revision 1.104 / (download) - annotate - [select for diffs], Wed Feb 12 23:17:37 2014 UTC (9 years, 7 months ago) by tron
Branch: MAIN
CVS Tags: pkgsrc-2014Q1-base,
pkgsrc-2014Q1
Changes since 1.103: +2 -1
lines
Diff to previous 1.103 (colored)
Recursive PKGREVISION bump for OpenSSL API version bump.
Revision 1.103 / (download) - annotate - [select for diffs], Tue Jan 7 11:07:03 2014 UTC (9 years, 8 months ago) by jnemeth
Branch: MAIN
Changes since 1.102: +2 -2
lines
Diff to previous 1.102 (colored)
Update to Asterisk 11.7.0: this is a minor bugfix update
The Asterisk Development Team has announced the release of Asterisk 11.7.0.
The release of Asterisk 11.7.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following is a sample of the issues resolved in this release:
* --- app_confbridge: Can now set the language used for announcements
to the conference.
* --- app_queue: Fix CLI "queue remove member" queue_log entry.
* --- chan_sip: Do not increment the SDP version between 183 and 200
responses.
* --- chan_sip: Allow a sip peer to accept both AVP and AVPF calls
* --- chan_sip: Fix Realtime Peer Update Problem When Un-registering
And Expires Header In 200ok
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.7.0
Thank you for your continued support of Asterisk!
Revision 1.102 / (download) - annotate - [select for diffs], Mon Dec 23 01:34:03 2013 UTC (9 years, 9 months ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2013Q4-base,
pkgsrc-2013Q4
Changes since 1.101: +4 -3
lines
Diff to previous 1.101 (colored)
Update to Asterisk 11.6.1: this is a security fix update to fix
AST-2013-006 and AST-2013-007, and a minor bug fix update.
pkgsrc change: disable SRTP on NetBSD as it doesn't link
---- 11.6.1 ----
The Asterisk Development Team has announced security releases for Certified
Asterisk 1.8.15, 11.2, and Asterisk 1.8, 10, and 11. The available security
releases are released as versions 1.8.15-cert4, 11.2-cert3, 1.8.24.1, 10.12.4,
10.12.4-digiumphones, and 11.6.1.
The release of these versions resolve the following issues:
* A buffer overflow when receiving odd length 16 bit messages in app_sms. An
infinite loop could occur which would overwrite memory when a message is
received into the unpacksms16() function and the length of the message is an
odd number of bytes.
* Prevent permissions escalation in the Asterisk Manager Interface. Asterisk
now marks certain individual dialplan functions as 'dangerous', which will
inhibit their execution from external sources.
A 'dangerous' function is one which results in a privilege escalation. For
example, if one were to read the channel variable SHELL(rm -rf /) Bad
Things(TM) could happen; even if the external source has only read
permissions.
Execution from external sources may be enabled by setting 'live_dangerously'
to 'yes' in the [options] section of asterisk.conf. Although doing so is not
recommended.
These issues and their resolutions are described in the security advisories.
For more information about the details of these vulnerabilities, please read
security advisories AST-2013-006 and AST-2013-007, which were
released at the same time as this announcement.
For a full list of changes in the current releases, please see the ChangeLogs:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.6.1
The security advisories are available at:
* http://downloads.asterisk.org/pub/security/AST-2013-006.pdf
* http://downloads.asterisk.org/pub/security/AST-2013-007.pdf
Thank you for your continued support of Asterisk!
----- 11.6.0 -----
The Asterisk Development Team has announced the release of Asterisk 11.6.0.
The release of Asterisk 11.6.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following is a sample of the issues resolved in this release:
* --- Confbridge: empty conference not being torn down
(Closes issue ASTERISK-21859. Reported by Chris Gentle)
* --- Let Queue wrap up time influence member availability
(Closes issue ASTERISK-22189. Reported by Tony Lewis)
* --- Fix a longstanding issue with MFC-R2 configuration that
prevented users
(Closes issue ASTERISK-21117. Reported by Rafael Angulo)
* --- chan_iax2: Fix saving the wrong expiry time in astdb.
(Closes issue ASTERISK-22504. Reported by Stefan Wachtler)
* --- Fix segfault for certain invalid WebSocket input.
(Closes issue ASTERISK-21825. Reported by Alfred Farrugia)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.6.0
Thank you for your continued support of Asterisk!
Revision 1.101 / (download) - annotate - [select for diffs], Sat Oct 19 09:07:00 2013 UTC (9 years, 11 months ago) by adam
Branch: MAIN
Changes since 1.100: +2 -2
lines
Diff to previous 1.100 (colored)
Revbump after updating textproc/icu
Revision 1.100 / (download) - annotate - [select for diffs], Thu Oct 10 14:42:02 2013 UTC (9 years, 11 months ago) by ryoon
Branch: MAIN
Changes since 1.99: +2 -2
lines
Diff to previous 1.99 (colored)
Recursive revbump from pango-1.36.0
Revision 1.99 / (download) - annotate - [select for diffs], Mon Sep 2 19:50:57 2013 UTC (10 years ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2013Q3-base,
pkgsrc-2013Q3
Changes since 1.98: +2 -1
lines
Diff to previous 1.98 (colored)
Revbump after cairo update
Revision 1.98 / (download) - annotate - [select for diffs], Fri Aug 30 05:49:51 2013 UTC (10 years ago) by jnemeth
Branch: MAIN
Changes since 1.97: +2 -3
lines
Diff to previous 1.97 (colored)
Update to Asterisk 11.5.1: this is a security fix release to fix AST-2013-004 and AST-2013-005. The Asterisk Development Team has announced security releases for Certified Asterisk 1.8.15, 11.2, and Asterisk 1.8, 10, and 11. The available security rele ases are released as versions 1.8.15-cert2, 11.2-cert2, 1.8.23.1, 10.12.3, 10.12.3-di giumphones, and 11.5.1. The release of these versions resolve the following issues: * A remotely exploitable crash vulnerability exists in the SIP channel driver if an ACK with SDP is received after the channel has been terminated. The handling code incorrectly assumes that the channel will always be present. * A remotely exploitable crash vulnerability exists in the SIP channel driver if an invalid SDP is sent in a SIP request that defines media descriptions before connection information. The handling code incorrectly attempts to reference the socket address information even though that information has not yet been set. These issues and their resolutions are described in the security advisories. For more information about the details of these vulnerabilities, please read security advisories AST-2013-004 and AST-2013-005, which were released at the same time as this announcement. For a full list of changes in the current releases, please see the ChangeLogs: http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.5.1 The security advisories are available at: * http://downloads.asterisk.org/pub/security/AST-2013-004.pdf * http://downloads.asterisk.org/pub/security/AST-2013-005.pdf Thank you for your continued support of Asterisk!
Revision 1.97 / (download) - annotate - [select for diffs], Thu Aug 8 00:45:10 2013 UTC (10 years, 1 month ago) by jnemeth
Branch: MAIN
Changes since 1.96: +3 -2
lines
Diff to previous 1.96 (colored)
Add patches to convert RAII_VAR to a method that doesn't use nested functions, thus making Asterisk portable to all C compilers. The patches from joerg@ (with one missing file added by myself).
Revision 1.96 / (download) - annotate - [select for diffs], Sun Jul 21 06:55:53 2013 UTC (10 years, 2 months ago) by jnemeth
Branch: MAIN
Changes since 1.95: +11 -5
lines
Diff to previous 1.95 (colored)
Upgrade to Asterisk 11.5.0: this is a general bug fix release
pkgsrc changes:
- add dependency on libuuid
- work around NetBSD's incompatible implementation of IP_PKTINFO
The Asterisk Development Team has announced the release of Asterisk 11.5.0.
The release of Asterisk 11.5.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following is a sample of the issues resolved in this release:
* --- Fix Segfault In app_queue When "persistentmembers" Is Enabled
And Using Realtime
* --- IAX2: fix race condition with nativebridge transfers.
* --- Fix The Payload Being Set On CN Packets And Do Not Set Marker
Bit
* --- Fix One-Way Audio With auto_* NAT Settings When SIP Calls
Initiated By PBX
* --- chan_sip: NOTIFYs for BLF start queuing up and fail to be sent
out after retries fail
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.5.0
Thank you for your continued support of Asterisk!
Revision 1.95 / (download) - annotate - [select for diffs], Fri Jul 12 10:44:53 2013 UTC (10 years, 2 months ago) by jperkin
Branch: MAIN
Changes since 1.94: +2 -2
lines
Diff to previous 1.94 (colored)
Bump PKGREVISION of all packages which create users, to pick up change of sysutils/user_* packages.
Revision 1.94 / (download) - annotate - [select for diffs], Sun Jun 16 22:10:13 2013 UTC (10 years, 3 months ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2013Q2-base,
pkgsrc-2013Q2
Changes since 1.93: +4 -1
lines
Diff to previous 1.93 (colored)
Asterisk is known to fail on 32-bit systems, specifically i386. Mark it as such until the bug is found and fixed.
Revision 1.93 / (download) - annotate - [select for diffs], Fri Jun 14 04:26:55 2013 UTC (10 years, 3 months ago) by jnemeth
Branch: MAIN
Changes since 1.92: +2 -2
lines
Diff to previous 1.92 (colored)
- fix PLIST when jabber option is disabled - fix compile problem on newer NetBSD systems that have newlocale support - fix a couple of cases where ctype functions called with plain char - last two items from joerg@
Revision 1.92 / (download) - annotate - [select for diffs], Thu Jun 6 12:54:09 2013 UTC (10 years, 3 months ago) by wiz
Branch: MAIN
Changes since 1.91: +2 -2
lines
Diff to previous 1.91 (colored)
Bump PKGREVISION for libXft changes for NetBSD native X support on NetBSD 6, requested by tron.
Revision 1.91 / (download) - annotate - [select for diffs], Tue Jun 4 22:15:47 2013 UTC (10 years, 3 months ago) by tron
Branch: MAIN
Changes since 1.90: +2 -2
lines
Diff to previous 1.90 (colored)
Try to fix the fallout caused by the fix for PR pkg/47882. Part 3: Recursively bump package revisions again after the "freetype2" and "fontconfig" handling was fixed.
Revision 1.90 / (download) - annotate - [select for diffs], Mon Jun 3 10:04:40 2013 UTC (10 years, 3 months ago) by wiz
Branch: MAIN
Changes since 1.89: +2 -2
lines
Diff to previous 1.89 (colored)
Bump freetype2 and fontconfig dependencies to current pkgsrc versions, to address issues with NetBSD-6(and earlier)'s fontconfig not being new enough for pango. While doing that, also bump freetype2 dependency to current pkgsrc version. Suggested by tron in PR 47882
Revision 1.89 / (download) - annotate - [select for diffs], Fri May 31 12:39:42 2013 UTC (10 years, 3 months ago) by wiz
Branch: MAIN
Changes since 1.88: +2 -1
lines
Diff to previous 1.88 (colored)
Bump all packages for perl-5.18, that a) refer 'perl' in their Makefile, or b) have a directory name of p5-*, or c) have any dependency on any p5-* package Like last time, where this caused no complaints.
Revision 1.88 / (download) - annotate - [select for diffs], Sat May 18 03:40:17 2013 UTC (10 years, 4 months ago) by jnemeth
Branch: MAIN
Changes since 1.87: +2 -3
lines
Diff to previous 1.87 (colored)
Update to Asterisk 11.4.0: this is a general bugfix release.
The Asterisk Development Team has announced the release of Asterisk 11.4.0.
The release of Asterisk 11.4.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following is a sample of the issues resolved in this release:
* --- Fix Sorting Order For Parking Lots Stored In Static Realtime
* --- Fix StopMixMonitor Hanging Up When Unable To Stop MixMonitor On
A Channel
* --- When a session timer expires during a T.38 call, re-invite with
correct SDP
* --- Fix white noise on SRTP decryption
* --- Fix reload skinny with active devices.
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.4.0
Thank you for your continued support of Asterisk!
Revision 1.87 / (download) - annotate - [select for diffs], Sun May 12 18:14:21 2013 UTC (10 years, 4 months ago) by jnemeth
Branch: MAIN
Changes since 1.86: +3 -3
lines
Diff to previous 1.86 (colored)
Whoops missed updating sound tarball in 11.3.0 update. Fixed. Thanks to joerg@ for pointing it out.
Revision 1.86 / (download) - annotate - [select for diffs], Thu May 9 07:39:29 2013 UTC (10 years, 4 months ago) by adam
Branch: MAIN
Changes since 1.85: +2 -1
lines
Diff to previous 1.85 (colored)
Massive revbump after updating graphics/ilmbase, graphics/openexr, textproc/icu.
Revision 1.85 / (download) - annotate - [select for diffs], Sun May 5 01:32:34 2013 UTC (10 years, 4 months ago) by jnemeth
Branch: MAIN
Changes since 1.84: +4 -4
lines
Diff to previous 1.84 (colored)
Update to Asterisk 11.3.0: this is a bugfix release.
The Asterisk Development Team has announced the release of Asterisk 11.3.0.
The release of Asterisk 11.3.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following is a sample of the issues resolved in this release:
* --- Fix issue where chan_mobile fails to bind to first available port
* --- Fix Queue Log Reporting Every Call COMPLETECALLER With "h"
Extension Present
* --- Retain XMPP filters across reconnections so external modules
continue to function as expected.
* --- Ensure that a declined media stream is terminated with a '\r\n'
* --- Fix pjproject compilation in certain circumstances
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.3.0
Thank you for your continued support of Asterisk!
Revision 1.83.2.1 / (download) - annotate - [select for diffs], Thu Apr 11 22:12:55 2013 UTC (10 years, 5 months ago) by tron
Branch: pkgsrc-2013Q1
Changes since 1.83: +2 -3
lines
Diff to previous 1.83 (colored) next main 1.84 (colored)
Pullup ticket #4116 - requested by jnemeth
comms/asterisk: security update
comms/asterisk10: security update
comms/asterisk18: security update
Revisions pulled up:
- comms/asterisk/Makefile 1.84
- comms/asterisk/distinfo 1.54
- comms/asterisk10/Makefile 1.43
- comms/asterisk10/distinfo 1.26
- comms/asterisk18/Makefile 1.61
- comms/asterisk18/distinfo 1.44
---
Module Name: pkgsrc
Committed By: jnemeth
Date: Wed Apr 10 05:24:39 UTC 2013
Modified Files:
pkgsrc/comms/asterisk18: Makefile distinfo
Log Message:
Update to Asterisk 1.2.20.2: this is a security update which fixes
AST-2013-001, AST-2013-002, and AST-2013-003.
The Asterisk Development Team has announced security releases for Certified
Asterisk 1.8.15 and Asterisk 1.8, 10, and 11. The available security releases
are released as versions 1.8.15-cert2, 1.8.20.2, 10.12.2, 10.12.2-digiumphones,
and 11.2.2.
The release of these versions resolve the following issues:
* A denial of service exists in Asterisk's HTTP server. AST-2012-014, fixed
in January of this year, contained a fix for Asterisk's HTTP server for a
remotely-triggered crash. While the fix prevented the crash from being
triggered, a denial of service vector still exists with that solution if an
attacker sends one or more HTTP POST requests with very large Content-Length
values.
This vulnerability affects Certified Asterisk 1.8.15, Asterisk 1.8, 10, and 11
* A potential username disclosure exists in the SIP channel driver. When
authenticating a SIP request with alwaysauthreject enabled, allowguest
disabled, and autocreatepeer disabled, Asterisk discloses whether a user
exists for INVITE, SUBSCRIBE, and REGISTER transactions in multiple ways.
This vulnerability affects Certified Asterisk 1.8.15, Asterisk 1.8, 10, and 11
These issues and their resolutions are described in the security advisories.
For more information about the details of these vulnerabilities, please read
security advisories AST-2013-001, AST-2013-002, and AST-2013-003, which were
released at the same time as this announcement.
For a full list of changes in the current releases, please see the ChangeLogs:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.20.2
The security advisories are available at:
* http://downloads.asterisk.org/pub/security/AST-2013-001.pdf
* http://downloads.asterisk.org/pub/security/AST-2013-002.pdf
* http://downloads.asterisk.org/pub/security/AST-2013-003.pdf
Thank you for your continued support of Asterisk!
---
Module Name: pkgsrc
Committed By: jnemeth
Date: Wed Apr 10 05:27:08 UTC 2013
Modified Files:
pkgsrc/comms/asterisk10: Makefile distinfo
Log Message:
Update to Asterisk 10.12.2: this is a security update which fixes
AST-2013-001, AST-2013-002, and AST-2013-003.
The Asterisk Development Team has announced security releases for Certified
Asterisk 1.8.15 and Asterisk 1.8, 10, and 11. The available security releases
are released as versions 1.8.15-cert2, 1.8.20.2, 10.12.2, 10.12.2-digiumphones,
and 11.2.2.
The release of these versions resolve the following issues:
* A denial of service exists in Asterisk's HTTP server. AST-2012-014, fixed
in January of this year, contained a fix for Asterisk's HTTP server for a
remotely-triggered crash. While the fix prevented the crash from being
triggered, a denial of service vector still exists with that solution if an
attacker sends one or more HTTP POST requests with very large Content-Length
values.
This vulnerability affects Certified Asterisk 1.8.15, Asterisk 1.8, 10, and 11
* A potential username disclosure exists in the SIP channel driver. When
authenticating a SIP request with alwaysauthreject enabled, allowguest
disabled, and autocreatepeer disabled, Asterisk discloses whether a user
exists for INVITE, SUBSCRIBE, and REGISTER transactions in multiple ways.
This vulnerability affects Certified Asterisk 1.8.15, Asterisk 1.8, 10, and 11
These issues and their resolutions are described in the security advisories.
For more information about the details of these vulnerabilities, please read
security advisories AST-2013-001, AST-2013-002, and AST-2013-003, which were
released at the same time as this announcement.
For a full list of changes in the current releases, please see the ChangeLogs:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.12.2
The security advisories are available at:
* http://downloads.asterisk.org/pub/security/AST-2013-001.pdf
* http://downloads.asterisk.org/pub/security/AST-2013-002.pdf
* http://downloads.asterisk.org/pub/security/AST-2013-003.pdf
Thank you for your continued support of Asterisk!
---
Module Name: pkgsrc
Committed By: jnemeth
Date: Wed Apr 10 05:28:56 UTC 2013
Modified Files:
pkgsrc/comms/asterisk: Makefile distinfo
Log Message:
Update to Asterisk 11.2.2: this is a security update which fixes
AST-2013-001, AST-2013-002, and AST-213-003.
The Asterisk Development Team has announced security releases for Certified
Asterisk 1.8.15 and Asterisk 1.8, 10, and 11. The available security releases
are released as versions 1.8.15-cert2, 1.8.20.2, 10.12.2, 10.12.2-digiumphones,
and 11.2.2.
The release of these versions resolve the following issues:
* A possible buffer overflow during H.264 format negotiation. The format
attribute resource for H.264 video performs an unsafe read against a media
attribute when parsing the SDP.
This vulnerability only affected Asterisk 11.
* A denial of service exists in Asterisk's HTTP server. AST-2012-014, fixed
in January of this year, contained a fix for Asterisk's HTTP server for a
remotely-triggered crash. While the fix prevented the crash from being
triggered, a denial of service vector still exists with that solution if an
attacker sends one or more HTTP POST requests with very large Content-Length
values.
This vulnerability affects Certified Asterisk 1.8.15, Asterisk 1.8, 10, and 11
* A potential username disclosure exists in the SIP channel driver. When
authenticating a SIP request with alwaysauthreject enabled, allowguest
disabled, and autocreatepeer disabled, Asterisk discloses whether a user
exists for INVITE, SUBSCRIBE, and REGISTER transactions in multiple ways.
This vulnerability affects Certified Asterisk 1.8.15, Asterisk 1.8, 10, and 11
These issues and their resolutions are described in the security advisories.
For more information about the details of these vulnerabilities, please read
security advisories AST-2013-001, AST-2013-002, and AST-2013-003, which were
released at the same time as this announcement.
For a full list of changes in the current releares, please see the ChangeLogs:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.2.2
The security advisories are available at:
* http://downloads.asterisk.org/pub/security/AST-2013-001.pdf
* http://downloads.asterisk.org/pub/security/AST-2013-002.pdf
* http://downloads.asterisk.org/pub/security/AST-2013-003.pdf
Thank you for your continued support of Asterisk!
Revision 1.84 / (download) - annotate - [select for diffs], Wed Apr 10 05:28:56 2013 UTC (10 years, 5 months ago) by jnemeth
Branch: MAIN
Changes since 1.83: +2 -3
lines
Diff to previous 1.83 (colored)
Update to Asterisk 11.2.2: this is a security update which fixes AST-2013-001, AST-2013-002, and AST-2013-003. The Asterisk Development Team has announced security releases for Certified Asterisk 1.8.15 and Asterisk 1.8, 10, and 11. The available security releases are released as versions 1.8.15-cert2, 1.8.20.2, 10.12.2, 10.12.2-digiumphones, and 11.2.2. The release of these versions resolve the following issues: * A possible buffer overflow during H.264 format negotiation. The format attribute resource for H.264 video performs an unsafe read against a media attribute when parsing the SDP. This vulnerability only affected Asterisk 11. * A denial of service exists in Asterisk's HTTP server. AST-2012-014, fixed in January of this year, contained a fix for Asterisk's HTTP server for a remotely-triggered crash. While the fix prevented the crash from being triggered, a denial of service vector still exists with that solution if an attacker sends one or more HTTP POST requests with very large Content-Length values. This vulnerability affects Certified Asterisk 1.8.15, Asterisk 1.8, 10, and 11 * A potential username disclosure exists in the SIP channel driver. When authenticating a SIP request with alwaysauthreject enabled, allowguest disabled, and autocreatepeer disabled, Asterisk discloses whether a user exists for INVITE, SUBSCRIBE, and REGISTER transactions in multiple ways. This vulnerability affects Certified Asterisk 1.8.15, Asterisk 1.8, 10, and 11 These issues and their resolutions are described in the security advisories. For more information about the details of these vulnerabilities, please read security advisories AST-2013-001, AST-2013-002, and AST-2013-003, which were released at the same time as this announcement. For a full list of changes in the current releases, please see the ChangeLogs: http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.2.2 The security advisories are available at: * http://downloads.asterisk.org/pub/security/AST-2013-001.pdf * http://downloads.asterisk.org/pub/security/AST-2013-002.pdf * http://downloads.asterisk.org/pub/security/AST-2013-003.pdf Thank you for your continued support of Asterisk!
Revision 1.83 / (download) - annotate - [select for diffs], Sat Feb 16 11:20:35 2013 UTC (10 years, 7 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2013Q1-base
Branch point for: pkgsrc-2013Q1
Changes since 1.82: +2 -1
lines
Diff to previous 1.82 (colored)
Recursive bump for png-1.6.
Revision 1.82 / (download) - annotate - [select for diffs], Sun Feb 10 20:18:50 2013 UTC (10 years, 7 months ago) by jnemeth
Branch: MAIN
Changes since 1.81: +2 -3
lines
Diff to previous 1.81 (colored)
Update to Asterisk 11.2.1: this is a minor bug fix release.
----- 11.2.1:
The Asterisk Development Team has announced the release of Asterisk 11.2.1.
The release of Asterisk 11.2.1 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following are the issues resolved in this release:
* --- Fix astcanary startup problem due to wrong pid value from before
daemon call
* --- Update init.d scripts to handle stderr; readd splash screen for
remote consoles
* --- Reset RTP timestamp; sequence number on SSRC change
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.2.1
Thank you for your continued support of Asterisk!
----- 11.2.0:
The Asterisk Development Team has announced the release of Asterisk 11.2.0.
The release of Asterisk 11.2.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following is a sample of the issues resolved in this release:
* --- app_meetme: Fix channels lingering when hung up under certain
conditions
* --- Fix stuck DTMF when bridge is broken.
* --- Add missing support for "who hung up" to chan_motif.
* --- Remove a fixed size limitation for producing SDP and change how
ICE support is disabled by default.
* --- Fix chan_sip websocket payload handling
* --- Fix pjproject compilation in certain circumstances
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.2.0
Thank you for your continued support of Asterisk!
Revision 1.81 / (download) - annotate - [select for diffs], Wed Feb 6 23:21:50 2013 UTC (10 years, 7 months ago) by jperkin
Branch: MAIN
Changes since 1.80: +2 -2
lines
Diff to previous 1.80 (colored)
PKGREVISION bumps for the security/openssl 1.0.1d update.
Revision 1.80 / (download) - annotate - [select for diffs], Sat Jan 26 21:37:11 2013 UTC (10 years, 7 months ago) by adam
Branch: MAIN
Changes since 1.79: +2 -1
lines
Diff to previous 1.79 (colored)
Revbump after graphics/jpeg and textproc/icu
Revision 1.78.2.1 / (download) - annotate - [select for diffs], Fri Jan 4 18:48:00 2013 UTC (10 years, 8 months ago) by tron
Branch: pkgsrc-2012Q4
Changes since 1.78: +2 -2
lines
Diff to previous 1.78 (colored) next main 1.79 (colored)
Pullup ticket #3999 - requested by jnemeth
comms/asterisk: security update
Revisions pulled up:
- comms/asterisk/Makefile 1.79
- comms/asterisk/distinfo 1.52
---
Module Name: pkgsrc
Committed By: jnemeth
Date: Fri Jan 4 03:09:56 UTC 2013
Modified Files:
pkgsrc/comms/asterisk: Makefile distinfo
Log Message:
Update to Asterisk 11.1.2: this is a security update for AST-2012-014
and AST-2012-015. Apparently the last update didn't completely
fix the issues.
The Asterisk Development Team has announced a security release for
Asterisk 11, Asterisk 11.1.2. This release addresses the security
vulnerabilities reported in AST-2012-014 and AST-2012-015, and
replaces the previous version of Asterisk 11 released for these
security vulnerabilities. The prior release left open a vulnerability
in res_xmpp that exists only in Asterisk 11; as such, other versions
of Asterisk were resolved correctly by the previous releases.
The release of these versions resolve the following two issues:
* Stack overflows that occur in some portions of Asterisk that manage a TCP
connection. In SIP, this is exploitable via a remote unauthenticated session;
in XMPP and HTTP connections, this is exploitable via remote authenticated
sessions. The vulnerabilities in SIP and HTTP were corrected in a prior
release of Asterisk; the vulnerability in XMPP is resolved in this release.
* A denial of service vulnerability through exploitation of the device state
cache. Anonymous calls had the capability to create devices in Asterisk that
would never be disposed of. Handling the cachability of device states
aggregated via XMPP is handled in this release.
These issues and their resolutions are described in the security advisories.
For more information about the details of these vulnerabilities, please read
security advisories AST-2012-014 and AST-2012-015.
For a full list of changes in the current release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.1.2
The security advisories are available at:
* http://downloads.asterisk.org/pub/security/AST-2012-014.pdf
* http://downloads.asterisk.org/pub/security/AST-2012-015.pdf
Thank you for your continued support of Asterisk - and we apologize for having
to do this twice!
Revision 1.79 / (download) - annotate - [select for diffs], Fri Jan 4 03:09:56 2013 UTC (10 years, 8 months ago) by jnemeth
Branch: MAIN
Changes since 1.78: +2 -2
lines
Diff to previous 1.78 (colored)
Update to Asterisk 11.1.2: this is a security update for AST-2012-014 and AST-2012-015. Apparently the last update didn't completely fix the issues. The Asterisk Development Team has announced a security release for Asterisk 11, Asterisk 11.1.2. This release addresses the security vulnerabilities reported in AST-2012-014 and AST-2012-015, and replaces the previous version of Asterisk 11 released for these security vulnerabilities. The prior release left open a vulnerability in res_xmpp that exists only in Asterisk 11; as such, other versions of Asterisk were resolved correctly by the previous releases. The release of these versions resolve the following two issues: * Stack overflows that occur in some portions of Asterisk that manage a TCP connection. In SIP, this is exploitable via a remote unauthenticated session; in XMPP and HTTP connections, this is exploitable via remote authenticated sessions. The vulnerabilities in SIP and HTTP were corrected in a prior release of Asterisk; the vulnerability in XMPP is resolved in this release. * A denial of service vulnerability through exploitation of the device state cache. Anonymous calls had the capability to create devices in Asterisk that would never be disposed of. Handling the cachability of device states aggregated via XMPP is handled in this release. These issues and their resolutions are described in the security advisories. For more information about the details of these vulnerabilities, please read security advisories AST-2012-014 and AST-2012-015. For a full list of changes in the current release, please see the ChangeLog: http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.1.2 The security advisories are available at: * http://downloads.asterisk.org/pub/security/AST-2012-014.pdf * http://downloads.asterisk.org/pub/security/AST-2012-015.pdf Thank you for your continued support of Asterisk - and we apologize for having to do this twice!
Revision 1.78 / (download) - annotate - [select for diffs], Thu Jan 3 02:11:19 2013 UTC (10 years, 8 months ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2012Q4-base
Branch point for: pkgsrc-2012Q4
Changes since 1.77: +2 -3
lines
Diff to previous 1.77 (colored)
Upgrade to Asterisk 11.1.1; this is a security fix to fix AST-2012-14 and AST-2012-015. Approved for commit during freeze by: agc The Asterisk Development Team has announced security releases for Certified Asterisk 1.8.11 and Asterisk 1.8, 10, and 11. The available security releases are released as versions 1.8.11-cert10, 1.8.19.1, 10.11.1, 10.11.1-digiumphones, and 11.1.1. The release of these versions resolve the following two issues: * Stack overflows that occur in some portions of Asterisk that manage a TCP connection. In SIP, this is exploitable via a remote unauthenticated session; in XMPP and HTTP connections, this is exploitable via remote authenticated sessions. * A denial of service vulnerability through exploitation of the device state cache. Anonymous calls had the capability to create devices in Asterisk that would never be disposed of. These issues and their resolutions are described in the security advisories. For more information about the details of these vulnerabilities, please read security advisories AST-2012-014 and AST-2012-015, which were released at the same time as this announcement. For a full list of changes in the current releases, please see the ChangeLogs: http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.1.1 The security advisories are available at: * http://downloads.asterisk.org/pub/security/AST-2012-014.pdf * http://downloads.asterisk.org/pub/security/AST-2012-015.pdf Thank you for your continued support of Asterisk!
Revision 1.77 / (download) - annotate - [select for diffs], Sun Dec 16 01:52:01 2012 UTC (10 years, 9 months ago) by obache
Branch: MAIN
Changes since 1.76: +2 -1
lines
Diff to previous 1.76 (colored)
recursive bump from cyrus-sasl libsasl2 shlib major bump.
Revision 1.76 / (download) - annotate - [select for diffs], Tue Dec 11 08:22:48 2012 UTC (10 years, 9 months ago) by jnemeth
Branch: MAIN
Changes since 1.75: +198 -70
lines
Diff to previous 1.75 (colored)
Update to Asterisk 11.1.0: this is a major new long term support release.
As this is a major release, you should read the information about updating:
https://wiki.asterisk.org/wiki/display/AST/Upgrading+to+Asterisk+11
You can also find documentation in: /usr/pkg/share/doc/asterisk
----- 11.1.0:
The Asterisk Development Team has announced the release of Asterisk 11.1.0.
The release of Asterisk 11.1.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following is a sample of the issues resolved in this release:
* --- Fix execution of 'i' extension due to uninitialized variable.
* --- Prevent resetting of NATted realtime peer address on reload.
* --- Fix ConfBridge crash if no timing module loaded.
* --- Fix the Park 'r' option when a channel parks itself.
* --- Fix an issue where outgoing calls would fail to establish audio
due to ICE negotiation failures.
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.1.0
----- 11.0.1:
The Asterisk Development Team has announced the release of Asterisk 11.0.1.
The release of Asterisk 11.0.1 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following are the issues resolved in this release:
* --- chan_sip: Fix a bug causing SIP reloads to remove all entries
from the registry
* --- confbridge: Fix a bug which made conferences not record with
AMI/CLI commands
* --- Fix an issue with res_http_websocket where the chan_sip
WebSocket handler could not be registered.
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.0.1
Thank you for your continued support of Asterisk!
----- 11.0.0:
The Asterisk Development Team is pleased to announce the release of
Asterisk 11.0.0.
Asterisk 11 is the next major release series of Asterisk. It is a Long Term
Support (LTS) release, similar to Asterisk 1.8. For more information about
support time lines for Asterisk releases, see the Asterisk versions page:
https://wiki.asterisk.org/wiki/display/AST/Asterisk+Versions
For important information regarding upgrading to Asterisk 11, please see the
Asterisk wiki:
https://wiki.asterisk.org/wiki/display/AST/Upgrading+to+Asterisk+11
A short list of new features includes:
* A new channel driver named chan_motif has been added which provides support
for Google Talk and Jingle in a single channel driver. This new channel
driver includes support for both audio and video, RFC2833 DTMF, all codecs
supported by Asterisk, hold, unhold, and ringing notification. It is also
compliant with the current Jingle specification, current Google Jingle
specification, and the original Google Talk protocol.
* Support for the WebSocket transport for chan_sip.
* SIP peers can now be configured to support negotiation of ICE candidates.
* The app_page application now no longer depends on DAHDI or app_meetme. It
has been re-architected to use app_confbridge internally.
* Hangup handlers can be attached to channels using the CHANNEL() function.
Hangup handlers will run when the channel is hung up similar to the h
extension; however, unlike an h extension, a hangup handler is associated with
the actual channel and will execute anytime that channel is hung up,
regardless of where it is in the dialplan.
* Added pre-dial handlers for the Dial and Follow-Me applications. Pre-dial
allows you to execute a dialplan subroutine on a channel before a call is
placed but after the application performing a dial action is invoked. This
means that the handlers are executed after the creation of the callee
channels, but before any actions have been taken to actually dial the callee
channels.
* Log messages can now be easily associated with a certain call by looking at
a new unique identifier, "Call Id". Call ids are attached to log messages for
just about any case where it can be determined that the message is related
to a particular call.
* Introduced Named ACLs as a new way to define Access Control Lists (ACLs) in
Asterisk. Unlike traditional ACLs defined in specific module configuration
files, Named ACLs can be shared across multiple modules.
* The Hangup Cause family of functions and dialplan applications allow for
inspection of the hangup cause codes for each channel involved in a call.
This allows a dialplan writer to determine, for each channel, who hung up and
for what reason(s).
* Two new functions have been added: FEATURE() and FEATUREMAP(). FEATURE()
lets you set some of the configuration options from the general section
of features.conf on a per-channel basis. FEATUREMAP() lets you customize
the key sequence used to activate built-in features, such as blindxfer,
and automon.
* Support for DTLS-SRTP in chan_sip.
* Support for named pickupgroups/callgroups, allowing any number of pickupgroups
and callgroups to be defined for several channel drivers.
* IPv6 Support for AMI, AGI, ExternalIVR, and the SIP Security Event Framework.
More information about the new features can be found on the Asterisk wiki:
https://wiki.asterisk.org/wiki/display/AST/Asterisk+11+Documentation
A full list of all new features can also be found in the CHANGES file.
http://svnview.digium.com/svn/asterisk/branches/11/CHANGES
For a full list of changes in the current release, please see the ChangeLog.
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.0.0
Thank you for your continued support of Asterisk!
Revision 1.75 / (download) - annotate - [select for diffs], Wed Oct 3 21:54:04 2012 UTC (10 years, 11 months ago) by wiz
Branch: MAIN
Changes since 1.74: +2 -2
lines
Diff to previous 1.74 (colored)
Bump all packages that use perl, or depend on a p5-* package, or are called p5-*. I hope that's all of them.
Revision 1.74 / (download) - annotate - [select for diffs], Wed Oct 3 11:24:38 2012 UTC (10 years, 11 months ago) by asau
Branch: MAIN
Changes since 1.73: +1 -3
lines
Diff to previous 1.73 (colored)
Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days.
Revision 1.73 / (download) - annotate - [select for diffs], Sat Jun 9 18:44:51 2012 UTC (11 years, 3 months ago) by dholland
Branch: MAIN
CVS Tags: pkgsrc-2012Q3-base,
pkgsrc-2012Q3,
pkgsrc-2012Q2-base,
pkgsrc-2012Q2
Changes since 1.72: +2 -1
lines
Diff to previous 1.72 (colored)
Add missing rpath in curl plugin.
Revision 1.72 / (download) - annotate - [select for diffs], Sun Aug 7 02:40:32 2011 UTC (12 years, 1 month ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2012Q1-base,
pkgsrc-2012Q1,
pkgsrc-2011Q4-base,
pkgsrc-2011Q4,
pkgsrc-2011Q3-base,
pkgsrc-2011Q3
Changes since 1.71: +2 -2
lines
Diff to previous 1.71 (colored)
Bump PKGREVISION for perl update.
Revision 1.71 / (download) - annotate - [select for diffs], Fri Apr 22 13:43:09 2011 UTC (12 years, 5 months ago) by obache
Branch: MAIN
CVS Tags: pkgsrc-2011Q2-base,
pkgsrc-2011Q2
Changes since 1.70: +2 -2
lines
Diff to previous 1.70 (colored)
recursive bump from gettext-lib shlib bump.
Revision 1.70 / (download) - annotate - [select for diffs], Sun Jan 17 12:02:08 2010 UTC (13 years, 8 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2011Q1-base,
pkgsrc-2011Q1,
pkgsrc-2010Q4-base,
pkgsrc-2010Q4,
pkgsrc-2010Q3-base,
pkgsrc-2010Q3,
pkgsrc-2010Q2-base,
pkgsrc-2010Q2,
pkgsrc-2010Q1-base,
pkgsrc-2010Q1
Changes since 1.69: +2 -1
lines
Diff to previous 1.69 (colored)
Recursive PKGREVISION bump for jpeg update to 8.
Revision 1.69 / (download) - annotate - [select for diffs], Fri Dec 18 14:39:26 2009 UTC (13 years, 9 months ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2009Q4-base,
pkgsrc-2009Q4
Changes since 1.68: +2 -2
lines
Diff to previous 1.68 (colored)
Update to 1.2.37. This update is to fix two security issues.
1.2.36 fixed AST-2009-008, and 1.2.37 fixed AST-2009-010. The
problem in AST-2009-008 is:
-----
It is possible to determine if a peer with a specific name is
configured in Asterisk by sending a specially crafted REGISTER
message twice. The username that is to be checked is put in the
user portion of the URI in the To header. A bogus non-matching
value is put into the username portion of the Digest in the
Authorization header. If the peer does exist the second REGISTER
will receive a response of "403 Authentication user name does not
match account name". If the peer does not exist the response will
be "404 Not Found" if alwaysauthreject is disabled and "401
Unauthorized" if alwaysauthreject is enabled.
-----
And, the problem in AST-2009-010 is:
-----
An attacker sending a valid RTP comfort noise payload containing
a data length of 24 bytes or greater can remotely crash Asterisk.
-----
Revision 1.63.2.3 / (download) - annotate - [select for diffs], Sun Sep 6 14:31:35 2009 UTC (14 years ago) by tron
Branch: pkgsrc-2009Q2
Changes since 1.63.2.2: +1 -1
lines
Diff to previous 1.63.2.2 (colored) to branchpoint 1.63 (colored) next main 1.64 (colored)
Pullup ticket #2882 - requested by jnemeth
asterisk: security update
Revisions pulled up:
- comms/asterisk/Makefile 1.68
- comms/asterisk/PLIST.common 1.17
- comms/asterisk/distinfo 1.44
---
Module Name: pkgsrc
Committed By: jnemeth
Date: Sat Sep 5 01:44:19 UTC 2009
Modified Files:
pkgsrc/comms/asterisk: Makefile PLIST.common distinfo
Log Message:
update to asterisk 1.2.35 which fixes AST-2009-006 -- IAX2 DOS vulnerability
Revision 1.68 / (download) - annotate - [select for diffs], Sat Sep 5 01:44:18 2009 UTC (14 years ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2009Q3-base,
pkgsrc-2009Q3
Changes since 1.67: +2 -2
lines
Diff to previous 1.67 (colored)
update to asterisk 1.2.35 which fixes AST-2009-006 -- IAX2 DOS vulnerability
Revision 1.63.2.2 / (download) - annotate - [select for diffs], Thu Aug 27 11:35:17 2009 UTC (14 years ago) by tron
Branch: pkgsrc-2009Q2
Changes since 1.63.2.1: +1 -4
lines
Diff to previous 1.63.2.1 (colored) to branchpoint 1.63 (colored)
Pullup ticket #2872 - requested by jnemeth
asterisk: security update
Revisions pulled up:
- comms/asterisk/Makefile 1.67
- comms/asterisk/distinfo 1.43
---
Module Name: pkgsrc
Committed By: jnemeth
Date: Sun Aug 23 09:22:24 UTC 2009
Modified Files:
pkgsrc/comms/asterisk: Makefile distinfo
Log Message:
This update is just to fix a hypothetical security issue (AST-2009-005)
which is most likely not exploitable.
Revision 1.67 / (download) - annotate - [select for diffs], Sun Aug 23 09:22:23 2009 UTC (14 years, 1 month ago) by jnemeth
Branch: MAIN
Changes since 1.66: +2 -5
lines
Diff to previous 1.66 (colored)
This update is just to fix a hypothetical security issue (AST-2009-005) which is most likely not exploitable.
Revision 1.63.2.1 / (download) - annotate - [select for diffs], Fri Aug 21 12:17:35 2009 UTC (14 years, 1 month ago) by tron
Branch: pkgsrc-2009Q2
Changes since 1.63: +10 -6
lines
Diff to previous 1.63 (colored)
Pullup ticket #2870 - requested by jnemeth
asterisk: build fix
Revisions pulled up:
- comms/asterisk/Makefile 1.64-1.66
- comms/asterisk/PLIST.common 1.16
- comms/asterisk/distinfo 1.41-1.42
---
Module Name: pkgsrc
Committed By: jnemeth
Date: Thu Aug 20 22:31:41 UTC 2009
Modified Files:
pkgsrc/comms/asterisk: Makefile PLIST.common distinfo
Log Message:
Digium in its infinite wisdom changed the Music-On-Hold sound files in all
release tarballs. Update for that change.
While here, do some pkglint cleanup and add LICENSE=gplv2.
---
Module Name: pkgsrc
Committed By: jnemeth
Date: Thu Aug 20 22:33:47 UTC 2009
Modified Files:
pkgsrc/comms/asterisk: Makefile
Log Message:
bump PKGREVISION for previous
---
Module Name: pkgsrc
Committed By: jnemeth
Date: Fri Aug 21 08:34:25 UTC 2009
Modified Files:
pkgsrc/comms/asterisk: Makefile
Log Message:
Change DIST_SUBDIR to avoid people having to manually remove the old
distfile. Requested by wiz@.
---
Module Name: pkgsrc
Committed By: wiz
Date: Fri Aug 21 08:46:16 UTC 2009
Modified Files:
pkgsrc/comms/asterisk: distinfo
Log Message:
regen (for DIST_SUBDIR change).
Revision 1.66 / (download) - annotate - [select for diffs], Fri Aug 21 08:34:25 2009 UTC (14 years, 1 month ago) by jnemeth
Branch: MAIN
Changes since 1.65: +3 -1
lines
Diff to previous 1.65 (colored)
Change DIST_SUBDIR to avoid people having to manually remove the old distfile. Requested by wiz@.
Revision 1.65 / (download) - annotate - [select for diffs], Thu Aug 20 22:33:47 2009 UTC (14 years, 1 month ago) by jnemeth
Branch: MAIN
Changes since 1.64: +2 -1
lines
Diff to previous 1.64 (colored)
bump PKGREVISION for previous
Revision 1.64 / (download) - annotate - [select for diffs], Thu Aug 20 22:31:41 2009 UTC (14 years, 1 month ago) by jnemeth
Branch: MAIN
Changes since 1.63: +7 -6
lines
Diff to previous 1.63 (colored)
Digium in its infinite wisdom changed the Music-On-Hold sound files in all release tarballs. Update for that change. While here, do some pkglint cleanup and add LICENSE=gplv2.
Revision 1.63 / (download) - annotate - [select for diffs], Fri Jun 5 23:07:11 2009 UTC (14 years, 3 months ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2009Q2-base
Branch point for: pkgsrc-2009Q2
Changes since 1.62: +2 -2
lines
Diff to previous 1.62 (colored)
Upgrade to 1.2.33. Provides a fix related to AST-2009-001.
Revision 1.62 / (download) - annotate - [select for diffs], Fri May 15 18:24:29 2009 UTC (14 years, 4 months ago) by jnemeth
Branch: MAIN
Changes since 1.61: +3 -3
lines
Diff to previous 1.61 (colored)
new MASTER_SITES
Revision 1.61 / (download) - annotate - [select for diffs], Mon Jan 26 13:15:49 2009 UTC (14 years, 7 months ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2009Q1-base,
pkgsrc-2009Q1
Changes since 1.60: +2 -1
lines
Diff to previous 1.60 (colored)
PR/38351 - Miro Voutilainen -- app_curl does not build
Revision 1.58.2.2 / (download) - annotate - [select for diffs], Thu Jan 22 12:47:01 2009 UTC (14 years, 8 months ago) by tron
Branch: pkgsrc-2008Q4
Changes since 1.58.2.1: +3 -1
lines
Diff to previous 1.58.2.1 (colored) to branchpoint 1.58 (colored) next main 1.59 (colored)
Pullup ticket #2646 - requested by obache
asterisk: package list fix
Revisions pulled up:
- comms/asterisk/Makefile 1.60
- comms/asterisk/PLIST.common_end 1.6
---
Module Name: pkgsrc
Committed By: obache
Date: Thu Jan 22 12:19:49 UTC 2009
Modified Files:
pkgsrc/comms/asterisk: Makefile PLIST.common_end
Log Message:
Need to care ${ASTVARLIBDIR}/sounds/priv-callerintros.
XXX: it should be in ${VARBASE}, not ${PREFIX}/libdata.
Revision 1.58.2.1 / (download) - annotate - [select for diffs], Thu Jan 22 12:39:43 2009 UTC (14 years, 8 months ago) by tron
Branch: pkgsrc-2008Q4
Changes since 1.58: +5 -6
lines
Diff to previous 1.58 (colored)
Pullup ticket #2646 - requested by obache asterisk: security update Revisons pulled up: - comms/asterisk/Makefile 1.59 - comms/asterisk/distinfo 1.37 --- Module Name: pkgsrc Committed By: obache Date: Wed Jan 21 05:35:07 UTC 2009 Modified Files: pkgsrc/comms/asterisk: Makefile distinfo Log Message: Update asterisk to 1.2.31. While here, update MASTER_SITES and honor PKGMANDIR. ChangeLog-1.2.31: 2009-01-06 Leif Madsen <lmadsen@digium.com> * Asterisk 1.2.31 released 2009-01-06 20:44 +0000 [r167259] Tilghman Lesher <tlesher@digium.com> * channels/chan_iax2.c: Security fix AST-2009-001. 2008-12-10 Tilghman Lesher <tlesher@digium.com> * Asterisk 1.2.30.4 released 2008-12-10 21:06 +0000 [r162868] Tilghman Lesher <tlesher@digium.com> * channels/chan_iax2.c: Fix for AST-2008-012 2008-12-05 20:50 +0000 [r161421] Sean Bright <sean.bright@gmail.com> * include/asterisk/astobj2.h, astobj2.c: Fix build errors on FreeBSD (uint -> unsigned int). (closes issue #14006) Reported by: alphaque Patches: astobj2.h-patch uploaded by alphaque (license 259) (Slightly modified by seanbright) 2008-12-01 Tilghman Lesher <tlesher@digium.com> * Asterisk 1.2.30.3 released 2008-11-25 21:37 +0000 [r159245] Tilghman Lesher <tlesher@digium.com> * channels/chan_iax2.c: Regression fix for last security fix. Set the iseqno correctly. (closes issue #13918) Reported by: ffloimair Patches: 20081119__bug13918.diff.txt uploaded by Corydon76 (license 14) Tested by: ffloimair 2008-08-09 Tilghman Lesher <tlesher@digium.com> * Asterisk 1.2.30.2 released 2008-08-09 15:24 +0000 [r136945] Tilghman Lesher <tlesher@digium.com> * include/asterisk/compat.h, include/asterisk/astobj2.h: Regression fixes for Solaris 2008-07-25 15:00 +0000 [r133577] Russell Bryant <russell@digium.com> * LICENSE: Fix the IAX2 URI for calling Digium 2008-07-23 Tilghman Lesher <tlesher@digium.com> * Asterisk 1.2.30.1 released 2008-07-24 03:46 +0000 [r133360] Tilghman Lesher <tlesher@digium.com> * channels/chan_iax2.c: This part was not correctly patched for AST-2008-010.
Revision 1.60 / (download) - annotate - [select for diffs], Thu Jan 22 12:19:49 2009 UTC (14 years, 8 months ago) by obache
Branch: MAIN
Changes since 1.59: +3 -1
lines
Diff to previous 1.59 (colored)
Need to care ${ASTVARLIBDIR}/sounds/priv-callerintros.
XXX: it should be in ${VARBASE}, not ${PREFIX}/libdata.
Revision 1.59 / (download) - annotate - [select for diffs], Wed Jan 21 05:35:07 2009 UTC (14 years, 8 months ago) by obache
Branch: MAIN
Changes since 1.58: +5 -6
lines
Diff to previous 1.58 (colored)
Update asterisk to 1.2.31. While here, update MASTER_SITES and honor PKGMANDIR. ChangeLog-1.2.31: 2009-01-06 Leif Madsen <lmadsen@digium.com> * Asterisk 1.2.31 released 2009-01-06 20:44 +0000 [r167259] Tilghman Lesher <tlesher@digium.com> * channels/chan_iax2.c: Security fix AST-2009-001. 2008-12-10 Tilghman Lesher <tlesher@digium.com> * Asterisk 1.2.30.4 released 2008-12-10 21:06 +0000 [r162868] Tilghman Lesher <tlesher@digium.com> * channels/chan_iax2.c: Fix for AST-2008-012 2008-12-05 20:50 +0000 [r161421] Sean Bright <sean.bright@gmail.com> * include/asterisk/astobj2.h, astobj2.c: Fix build errors on FreeBSD (uint -> unsigned int). (closes issue #14006) Reported by: alphaque Patches: astobj2.h-patch uploaded by alphaque (license 259) (Slightly modified by seanbright) 2008-12-01 Tilghman Lesher <tlesher@digium.com> * Asterisk 1.2.30.3 released 2008-11-25 21:37 +0000 [r159245] Tilghman Lesher <tlesher@digium.com> * channels/chan_iax2.c: Regression fix for last security fix. Set the iseqno correctly. (closes issue #13918) Reported by: ffloimair Patches: 20081119__bug13918.diff.txt uploaded by Corydon76 (license 14) Tested by: ffloimair 2008-08-09 Tilghman Lesher <tlesher@digium.com> * Asterisk 1.2.30.2 released 2008-08-09 15:24 +0000 [r136945] Tilghman Lesher <tlesher@digium.com> * include/asterisk/compat.h, include/asterisk/astobj2.h: Regression fixes for Solaris 2008-07-25 15:00 +0000 [r133577] Russell Bryant <russell@digium.com> * LICENSE: Fix the IAX2 URI for calling Digium 2008-07-23 Tilghman Lesher <tlesher@digium.com> * Asterisk 1.2.30.1 released 2008-07-24 03:46 +0000 [r133360] Tilghman Lesher <tlesher@digium.com> * channels/chan_iax2.c: This part was not correctly patched for AST-2008-010.
Revision 1.58 / (download) - annotate - [select for diffs], Mon Nov 24 09:27:29 2008 UTC (14 years, 10 months ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2008Q4-base
Branch point for: pkgsrc-2008Q4
Changes since 1.57: +5 -2
lines
Diff to previous 1.57 (colored)
- make sure rc.d script can find asterisk when it isn't in the path - pkglint
Revision 1.56.4.1 / (download) - annotate - [select for diffs], Thu Jul 24 10:19:44 2008 UTC (15 years, 2 months ago) by rtr
Branch: pkgsrc-2008Q2
Changes since 1.56: +2 -3
lines
Diff to previous 1.56 (colored) next main 1.57 (colored)
pullup ticket #2457 requested by tonnerre asterisk: update package fixes for DoS vulnerabilities revisions pulled up: pkgsrc/comms/asterisk/Makefile 1.57 pkgsrc/comms/asterisk/distinfo 1.36 Module Name: pkgsrc Committed By: tonnerre Date: Thu Jul 24 00:10:50 UTC 2008 Modified Files: pkgsrc/comms/asterisk: Makefile distinfo Log Message: Update Asterisk to version 1.2.30, fixing two Denial of Service vulnerabilities (CVE-2008-3263 and CVE-2008-3264).
Revision 1.57 / (download) - annotate - [select for diffs], Thu Jul 24 00:10:50 2008 UTC (15 years, 2 months ago) by tonnerre
Branch: MAIN
CVS Tags: pkgsrc-2008Q3-base,
pkgsrc-2008Q3,
cube-native-xorg-base,
cube-native-xorg
Changes since 1.56: +2 -3
lines
Diff to previous 1.56 (colored)
Update Asterisk to version 1.2.30, fixing two Denial of Service vulnerabilities (CVE-2008-3263 and CVE-2008-3264). cvs: ----------------------------------------------------------------------
Revision 1.56 / (download) - annotate - [select for diffs], Thu Jul 10 08:23:20 2008 UTC (15 years, 2 months ago) by sborrill
Branch: MAIN
CVS Tags: pkgsrc-2008Q2-base,
cwrapper
Branch point for: pkgsrc-2008Q2
Changes since 1.55: +2 -2
lines
Diff to previous 1.55 (colored)
Add reload command to rc.d script. Remove sudo from rc.d - it should not be a requirement to stop your VoIP server.
Revision 1.55 / (download) - annotate - [select for diffs], Thu Jun 19 08:14:29 2008 UTC (15 years, 3 months ago) by wiz
Branch: MAIN
Changes since 1.54: +2 -2
lines
Diff to previous 1.54 (colored)
Add missing file to PLIST. Bump PKGREVISION.
Revision 1.54 / (download) - annotate - [select for diffs], Wed Jun 18 11:12:53 2008 UTC (15 years, 3 months ago) by wiz
Branch: MAIN
Changes since 1.53: +2 -2
lines
Diff to previous 1.53 (colored)
pkgsrc-users, not packages (hi riz!)
Revision 1.53 / (download) - annotate - [select for diffs], Fri Jun 13 10:10:33 2008 UTC (15 years, 3 months ago) by mjl
Branch: MAIN
Changes since 1.52: +2 -2
lines
Diff to previous 1.52 (colored)
Update to 1.2.29. Security update.
* channels/chan_sip.c: Copy the From header into a variable so that
pedantic SIP handling does not try to mess with a NULL pointer.
(AST-2008-008)
* channels/chan_iax2.c: When we receive a full frame that is
supposed to contain our call number, ensure that it has the
correct one. (closes issue #10078) (AST-2008-006)
Revision 1.52 / (download) - annotate - [select for diffs], Thu Jun 12 02:14:16 2008 UTC (15 years, 3 months ago) by joerg
Branch: MAIN
Changes since 1.51: +3 -1
lines
Diff to previous 1.51 (colored)
Add DESTDIR support.
Revision 1.51 / (download) - annotate - [select for diffs], Sat Jun 7 17:28:11 2008 UTC (15 years, 3 months ago) by riz
Branch: MAIN
Changes since 1.50: +2 -2
lines
Diff to previous 1.50 (colored)
Stop pretending like I have time to maintain packages that I don't even really use anymore.
Revision 1.50 / (download) - annotate - [select for diffs], Mon May 26 12:29:24 2008 UTC (15 years, 3 months ago) by wiz
Branch: MAIN
Changes since 1.49: +2 -1
lines
Diff to previous 1.49 (colored)
Add INSTALLATION_DIRS so that installation is successful even in a bulk build.
Revision 1.49 / (download) - annotate - [select for diffs], Wed Mar 19 10:32:02 2008 UTC (15 years, 6 months ago) by mjl
Branch: MAIN
CVS Tags: pkgsrc-2008Q1-base,
pkgsrc-2008Q1
Changes since 1.48: +3 -3
lines
Diff to previous 1.48 (colored)
Update asterisk to 1.2.27
Update for several critical security issues:
* astobj.h: Fix character string being treated as format string
* chan_sip.c: Do not return with a successful
authentication if the From header ends up empty. (AST-2008-003)
* chan_iax2.c: Fix another potential seg fault (closes issue #11606)
* chan_iax2.c: Fix a couple of places where it's possible
to dereference a NULL pointer.
* chan_sip.c, channels/chan_iax2.c: Fixing AST-2007-027
* cdr_pgsql.c: Properly escape src and dst fields (Fixes AST-2007-026)
Revision 1.48 / (download) - annotate - [select for diffs], Thu Feb 28 08:53:31 2008 UTC (15 years, 6 months ago) by wiz
Branch: MAIN
Changes since 1.47: +2 -1
lines
Diff to previous 1.47 (colored)
Use REPLACE_BASH to make sure right bash is found for mkpkgconfig.
Revision 1.47 / (download) - annotate - [select for diffs], Wed Feb 27 12:31:12 2008 UTC (15 years, 6 months ago) by wiz
Branch: MAIN
Changes since 1.46: +2 -2
lines
Diff to previous 1.46 (colored)
Add bash to tools for mkpkgconfig.
Revision 1.46 / (download) - annotate - [select for diffs], Wed Feb 20 10:14:19 2008 UTC (15 years, 7 months ago) by wiz
Branch: MAIN
Changes since 1.45: +2 -2
lines
Diff to previous 1.45 (colored)
Create pkgconfig file in correct location. Add it to PLIST. Bump PKGREVISION.
Revision 1.45 / (download) - annotate - [select for diffs], Fri Jan 18 05:06:25 2008 UTC (15 years, 8 months ago) by tnn
Branch: MAIN
Changes since 1.44: +2 -1
lines
Diff to previous 1.44 (colored)
Per the process outlined in revbump(1), perform a recursive revbump on packages that are affected by the switch from the openssl 0.9.7 branch to the 0.9.8 branch. ok jlam@
Revision 1.44 / (download) - annotate - [select for diffs], Fri Aug 10 00:03:27 2007 UTC (16 years, 1 month ago) by mjl
Branch: MAIN
CVS Tags: pkgsrc-2007Q4-base,
pkgsrc-2007Q4,
pkgsrc-2007Q3-base,
pkgsrc-2007Q3
Changes since 1.43: +2 -2
lines
Diff to previous 1.43 (colored)
Update asterisk to 1.2.24. Version 1.2.24 is the final 1.2 release that contains normal bug fixes. The 1.2 branch will only be maintained with security fix releases from now until it is completely deprecated.
Revision 1.43 / (download) - annotate - [select for diffs], Fri Aug 3 22:40:00 2007 UTC (16 years, 1 month ago) by mjl
Branch: MAIN
Changes since 1.42: +2 -2
lines
Diff to previous 1.42 (colored)
Update asterisk to 1.2.23
* channels/chan_iax2.c: Don't create the Asterisk channel until we
are starting the PBX on it. (ASA-2007-018)
* channels/chan_agent.c: (closes issue #5866) Reported by: tyler Do
not force channel format changes when a generator is present. The
generator may have changed the formats itself and changing them
back would cause issues.
* channels/chan_sip.c: (closes issue #10236) Reported by: homesick
Patches: rpid_1.4_75840.patch uploaded by homesick (license 91)
Accept Remote Party ID on guest calls.
* include/asterisk/app.h: We should not use C++ reserved words in
API headers (closes issue #10266)
* channels/chan_sip.c: Backport a fix for a memory leak that was
fixed in trunk in reivision 76221 by rizzo. The memory used for
the localaddr list was not freed during a configuration reload.
* channels/chan_sip.c: (closes issue #10247) Reported by:
fkasumovic Patches: chan_sip.patch uploaded by fkasumovic
(license #101) Drop any peer realm authentication entries when
reloading so multiple entries do not get added to the peer.
* channels/chan_iax2.c: When processing full frames, take sequence
number wraparound into account when deciding whether or not we
need to request retransmissions by sending a VNAK. This code
could cause VNAKs to be sent erroneously in some cases, and to
not be sent in other cases when it should have been. (closes
issue #10237, reported and patched by mihai)
* channels/chan_iax2.c: When traversing the queue of frames for
possible retransmission after receiving a VNAK, handle sequence
number wraparound so that all frames that should be retransmitted
actually do get retransmitted. (issue #10227, reported and
patched by mihai)
* apps/app_voicemail.c: Store prior to copy (closes issue #10193)
* apps/app_queue.c: removed the word 'pissed' from ast_log(...)
Revision 1.42 / (download) - annotate - [select for diffs], Thu Jul 19 09:39:57 2007 UTC (16 years, 2 months ago) by mjl
Branch: MAIN
Changes since 1.41: +2 -2
lines
Diff to previous 1.41 (colored)
Update to 1.2.22 * channels/chan_skinny.c: Properly check for the length in the skinny packet to prevent an invalid memcpy. (ASA-2007-016) * channels/iax2-parser.h, channels/chan_iax2.c, channels/iax2-parser.c: Ensure that when encoding the contents of an ast_frame into an iax_frame, that the size of the destination buffer is known in the iax_frame so that code won't write past the end of the allocated buffer when sending outgoing frames. (ASA-2007-014) * channels/chan_iax2.c: After parsing information elements in IAX frames, set the data length to zero, so that code later on does not think it has data to copy. (ASA-2007-015) * res/res_musiconhold.c: Fix a couple potential minor memory leaks. load_moh_classes() could return without destroying the loaded configuration. * apps/app_chanspy.c: Fixed an issue where chanspy flags were uninitialized if no options were passed. * res/res_musiconhold.c: Ensure that adding a user to the list of users of a specific music on hold class is not done at the same time as any of the other operations on this list to prevent list corruption. * channels/chan_iax2.c: The function make_trunk() can fail and return -1 instead of a valid new call number. Fix the uses of this function to handle this instead of treating it as the new call number. This would cause a deadlock and memory corruption. * channels/chan_agent.c: The cli command "agent logoff Agent/x soft" did not work...at all. Now it does. * res/res_config_odbc.c: Make sure that the ESCAPE immediately follows the condition that uses LIKE. This fixes realtime extensions with ODBC. * apps/app_queue.c: Fix an issue where it was possible to have a service level of over 100% Between the time recalc_holdtime and update_queue was called, it was possible that the call could have been hungup. * dns.c: Use res_ndestroy on systems that have it. Otherwise, use res_nclose. This prevents a memleak on NetBSD - and possibly others.
Revision 1.41 / (download) - annotate - [select for diffs], Wed Jul 11 14:28:46 2007 UTC (16 years, 2 months ago) by mjl
Branch: MAIN
Changes since 1.40: +2 -2
lines
Diff to previous 1.40 (colored)
Update asterisk to 1.2.21.1.
Revision 1.40 / (download) - annotate - [select for diffs], Sun Jul 8 12:02:18 2007 UTC (16 years, 2 months ago) by mjl
Branch: MAIN
Changes since 1.39: +2 -2
lines
Diff to previous 1.39 (colored)
Updated asterisk to 1.2.20 This release is a regular maintenance release. It has been made just a couple of weeks after the previous set of releases because the development team has been working especially hard on fixing bugs lately. There has been a large volume of issues fixed in just two weeks.
Revision 1.39 / (download) - annotate - [select for diffs], Wed Jul 4 20:54:34 2007 UTC (16 years, 2 months ago) by jlam
Branch: MAIN
Changes since 1.38: +3 -1
lines
Diff to previous 1.38 (colored)
Make it easier to build and install packages "unprivileged", where
the owner of all installed files is a non-root user. This change
affects most packages that require special users or groups by making
them use the specified unprivileged user and group instead.
(1) Add two new variables PKG_GROUPS_VARS and PKG_USERS_VARS to
unprivileged.mk. These two variables are lists of other bmake
variables that define package-specific users and groups. Packages
that have user-settable variables for users and groups, e.g. apache
and APACHE_{USER,GROUP}, courier-mta and COURIER_{USER,GROUP},
etc., should list these variables in PKG_USERS_VARS and PKG_GROUPS_VARS
so that unprivileged.mk can know to set them to ${UNPRIVILEGED_USER}
and ${UNPRIVILEGED_GROUP}.
(2) Modify packages to use PKG_GROUPS_VARS and PKG_USERS_VARS.
Revision 1.38 / (download) - annotate - [select for diffs], Sun Jun 24 07:52:47 2007 UTC (16 years, 3 months ago) by mjl
Branch: MAIN
CVS Tags: pkgsrc-2007Q2-base,
pkgsrc-2007Q2
Changes since 1.37: +2 -2
lines
Diff to previous 1.37 (colored)
Updated asterisk to 1.2.19.
Revision 1.37 / (download) - annotate - [select for diffs], Thu Apr 26 09:43:15 2007 UTC (16 years, 5 months ago) by mjl
Branch: MAIN
Changes since 1.36: +2 -2
lines
Diff to previous 1.36 (colored)
Updated asterisk to 1.2.18 This release contains a large number of fixes, including: - A recently published security vulnerability in the manager interface (ASA-2007-012) - Another recently published security vulnerability in the SIP channel driver (ASA-2007-011)
Revision 1.36 / (download) - annotate - [select for diffs], Thu Mar 22 12:57:26 2007 UTC (16 years, 6 months ago) by mjl
Branch: MAIN
CVS Tags: pkgsrc-2007Q1-base,
pkgsrc-2007Q1
Changes since 1.35: +2 -2
lines
Diff to previous 1.35 (colored)
Upgrade to 1.2.17. Along with minor bug fixes, this release incorporates a fix for the SIP DoS vulnerability recently discovered by INRIA Lorraine. All users of Asterisk 1.2 with the SIP channel driver loaded and connected to an untrusted network are urged to update to this release to avoid the possibility of experiencing this problem. Note that the option "zaptel" won't compile any more since version 1.2.16. This needs an upgrade of the netbsd zaptel driver.
Revision 1.34.2.1 / (download) - annotate - [select for diffs], Fri Mar 9 16:49:16 2007 UTC (16 years, 6 months ago) by salo
Branch: pkgsrc-2006Q4
Changes since 1.34: +2 -2
lines
Diff to previous 1.34 (colored) next main 1.35 (colored)
Pullup ticket 2048 - requested by drochner
security update for asterisk
Revisions pulled up:
- pkgsrc/comms/asterisk/Makefile 1.35
- pkgsrc/comms/asterisk/distinfo 1.23
Module Name: pkgsrc
Committed By: drochner
Date: Wed Mar 7 12:10:29 UTC 2007
Modified Files:
pkgsrc/comms/asterisk: Makefile distinfo
Log Message:
update to 1.2.16
changes:
1.2.15: This release contains a significant Astribank (XPP) driver update,
support for Digium's TE120P card, and various bug fixes.
1.2.16: This release contains a number of bug fixes, including a fix for
a recently discovered security vulnerability. All Asterisk 1.2 users are
urged to update to this release as soon as possible.
This is in response to PR pkg/35924 by David Wetzel. The PR suggests
to update to 1.4.1, but since I'm not using Asterisk myself I prefer
to do just the minor update (which also fixes the security vulnerability)
for now.
Revision 1.35 / (download) - annotate - [select for diffs], Wed Mar 7 12:10:29 2007 UTC (16 years, 6 months ago) by drochner
Branch: MAIN
Changes since 1.34: +2 -2
lines
Diff to previous 1.34 (colored)
update to 1.2.16 changes: 1.2.15: This release contains a significant Astribank (XPP) driver update, support for Digium's TE120P card, and various bug fixes. 1.2.16: This release contains a number of bug fixes, including a fix for a recently discovered security vulnerability. All Asterisk 1.2 users are urged to update to this release as soon as possible. This is in response to PR pkg/35924 by David Wetzel. The PR suggests to update to 1.4.1, but since I'm not using Asterisk myself I prefer to do just the minor update (which also fixes the security vulnerability) for now.
Revision 1.34 / (download) - annotate - [select for diffs], Wed Dec 20 11:34:55 2006 UTC (16 years, 9 months ago) by mjl
Branch: MAIN
CVS Tags: pkgsrc-2006Q4-base
Branch point for: pkgsrc-2006Q4
Changes since 1.33: +2 -2
lines
Diff to previous 1.33 (colored)
Update asterisk to 1.2.14.
Revision 1.33 / (download) - annotate - [select for diffs], Thu Oct 19 14:02:07 2006 UTC (16 years, 11 months ago) by mjl
Branch: MAIN
Changes since 1.32: +2 -2
lines
Diff to previous 1.32 (colored)
Update to asterisk 1.2.13
This release contains a fix for a security vulnerability recently
found in the chan_skinny channel driver (for Cisco SCCP phones).
This vulnerability would enable an attacker to remotely execute
code as the system user running Asterisk (frequently 'root').
The exploit does not require that the skinny.conf contain any
valid phone entries, only that chan_skinny is loaded and operational.
This release also contains a number of bug fixes, and some improvements
to the chan_sip channel driver (for SIP devices) to mitigate the impacts
of a certain class of denial-of-service attacks that have recently been
published.
All Asterisk 1.2 users are urged to update to this release if they use
the chan_skinny channel driver, or to stop loading it if it is not
needed ('noload=>chan_skinny.so' in modules.conf will cause this behavior).
Revision 1.32 / (download) - annotate - [select for diffs], Wed Sep 13 09:28:35 2006 UTC (17 years ago) by mjl
Branch: MAIN
CVS Tags: pkgsrc-2006Q3-base,
pkgsrc-2006Q3
Changes since 1.31: +2 -2
lines
Diff to previous 1.31 (colored)
Update asterisk to 1.2.12.1.
Revision 1.31 / (download) - annotate - [select for diffs], Wed Sep 13 09:08:55 2006 UTC (17 years ago) by mjl
Branch: MAIN
Changes since 1.30: +2 -2
lines
Diff to previous 1.30 (colored)
Update to asterisk 1.2.12 Asterisk 1.2.11 includes a number of bug fixes, along with an update to the chan_misdn driver for mISDN devices. Asterisk 1.2.12 includes a number of bug fixes, including fixes for two regressions that occurred in the 1.2.11 release. Specifically, the AGI 'GET VARIABLE' command has now gone back to its previous behavior, and CDR records now reflect the CallerID number instead of ANI in the situations that this was the case in earlier 1.2 releases.
Revision 1.30 / (download) - annotate - [select for diffs], Fri Aug 18 11:32:51 2006 UTC (17 years, 1 month ago) by adam
Branch: MAIN
Changes since 1.29: +2 -2
lines
Diff to previous 1.29 (colored)
Changes 1.2.10: * Number of bug fixes * New option to help to avoid a potential denial of service in IAX2 channel driver * Support for TE407P and TE412P quad T1/E1 interface cards
Revision 1.29 / (download) - annotate - [select for diffs], Sat Jul 1 13:26:50 2006 UTC (17 years, 2 months ago) by riz
Branch: MAIN
CVS Tags: pkgsrc-2006Q2-base,
pkgsrc-2006Q2
Changes since 1.28: +2 -2
lines
Diff to previous 1.28 (colored)
Update asterisk to 1.2.9.1 - fixes a vulnerability in the IAX2 channel driver most importantly.
Revision 1.28 / (download) - annotate - [select for diffs], Tue Jun 20 23:39:59 2006 UTC (17 years, 3 months ago) by minskim
Branch: MAIN
Changes since 1.27: +2 -1
lines
Diff to previous 1.27 (colored)
This package needs zlib to build.
Revision 1.27 / (download) - annotate - [select for diffs], Sat Jun 10 23:56:18 2006 UTC (17 years, 3 months ago) by dsainty
Branch: MAIN
Changes since 1.26: +2 -2
lines
Diff to previous 1.26 (colored)
Add a slash to the end of the old-releases URL. Fixes downloads for current package version 1.2.8, which is now old due to Asterisk release 1.2.9.
Revision 1.26 / (download) - annotate - [select for diffs], Wed May 31 18:43:15 2006 UTC (17 years, 3 months ago) by adam
Branch: MAIN
Changes since 1.25: +3 -3
lines
Diff to previous 1.25 (colored)
Changes 1.2.8: * Number of bug fixes, including IAX2 channel driver fixes.
Revision 1.22.2.1 / (download) - annotate - [select for diffs], Wed May 3 08:57:02 2006 UTC (17 years, 4 months ago) by salo
Branch: pkgsrc-2006Q1
Changes since 1.22: +15 -20
lines
Diff to previous 1.22 (colored) next main 1.23 (colored)
Pullup ticket 1510 - requested by riz
security update for asterisk
Revisions pulled up:
- pkgsrc/comms/asterisk/Makefile 1.23, 1.24
- pkgsrc/comms/asterisk/PLIST.common 1.6
- pkgsrc/comms/asterisk/distinfo 1.12, 1.13
- pkgsrc/comms/asterisk/patches/patch-aa 1.8
- pkgsrc/comms/asterisk/patches/patch-ae 1.3
- pkgsrc/comms/asterisk/patches/patch-af 1.4
- pkgsrc/comms/asterisk/patches/patch-ag 1.2
Module Name: pkgsrc
Committed By: adam
Date: Thu Apr 13 08:47:06 UTC 2006
Modified Files:
pkgsrc/comms/asterisk: Makefile PLIST.common distinfo
pkgsrc/comms/asterisk/patches: patch-aa patch-ae patch-af patch-ag
Log Message:
Changes 1.2.7:
* Important bug fixes
* SIP handling
* MixMonitor call recording
---
Module Name: pkgsrc
Committed By: mjl
Date: Thu Apr 13 18:36:58 UTC 2006
Modified Files:
pkgsrc/comms/asterisk: Makefile distinfo
Log Message:
Update to asterisk 1.2.7.1
* apps/app_page.c: oops... let's not set a variable and then
immediately overwrite it while assuming its old value will
magically return
* pbx.c: Bug 6957 - variable names beginning with CALLERID weren't
substituted correctly
Revision 1.25 / (download) - annotate - [select for diffs], Sun Apr 23 00:12:36 2006 UTC (17 years, 5 months ago) by jlam
Branch: MAIN
Changes since 1.24: +2 -2
lines
Diff to previous 1.24 (colored)
Modify packages that set PKG_USERS and PKG_GROUPS to follow the new syntax as specified in pkgsrc/mk/install/bsd.pkginstall.mk:1.47.
Revision 1.24 / (download) - annotate - [select for diffs], Thu Apr 13 18:36:58 2006 UTC (17 years, 5 months ago) by mjl
Branch: MAIN
Changes since 1.23: +2 -2
lines
Diff to previous 1.23 (colored)
Update to asterisk 1.2.7.1
* apps/app_page.c: oops... let's not set a variable and then
immediately overwrite it while assuming its old value will
magically return
* pbx.c: Bug 6957 - variable names beginning with CALLERID weren't
substituted correctly
Revision 1.23 / (download) - annotate - [select for diffs], Thu Apr 13 08:47:06 2006 UTC (17 years, 5 months ago) by adam
Branch: MAIN
Changes since 1.22: +15 -20
lines
Diff to previous 1.22 (colored)
Changes 1.2.7: * Important bug fixes * SIP handling * MixMonitor call recording
Revision 1.22 / (download) - annotate - [select for diffs], Tue Mar 14 20:43:23 2006 UTC (17 years, 6 months ago) by jlam
Branch: MAIN
CVS Tags: pkgsrc-2006Q1-base
Branch point for: pkgsrc-2006Q1
Changes since 1.21: +1 -2
lines
Diff to previous 1.21 (colored)
USE_PKGINSTALL isn't needed here to make these packagse use the pkginstall framework. In the case of libtool-base, avoid using FILES_SUBST_SED where it isn't needed.
Revision 1.21 / (download) - annotate - [select for diffs], Sun Feb 5 23:08:27 2006 UTC (17 years, 7 months ago) by joerg
Branch: MAIN
Changes since 1.20: +2 -1
lines
Diff to previous 1.20 (colored)
Recursive revision bump / recommended bump for gettext ABI change.
Revision 1.20 / (download) - annotate - [select for diffs], Wed Feb 1 01:45:29 2006 UTC (17 years, 7 months ago) by mjl
Branch: MAIN
Changes since 1.19: +3 -3
lines
Diff to previous 1.19 (colored)
Update to asterisk 1.2.4. This is a bugfix release. * channels/chan_zap.c: disable buggy PRI user-user code until it can be fixed * channels/chan_sip.c: Issue 6182 - Don't remove scheduled event until it's really done. * channels/chan_sip.c: Issue 6362 - Register without Contact: and Expires: fails * ast_expr2.h, ast_expr2f.c, ast_expr2.c: Bug 6072 - Revisions to the source bison and flex files don't auto-regenerate these files * channels/chan_zap.c: fix problem with dtmf on e&m (issue #6364) * channels/chan_sip.c: Issue 5898: Registrations does not get deleted if there's an active SIP dialog * channels/chan_sip.c: don't call ast_update_realtime with uninitialized variables if we get a registration with an expirey of 0 seconds (issue #6173) * channels/chan_features.c: fix memory leak (inspired by issue #6351)
Revision 1.19 / (download) - annotate - [select for diffs], Sun Jan 29 01:30:20 2006 UTC (17 years, 7 months ago) by rillig
Branch: MAIN
Changes since 1.18: +13 -11
lines
Diff to previous 1.18 (colored)
Fixed the remaining pkglint -Wall warnings.
Revision 1.18 / (download) - annotate - [select for diffs], Sun Jan 29 01:21:45 2006 UTC (17 years, 7 months ago) by rillig
Branch: MAIN
Changes since 1.17: +36 -33
lines
Diff to previous 1.17 (colored)
- Fixed some pkglint warnings.
- Replaced absolute directories like /usr/pkg and /var with ${PREFIX} and
${VARBASE}.
- USE_TOOLS+=perl:run, since there is one Perl program installed with the
package.
- Bumped PKGREVISION.
Revision 1.17 / (download) - annotate - [select for diffs], Wed Jan 25 17:48:43 2006 UTC (17 years, 7 months ago) by riz
Branch: MAIN
Changes since 1.16: +3 -3
lines
Diff to previous 1.16 (colored)
Update to asterisk 1.2.3 - bugfixes only.
Revision 1.16 / (download) - annotate - [select for diffs], Tue Jan 24 02:09:38 2006 UTC (17 years, 8 months ago) by riz
Branch: MAIN
Changes since 1.15: +3 -2
lines
Diff to previous 1.15 (colored)
Patch the default path for music-on-hold files.
Revision 1.15 / (download) - annotate - [select for diffs], Wed Jan 18 11:39:54 2006 UTC (17 years, 8 months ago) by mjl
Branch: MAIN
Changes since 1.14: +1 -1
lines
Diff to previous 1.14 (colored)
Update to asterisk 1.2.2 Changes are bugfixes only.
Revision 1.14 / (download) - annotate - [select for diffs], Fri Jan 13 20:32:38 2006 UTC (17 years, 8 months ago) by riz
Branch: MAIN
Changes since 1.13: +30 -34
lines
Diff to previous 1.13 (colored)
Update asterisk to version 1.2.1. Many, many bugfixes, and some new features, including support for DUNDi. (http://www.dundi.com/ for more information) The initial framework and porting of this package upgrade was done by Martin J. Laubach, with lots of feature/PLIST fixes by me. DragonFly support added by Joerg Sonnenberger.
Revision 1.13 / (download) - annotate - [select for diffs], Thu Jan 12 19:30:15 2006 UTC (17 years, 8 months ago) by rillig
Branch: MAIN
Changes since 1.12: +4 -1
lines
Diff to previous 1.12 (colored)
The script interpreter of libdata/asterisk/agi-bin/agi-test.agi had been /usr/bin/perl -- added the file to REPLACE_PERL. Because the binary package changed, bump PKGREVISION.
Revision 1.12 / (download) - annotate - [select for diffs], Thu Jan 12 19:11:55 2006 UTC (17 years, 8 months ago) by rillig
Branch: MAIN
Changes since 1.11: +28 -28
lines
Diff to previous 1.11 (colored)
Fixed a whole lot of pkglint warnings regarding the use of backslashes in double quoted strings, variable definition alignments, variable names starting with an underscore and other quoting issues.
Revision 1.11 / (download) - annotate - [select for diffs], Mon Jan 2 16:02:10 2006 UTC (17 years, 8 months ago) by joerg
Branch: MAIN
Changes since 1.10: +5 -1
lines
Diff to previous 1.10 (colored)
DragonFly support. Override config.guess and config.sub.
Revision 1.10 / (download) - annotate - [select for diffs], Thu Dec 29 06:21:33 2005 UTC (17 years, 8 months ago) by jlam
Branch: MAIN
Changes since 1.9: +1 -2
lines
Diff to previous 1.9 (colored)
Remove USE_PKGINSTALL from pkgsrc now that mk/install/pkginstall.mk automatically detects whether we want the pkginstall machinery to be used by the package Makefile.
Revision 1.9 / (download) - annotate - [select for diffs], Mon Dec 5 20:49:54 2005 UTC (17 years, 9 months ago) by rillig
Branch: MAIN
CVS Tags: pkgsrc-2005Q4-base,
pkgsrc-2005Q4
Changes since 1.8: +1 -2
lines
Diff to previous 1.8 (colored)
Fixed pkglint warnings. The warnings are mostly quoting issues, for
example MAKE_ENV+=FOO=${BAR} is changed to MAKE_ENV+=FOO=${BAR:Q}. Some
other changes are outlined in
http://mail-index.netbsd.org/tech-pkg/2005/12/02/0034.html
Revision 1.8 / (download) - annotate - [select for diffs], Mon Oct 10 21:45:08 2005 UTC (17 years, 11 months ago) by rh
Branch: MAIN
Changes since 1.7: +6 -1
lines
Diff to previous 1.7 (colored)
Make this compile with newer versions of Darwin that have poll(2).
Revision 1.7 / (download) - annotate - [select for diffs], Fri Sep 2 17:23:06 2005 UTC (18 years ago) by riz
Branch: MAIN
CVS Tags: pkgsrc-2005Q3-base,
pkgsrc-2005Q3
Changes since 1.6: +3 -2
lines
Diff to previous 1.6 (colored)
Restore the 'old-releases' directory to MASTER_SITES so this package doesn't immediately break when the next version is released.
Revision 1.6 / (download) - annotate - [select for diffs], Fri Sep 2 12:58:34 2005 UTC (18 years ago) by adam
Branch: MAIN
Changes since 1.5: +8 -11
lines
Diff to previous 1.5 (colored)
Changes 1.0.9:
-- fix bug in callerid matching in the dialplan that was introduced in 1.0.8
Changes 1.0.8:
-- chan_zap
-- Asterisk will now also look in the regular context for the fax extension
while executing a macro. Previously, for this to work, the fax extension
would have to be included in the macro definition.
-- On some systems, ALERTING will be sent after PROCEEDING, so code has been
added to account for this case.
-- If no extension is specified on an overlap call, the 's' extension will
be used.
-- chan_sip
-- We no longer send a "to" tag on "100 Trying" messages, as it is
inappropriate to do so.
-- We now respond correctly to an invite for T.38 with a "488 Not acceptable
here"
-- We now discard saved tags on 401/407 responses in case the provider we're
talking to tries to pull a dirty trick on us and change it.
-- rtptimeout options will now be correctly set on a peer basis rather than
only global
-- chan_mgcp
-- Fixed setting of accountcode
-- Fixed where *67 to block callerid only worked for first call
-- chan_agent
-- We now will not pass audio until the agent has acked the call if the
configuration
is set up for the agent to do so.
-- chan_alsa
-- Fixed problems with the unloading of this module
-- res_agi
-- A fix has been added to prevent calls from being hung up when more than
one call is executing an AGI script calling the GET DATA command.
-- AGI scripts will now continue to run even if a file was not found with
the GET DATA command.
-- When calling SAY NUMBER with a number like 09, we will now say "nine"
instead of "zero"
-- app_dial
-- There was a problem where text frames would not be forwarded before the
channel has been answered.
-- app_disa
-- Fixed the timeout used when no password is set
-- app_queue
-- Distinctive ring has been fixed to work for queue members
-- rtp
-- Fixed a logic error when setting the "rtpchecksums" option
-- say.c
-- A problem has been fixed with saying the date in Spanish.
-- Makefile
-- A line was missing for the autosupport script that caused "make rpm" to
fail
-- format_wav_gsm
-- Fixed a problem with wav formatting that prevented files from being
played in some media players
-- pbx_spool
-- Fixed if the last line of text in a file for the call spool did not
contain a new line, it would not be processed
-- logger
-- Fixed the logger so that color escape sequences wouldn't be sent to the
logs
-- format_sln
-- A lot of changes were made to correctly handle signed linear format on
big endian machines
Revision 1.5 / (download) - annotate - [select for diffs], Fri Aug 19 18:12:37 2005 UTC (18 years, 1 month ago) by jlam
Branch: MAIN
Changes since 1.4: +2 -2
lines
Diff to previous 1.4 (colored)
Merge CONF_FILES/SUPPORT_FILES and CONF_FILES_PERMS/SUPPORT_FILES_PERMS
as the INSTALL and DEINSTALL scripts no longer distinguish between
the two types of files. Drop SUPPORT_FILES{,_PERMS} and modify the
packages in pkgsrc accordingly.
Revision 1.4 / (download) - annotate - [select for diffs], Sun May 22 20:07:43 2005 UTC (18 years, 4 months ago) by jlam
Branch: MAIN
CVS Tags: pkgsrc-2005Q2-base,
pkgsrc-2005Q2
Changes since 1.3: +2 -2
lines
Diff to previous 1.3 (colored)
Remove USE_GNU_TOOLS and replace with the correct USE_TOOLS definitions: USE_GNU_TOOLS -> USE_TOOLS awk -> gawk m4 -> gm4 make -> gmake sed -> gsed yacc -> bison
Revision 1.3 / (download) - annotate - [select for diffs], Sun Apr 17 03:48:59 2005 UTC (18 years, 5 months ago) by minskim
Branch: MAIN
Changes since 1.2: +2 -1
lines
Diff to previous 1.2 (colored)
This package needs openssl to build; include its buildlink3 file.
Revision 1.2 / (download) - annotate - [select for diffs], Wed Apr 13 19:22:17 2005 UTC (18 years, 5 months ago) by riz
Branch: MAIN
Changes since 1.1: +3 -1
lines
Diff to previous 1.1 (colored)
Asterisk doesn't work with non-native threads. Approved by jmcneill.
Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Fri Apr 8 03:10:52 2005 UTC (18 years, 5 months ago) by riz
Branch: TNF
CVS Tags: pkgsrc-base
Changes since 1.1: +0 -0
lines
Diff to previous 1.1 (colored)
Initial import of asterisk-1.0.7, from pkgsrc-wip. Approved by jmcneill. There are still some features not enabled by default, but this is a solid foundation upon which to build - a fully-functional PBX can be built, including PSTN gatewaying using the comms/zaptel-netbsd package. From the DESCR: Asterisk is a complete PBX in software. It provides all of the features you would expect from a PBX and more. Asterisk does voice over IP in three protocols, and can interoperate with almost all standards-based telephony equipment using relatively inexpensive hardware. Asterisk provides Voicemail services with Directory, Call Conferencing, Interactive Voice Response, Call Queuing. It has support for three-way calling, caller ID services, ADSI, SIP and H.323 (as both client and gateway).
Revision 1.1 / (download) - annotate - [select for diffs], Fri Apr 8 03:10:52 2005 UTC (18 years, 5 months ago) by riz
Branch: MAIN
Initial revision