lp:ubuntu/hardy-updates/asterisk
- Get this branch:
- bzr branch lp:ubuntu/hardy-updates/asterisk
Branch merges
Branch information
Recent revisions
- 39. By Brian Thomason
-
* SECURITY UPDATE: ACK response spoofing
- added debian/patches/ CVE-2008- 1897: Adjust chan_iax2.c to use a special
id to prevent ACK response spoofing. Based on upstream patch.
- CVE-2008-1897
- AST-2008-006
* SECURITY UPDATE: POKE request flooding
- added debian/patches/ CVE-2008- 3263: Adjust chan_iax2.c to prevent
'POKE' request flooding. Based on upstream patch.
- CVE-2008-3263
- AST-2008-010
* SECURITY UPDATE: firmware packet flooding
- added debian/patches/ CVE-2008- 3264: Adjust chan_iax2.c to prevent
firmware packet flooding. Based on upstream patch.
- CVE-2008-3264
- AST-2008-011
* SECURITY UPDATE: information leak in IAX2 authentication
- added debian/patches/ CVE-2009- 0041: Adjust chan_iax2.c to fix
information leak in IAX2 authentication. Based on upstream patch.
- CVE-2009-0041
- AST-2009-001
* SECURITY UPDATE: SIP responses expose valid usernames
- added debian/patches/ CVE-2008- 3903: Adjust chan_sip.c to make
it more difficult to scan for available usernames.
- CVE-2008-3903
- AST-2009-003
* SECURITY UPDATE: An attacker could hijack a manager session
- added debian/patches/ CVE-2008- 1390: Adjust manager.c to
never assign an invalid id of 0
- CVE-2008-1390
- AST-2008-005 - 38. By William Grant
-
* SECURITY UPDATE: arbitrary code execution and authentication bypass.
(LP: #210124)
- debian/patches/ CVE-2008- 1289: Check that incoming RTP payloads are
within buffer limits. Patch from Debian.
- debian/patches/ CVE-2008- 1332: Ensure that allowguest has been enabled
before deciding that authentication isn't required. Patch from Debian.
- debian/patches/ CVE-2008- 1333: Interpret logging output as a character
string, not a format string. Patch from Debian.
- References:
+ CVE-2008-1289
+ CVE-2008-1332
+ CVE-2008-1333
+ AST-2008-002
+ AST-2008-003
+ AST-2008-004
* Modify Maintainer value to match the DebianMaintainerField
specification. - 35. By Faidon Liambotis
-
* New upstream release (Closes: #452054)
- Fix a potential corrupt of voicemail.conf on simultaneous PIN updates
(Closes: #353227)[ Tzafrir Cohen ]
* Add some sample/reference config files as documentation.
* Provide asterisk-bristuff for upgrading from Etch.
* Move libc-client to not be last, so debian/backports/ xorcom. etch would
still work.[ Faidon Liambotis ]
* Really enable the libcap/ToS functionality; the previous patch didn't
enable the functionality, even though the code and the libcap.so
dependency were there. (Closes: #454342)
* Fix a minor issue with init script's stop target when running with
safe_asterisk.
* Add chan_vpb, adding support for VoiceTronix OpenSwitch and OpenLine
cards. (Closes: #396499)
* Fix debian/watch by using a pkg-voip wrapper to avoid upstream's silly
redirections. (Closes: #449706)
* Use DEBVERSION as asterisk's version string.
* Disable the MD5 build sum that breaks all out-of-tree plugins (duh!).
* Create /usr/local/share/asterisk/ sounds to put all site-specific
non-modifiable sounds.
* Add a note about bugs.debian.org to the banner.
* Add noload for res_config_* since loading them results in errors and
doesn't provide any functionality.
* News entries were added but we never shipped the file; ship NEWS.Debian.
* Add an entry to NEWS.Debian warning users about app_voicemail_*.so
(Closes: #452596)
* Provide options in /etc/default/asterisk for configuring safe_asterisk.
(Closes: #381786)[ Tzafrir Cohen ]
* Provide a custom sounds directory under /var/lib - user-modifieble at
runtime and hence not under /usr. (Closes: #337209) - 34. By Faidon Liambotis
-
* New upstream release.
- Implemented Dynamic DUNDi peering support (Closes: #439331)
- Removed merged patches: bashism-safeasterisk, ast_key_dir,
h323-add-missing- ptrace- guard, CVE-2007-4521.
- Adapted patches: make-clean-fixes, h323-no-deps-on- asterisk.
- Adapted bristuff 0.4.0-test4 to apply to 1.4.12 (bristuff.notice,
xagi, app-dial-c-callback, app-dial- priority- 202)
* When DFSG-ing the tarball, create a fake codecs/ilbc/Makefile so that
make doesn't fail on clean.
* Pass NOISY_BUILD to make so that the GCC arguments can be examined in
build logs.
* Remove versioned dependency on dpkg-dev since that particular version is
present since etch (sarge is not supported as a backport target anymore).
* Backport a patch from trunk so that Asterisk can set the IP ToS bits when
it is run as a simple user (as we do).
* Re-enable IMAP support and enable ODBC support; this time they are
provided as app_voicemail_imap.so and _odbc.so so that they don't break
existing setups.
* Build with -O1 on hppa to workaround gcc-4.2 ICE (#445336).
* Zaptel package added support for Voicetronix OpenPCI cards, mention it on
asterisk's description. - 33. By Faidon Liambotis
-
[ Tzafrir Cohen ]
* Remove libgtk2.0-dev from Build-Depends since the GTK+ console was not
getting built anyway.[ Kilian Krause ]
* Add dpkg-dev (>= 1.13.19) to Build-Depends for binary:Version and
source:Version.[ Faidon Liambotis ]
* New upstream release. (Closes: #439062)
- AST-2007-020 Resource Exhaustion vulnerability in SIP channel driver
* Switch to quilt as a patch management system instead of dpatch.
* Add bristuff 0.4.0-test4
- Split into smaller, individual patches (bristuff/).
- Mention HFC-S/HFC-4S support in the Description.
- Use libpri-bristuffed. so.1 and its respective header
(use-libpri- bristuffed) .
- Ship xagi-test.c as an example.
- Add a news item to NEWS.Debian stating bristuff's inclusion.
* Major overhaul of the postinst scripts, completely replacing asterisk_fix.
- Create Asterisk's directories on asterisk.dirs to track them using dpkg.
- Add asterisk.postinst which calls adduser, chown, chmod. Improve error
handling.
- Don't do unnecessary stuff on asterisk-config postinst.
(Closes: #431506)
- chmod /etc/asterisk on build-time to allow the user to modify the
permissions; this required a lintian override.
- Honor dpkg-statoverride on all the chowned/chmoded directories and
configuration files under /etc/asterisk.
- Handle asterisk-config -> asterisk installation order properly
(Closes: #408708)
- Don't add asterisk user to audio and dialout groups if existed before.
This allows the administrator to remove the membership.
- Don't depend on adduser from asterisk-config.
* Remove Suggests to gnomemeeting (it's a dummy package nowdays),
asterisk-rate-engine and add one for twinkle.
* Remove Conflicts for an old version of asterisk-oh323 which was only
present until sarge.
* Remove versioned dependencies on ancient (pre-sarge) versions of sed and
adduser.
* Patch channels/h323/ast_ h323.cxx to add some missing PTRACING #ifdef
(h323-add-missing- ptrace- guard).
* h323-workaround-openh323- segfault patch: workaround a libopenh323 bug
(#438815) which causes Asterisk to segfault on startup. (Closes: #435146)
* Remove -XCVS from dh_installexamples arguments. Upstream doesn't use CVS
anymore.
* Add a README.Debian for asterisk-h323 that explains the differences
between the different H.323 channel drivers, taken from the asterisk-oh323
package.
* Clarify asterisk-h323's description and mention the other channel drivers.
* Suggest asterisk-h323 from asterisk. - 32. By Mark Purcell
-
* New upstream release
- Fwd: [asterisk-announce] ASA-2007-019: Remote crash vulnerability in
Skinny channel driver (Closes: #436808)[ Mark Purcell ]
* debhelper(1) states Build-Depends: debhelper (>= 5)
- aids backports
* Update debian/backports for etch, edgy, dapper and feisty
- http://status. buildserver. net/packages/ status. php?package= asterisk& subdist= pkg-voip [ Faidon Liambotis ]
* Refer to /usr/share/common- licenses/ GPL-2 instead of GPL. The code is
-for now- GPLv2-only and in light of GPLv3, pointing to GPL is misleading.
* Add ast_key_dir patch to move keys from /var/lib/asterisk/ keys to
/usr/share/asterisk/ keys where they should be.
* Actually ship keys, including Junction Networks' by fixing pubkey_jnctn
patch.
* Handle space/newline-delimited directories on /etc/asterisk when doing
chmod on postinst.
* Correct descriptions of packages in debian/control, adapting them to the
present and correcting some spelling mistakes. (Closes: #428671)
* Add a noload directive for cdr_sqlite.so in the default modules.conf since
it writes unconditionally to the database file without being rotated,
resulting in unexpected waste of disk space. (Closes: #301883)
* Delete duplicated creation of /var/run/asterisk in the init script. - 31. By Mark Purcell
-
[ Tzafrir Cohen ]
* New upstream release.
- ASA-2007-018 - DoS Resource Exhaustion vulnerability in IAX2[ Faidon Liambotis ]
* Add myself to Uploaders.
* Fix "debian/rules clean" to cleanup correctly the tree by calling "make
distclean" instead of "make clean". Also, fix some stuff in the upstream
Makefiles (debian/patches/ make-clean- fixes). Fixes a lintian warning.
* Add XS-Vcs-Svn and XS-Vcs-Browser to debian/control.
* Move examples from all packages (debian/examples) to asterisk-config only.
* Add eagi-test.c, eagi-sphinx-test.c, fastagi-test and static-http to
examples.
* Remove Conflicts/Replaces/ Depends to pre-sarge versions, they're useless
even for backports.[ Mark Purcell ]
* Include asterisk.init changes from Martin
- Asterisk does not create /var/run/asterisk directory if not existent
(Closes: #413541)
* Backout asterisk-h323 Suggests:/ Recommends: asterisk-oh323. The former
works, the latter does not with asterisk-1.4.x
* Upstream fixes from 1.4.x branch:
- Multiple security flaws in Asterisk (Closes: #421467)
- Debug switch wrong in /etc/default/asterisk (Closes: #413544)
- Upgrading destroys astdb (Closes: #354132)
- Upgrading destroys astdb (Closes: #354132)
- asterisk bindaddr in sip and iax config is to fixed ip not
Interfaces (Closes: #316443)
- Incorrect callerid syntax in sip.conf causes incorrect error
(Closes: #323275)
- dropouts (Closes: #335079)
- Does not include cdr_sqlite userfield support by default (Closes:
#344097)
- Asterisk crashes on sparc when playing 'demo-moreinfo& #39;
(Closes: #344484)
- fresh install - crash after dialing IAX test (Closes: #350001)
- asterisk_fix script fails to set variables for adduser, user
creation fails (Closes: #383075)
- Debug switch wrong in /etc/default/asterisk (Closes: #413544)
- When using L option on Dial, instead of warning asterisk disconnects
the call (Closes: #419894)
- Patch for fastagi handling (Closes: #368948)
- bristuff patch breaks cause codes in Hangup() (Closes: #320350)
* add debian/patches/ basim-safeaster isk.dpatch
- contrib/scripts/ safe_asterisk should explicitly link to a cli
(Closes: #413543)
* Adding a restart when convenient in Asterisk (Closes: #413816)
* asterisk-h323: libpt.so.1.10.2 => not found (Closes: #434076) - 30. By Lionel Porcheron
-
* Merge from Debian unstable. Remaining Ubuntu changes:
- Modify Maintainer value to match Debian-Maintainer- Field Spec
- debian/patches/ ubuntu_ safe_asterisk. dpatch: use /bin/bash instead of
/bin/sh as specific bash functions are used in safe_asterisk script.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/karmic/asterisk