The NetBSD Project

CVS log for pkgsrc/comms/asterisk16/files/asterisk.sh

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / comms / asterisk16 / files

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.7 / (download) - annotate - [select for diffs], Tue Aug 20 13:47:42 2019 UTC (2 years, 9 months ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2022Q1-base, pkgsrc-2022Q1, pkgsrc-2021Q4-base, pkgsrc-2021Q4, pkgsrc-2021Q3-base, pkgsrc-2021Q3, pkgsrc-2021Q2-base, pkgsrc-2021Q2, pkgsrc-2021Q1-base, pkgsrc-2021Q1, pkgsrc-2020Q4-base, pkgsrc-2020Q4, pkgsrc-2020Q3-base, pkgsrc-2020Q3, pkgsrc-2020Q2-base, pkgsrc-2020Q2, pkgsrc-2020Q1-base, pkgsrc-2020Q1, pkgsrc-2019Q4-base, pkgsrc-2019Q4, pkgsrc-2019Q3-base, pkgsrc-2019Q3, HEAD
Changes since 1.6: +1 -1 lines
Diff to previous 1.6 (colored)

comms/asterisk16: import asterisk-16.5.0

Asterisk is a complete PBX in software.  It provides all of the
features you would expect from a PBX and more. Asterisk does voice
over IP in three protocols, and can interoperate with almost all
standards-based telephony equipment using relatively inexpensive
hardware.

Asterisk provides Voicemail services with Directory, Call Conferencing,
Interactive Voice Response, Call Queuing. It has support for
three-way calling, caller ID services, ADSI, SIP and H.323 (as both
client and gateway).

Revision 1.6, Fri Sep 14 02:41:06 2012 UTC (9 years, 8 months ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2013Q2-base, pkgsrc-2013Q2, pkgsrc-2012Q4-base, pkgsrc-2012Q4
Changes since 1.5: +1 -1 lines
FILE REMOVED

Remove Asterisk 1.6.  This version series went end-of-line on April
21st, 2012.  It most likely has multiple security issues.  By this
point, all users of this package should have migrated to comms/asterisk18
or comms/asterisk10 as this version has been marked as being
deprecated for some time now.

Note that this directory is likely to re-appear in late 2017 when
Asterisk 16 comes out, assuming the current schedule is followed.
However that will be a vastly different version as Asterisk 11 is
only in the RC stage now (i.e. it will be five major versions after
the one that is expected to be released later this year).

Revision 1.5 / (download) - annotate - [select for diffs], Mon Nov 29 04:20:33 2010 UTC (11 years, 5 months ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2012Q2-base, pkgsrc-2012Q2, pkgsrc-2012Q1-base, pkgsrc-2012Q1, pkgsrc-2011Q4-base, pkgsrc-2011Q4, pkgsrc-2011Q3-base, pkgsrc-2011Q3, pkgsrc-2011Q2-base, pkgsrc-2011Q2, pkgsrc-2011Q1-base, pkgsrc-2011Q1, pkgsrc-2010Q4-base, pkgsrc-2010Q4
Changes since 1.4: +3 -3 lines
Diff to previous 1.4 (colored)

The stop and reload commands require the core prefix now.

Revision 1.4 / (download) - annotate - [select for diffs], Wed Nov 10 09:29:13 2010 UTC (11 years, 6 months ago) by jnemeth
Branch: MAIN
Changes since 1.3: +2 -2 lines
Diff to previous 1.3 (colored)

Add -n to startup options, so starting Asterisk doesn't mess with screen
colours.

Revision 1.3 / (download) - annotate - [select for diffs], Tue Oct 19 19:21:21 2010 UTC (11 years, 7 months ago) by jnemeth
Branch: MAIN
Changes since 1.2: +3 -3 lines
Diff to previous 1.2 (colored)

Adjust rc.d script to disable colour when issuing commands to Asterisk.

Revision 1.2 / (download) - annotate - [select for diffs], Mon Mar 1 07:06:48 2010 UTC (12 years, 2 months ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2010Q3-base, pkgsrc-2010Q3, pkgsrc-2010Q2-base, pkgsrc-2010Q2, pkgsrc-2010Q1-base, pkgsrc-2010Q1
Changes since 1.1: +3 -3 lines
Diff to previous 1.1 (colored)

     Update to Asterisk 1.6.1.17.  This fixes AST-2010-001 and
AST-2010-003.  AST-2010-002 was just a warning about dialplan
scripting errors that could lead to security issues.

Asterisk 1.6.1.13: general bug fixes
Asterisk 1.6.1.14: fix AST-2010-001
Asterisk 1.6.1.15: not released, skipped for security releases
Asterisk 1.6.1.16: fix AST-2010-002
Asterisk 1.6.1.17: fix AST-2010-003

Note that the only change in Asterisk 1.6.1.16 was the addtion of
a README file.  However, the package doesn't install random docs.
That is planned for a future update seperate from the upstream
updates.

-----

Asterisk 1.6.1.13:

The release of Asterisk 1.6.1.13 resolved several issues reported
by the community, and would have not been possible without your
participation. Thank you!

* Restarts busydetector (if enabled) when DTMF is received after
   call is bridged
   (Closes issue #16389. Reported, Tested, Patched by alecdavis.)

* Send parking lot announcement to the channel which parked the
   call, not the park-ee.
   (Closes issue #16234. Reported, Tested by yeshuawatso.  Patched
    by tilghman.)

* When the field is blank, don't warn about the field being unable
   to be coerced just skip the column.
   (Closes
    http://lists.digium.com/pipermail/asterisk-dev/2009-December/041362.html)
    Reported by Nic Colledge on the -dev list.)

* Don't queue frames to channels that have no means to process
   them.
   (Closes issue #15609. Reported, Tested by aragon. Patched by
    tilghman.)

* Fixes holdtime playback issue in app_queue.
   (Closes issue #16168. Reported, Patched by nickilo. Tested by
   wonderg, nickilo.)

A summary of changes in this release can be found in the release
summary:
http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-1.6.1.13-summary.t
xt

For a full list of changes in this releases, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.1.13

-----

Asterisk 1.6.1.14:

The releases of Asterisk 1.6.0.22, 1.6.1.14, and 1.6.2.2 include
the fix described in security advisory AST-2010-001.

The issue is that an attacker attempting to negotiate T.38 over
SIP can remotely crash Asterisk by modifying the FaxMaxDatagram
field of the SDP to contain either a negative or exceptionally
large value.  The same crash will occur when the FaxMaxDatagram
field is omitted from the SDP, as well.

For more information about the details of this vulnerability, please
read the security advisory AST-2009-009, which was released at the
same time as this announcement.

For a full list of changes in the current releases, please see the
ChangeLog:

http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.1.14

Security advisory AST-2010-001 is available at:

http://downloads.asterisk.org/pub/security/AST-2010-001.pdf

-----

Asterisk 1.6.1.16:

The releases of Asterisk 1.2.40, 1.4.29.1, 1.6.0.24, 1.6.1.16, and
1.6.2.4 include documention describing a possible dialplan string
injection with common usage of the ${EXTEN} (and other expansion
variables). The issue and resolution are described in the AST-2010-002
security advisory.

If you have a channel technology which can accept characters other
than numbers and letters (such as SIP) it may be possible to craft
an INVITE which sends data such as 300&Zap/g1/4165551212 which
would create an additional outgoing channel leg that was not
originally intended by the dialplan programmer.

Please note that this is not limited to an specific protocol or
the Dial() application.

The expansion of variables into programmatically-interpreted strings
is a common behavior in many script or script-like languages,
Asterisk included. The ability for a variable to directly replace
components of a command is a feature, not a bug - that is the entire
point of string expansion.

However, it is often the case due to expediency or design
misunderstanding that a developer will not examine and filter string
data from external sources before passing it into potentially
harmful areas of their dialplan.

With the flexibility of the design of Asterisk come these risks if
the dialplan designer is not suitably cautious as to how foreign
data is allowed to enter the system unchecked.

This security release is intended to raise awareness of how it is
possible to insert malicious strings into dialplans, and to advise
developers to read the best practices documents so that they may
easily avoid these dangers.

For more information about the details of this vulnerability, please
read the security advisory AST-2010-002, which was released at the
same time as this announcement.

For a full list of changes in the current releases, please see the
ChangeLog:

http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.1.16

Security advisory AST-2010-002 is available at:

http://downloads.asterisk.org/pub/security/AST-2010-002.pdf

The README-SERIOUSLY.bestpractices.txt document is available in
the top-level directory of your Asterisk sources, or available in
all Asterisk branches from 1.2 and up.

http://svn.asterisk.org/svn/asterisk/trunk/README-SERIOUSLY.bestpractices.txt

-----

Asterisk 1.6.1.17:

The releases of Asterisk 1.6.0.25, 1.6.1.17, and 1.6.2.5 resolve
an issue with invalid parsing of ACL (Access Control List) rules
leading to a possible compromise in security. The issue and resolution
are described in the AST-2010-003 security advisory.

For more information about the details of this vulnerability, please
read the security advisory AST-2010-003, which was released at the
same time as this announcement.

For a full list of changes in the current releases, please see the
ChangeLog:

http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.1.17

Security advisory AST-2010-003 is available at:

http://downloads.asterisk.org/pub/security/AST-2010-003.pdf

-----

Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Fri Jun 12 09:04:56 2009 UTC (12 years, 11 months ago) by jnemeth
Branch: TNF
CVS Tags: pkgsrc-base, pkgsrc-2009Q4-base, pkgsrc-2009Q4, pkgsrc-2009Q3-base, pkgsrc-2009Q3, pkgsrc-2009Q2-base, pkgsrc-2009Q2
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)

Add Asterisk 1.6.0.10.  At the moment, this version doesn't have any
hardware support, so it can't replace comms/asterisk.  However,
apparently there is demand for this version, so wiz@ suggested it
be imported here into comms/asterisk16.  The latest version is
1.6.1.1, but I won't have time to update all the patches before the
freeze.  I'll update to that version sometime after the freeze when
I get a chance.

Revision 1.1 / (download) - annotate - [select for diffs], Fri Jun 12 09:04:56 2009 UTC (12 years, 11 months ago) by jnemeth
Branch: MAIN

Initial revision

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>