lp:~davewalker/ubuntu/maverick/asterisk/lp_705014
- Get this branch:
- bzr branch lp:~davewalker/ubuntu/maverick/asterisk/lp_705014
Branch merges
- Jamie Strandboge: Approve
-
Diff: 1986 lines (+1908/-15)8 files modified.pc/.quilt_patches (+1/-0)
.pc/.quilt_series (+1/-0)
.pc/AST-2011-001-1.6.2/main/utils.c (+1828/-0)
.pc/applied-patches (+1/-0)
debian/changelog (+10/-0)
debian/patches/AST-2011-001-1.6.2 (+52/-0)
debian/patches/series (+1/-0)
main/utils.c (+14/-15)
Related bugs
Related blueprints
Branch information
- Owner:
- Dave Walker
- Status:
- Development
Recent revisions
- 58. By Dave Walker
-
* SECURITY UPDATE: Stack buffer overflow in SIP channel driver. (LP: #705014)
- debian/patches/ AST-2011- 001-1.6. 2: The size of the output buffer passed
to the ast_uri_encode function is now properly respected in main/utils.c.
Patch courtesy of upstream.
- CVE-2011-0495 - 57. By Lorenzo De Liso
-
* Merge from debian unstable (LP: #597792), remaining changes:
- debian/control:
+ Build-depend on hardening-wrapper
+ Change Maintainer
+ Removed Uploaders field.
+ Removed Debian Vcs-Svn entry and replaced with ubuntu-voip Vcs-Bzr,
to reflect divergence in packages.
- debian/rules: Make use of hardening-wrapper
- debian/asterisk. init: chown /dev/dahdi
- debian/backports/ hardy: add file
- debian/backports/ asterisk. init.hardy: add file - 56. By Jean-Michel Dault
-
* New upstream bugfix release (1.6.2.5)
* Security Fixes:
- AST-2010-003: Invalid parsing of ACL rules can compromise security
- AST-2010-002: Dialplan injection vulnerability* Remaining Ubuntu-specific changes:
- debian/control: Build-depend on hardening-wrapper
- debian/rules: Make use of hardening-wrapper
- debian/control: Change Maintainer
- debian/control: Removed Uploaders field.
- debian/control: Removed Debian Vcs-Svn entry and replaced with
ubuntu-voip Vcs-Bzr, to reflect divergence in packages.
- debian/asterisk. init : chown /dev/dahdi
- debian/backports/ hardy : add file
- debian/backports/ asterisk. init.hardy : add file - 55. By Steve Beattie
-
debian/
{control, rules}: re-enable hardened options to gain PIE build
(Debian bug 542741, LP: #527538) - 54. By Jean-Michel Dault
-
* Merge from Debian: security update
* Changes:
- debian/control: Change Maintainer
- debian/control: Removed Uploaders field.
- debian/control: Removed Debian Vcs-Svn entry and replaced with
ubuntu-voip Vcs-Bzr, to reflect divergence in packages.
- debian/asterisk. init : chown /dev/dahdi
- debian/backports/ hardy : add file
- debian/backports/ asterisk. init.hardy : add file - 52. By Roberto D'Auria
-
[ Dave Walker (Daviey) ]
* SECURITY UPDATE: ACL not respected on SIP INVITE (LP: #491632).
- debian/patches/ AST-2009- 007: Additional check in channels/chan_sip.c to
check ACL for handling SIP INVITEs. This blocks calls on networks
intended to be prohibited, by configuration. Based on upstream patch.
- AST-2009-007
- CVE-2009-3723
* SECURITY UPDATE: SIP responses expose valid usernames (LP: #491637).
- debian/patches/ AST-2009- 008: Sanitise certain return of REGISTER message
to stop a specially crafted series of requests returning valid usernames.
Based on upstream patch.
- AST-2009-008
- CVE-2009-3727
* SECURITY UPDATE: RTP Remote Crash Vulnerability (LP: #493555).
- debian/patches/ AST-2009- 010: Stops Asterisk from crashing when an RTP
comfort noise payload containing 24 bytes or greater is recieved.
- AST-2009-010
- CVE-2009-4055[ Roberto D'Auria ]
* debian/patches/ iax2-heavy- traffic- fix: Stops asterisk crashing on
heavy traffic on iax2 channel, editing channels/chan_iax2. c.
Based on upstream patch. (LP: #501116) - 51. By Dave Walker
-
* New upstream version, upstream is now DFSG compliant.
- ilibc has been removed upstream.
- Music on Hold is now cc-by-sa.
- binary firmware iaxy.bin has been removed upstream.
* debian/rules: Santitised UPSTREAM variable for compatiability
with Ubuntu and other variants.
* debian/control: Removed Debian Vcs-Svn entry and replaced
with ubuntu-voip Vcs-Bzr, to reflect divergence in packages.
* patches/makefile_ appdocs_ dtd: Removed, merged upstream.
* patches/disable_ moh: Previosly disabled, removed from pool.
* patches/ubuntu- banner: Ported debian-banner to display Ubuntu
centric bug report information.
* Refresh quilt patches - 50. By Kees Cook
-
debian/
{control, rules}: enable hardened options to gain PIE build
(Debian bug 542741). - 49. By Jean-Michel Dault
-
* Merge from Debian.
- Lsb patches dropped: fixed upstream
- Patch for LP #350732 dropped: fixed upstream
* Added:
- Add support for web interface
- Don't enable voicetronix cards by default
- Chown /dev/dahdi in init script
- Add files for potential backports
- Change maintainer
- Standards version 3.8.3* Debian changes
[ Faidon Liambotis ]
* Fix FTBFS on armel. (Closes: #532971)[ Tzafrir Cohen ]
* New upstream beta.
* Patch hardware_dtmf_mute_ fix removed: Applied upstream.
* No need for a separate app_directory_odbc (will use app_voicemail_odbc).
* Fix name of voicemail 'openssl' dep. (Thomas Renard) (Closes: #539150)
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/natty/asterisk