Ubuntu
asterisk package

lp:ubuntu/natty/asterisk

  1. Natty (11.04)
  2. natty
Created by James Westby and last modified
Get this branch:
bzr branch lp:ubuntu/natty/asterisk
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Status:
Mature

Recent revisions

59. By Dave Walker

* SECURITY UPDATE: Stack buffer overflow in SIP channel driver. (LP: #705014)
  - debian/patches/AST-2011-001-1.6.2: The size of the output buffer passed
    to the ast_uri_encode function is now properly respected in main/utils.c.
    Patch courtesy of upstream.
  - CVE-2011-0495

58. By Lorenzo De Liso

* Merge from debian unstable, remaining changes:
  - debian/control:
    + Build-depend on hardening-wrapper
    + Change Maintainer
    + Removed Uploaders field.
    + Removed Debian Vcs-Svn entry and replaced with ubuntu-voip Vcs-Bzr,
      to reflect divergence in packages.
  - debian/rules: Make use of hardening-wrapper
  - debian/asterisk.init: chown /dev/dahdi
  - debian/backports/hardy: add file
  - debian/backports/asterisk.init.hardy: add file

57. By Lorenzo De Liso

* Merge from debian unstable (LP: #597792), remaining changes:
  - debian/control:
    + Build-depend on hardening-wrapper
    + Change Maintainer
    + Removed Uploaders field.
    + Removed Debian Vcs-Svn entry and replaced with ubuntu-voip Vcs-Bzr,
      to reflect divergence in packages.
  - debian/rules: Make use of hardening-wrapper
  - debian/asterisk.init: chown /dev/dahdi
  - debian/backports/hardy: add file
  - debian/backports/asterisk.init.hardy: add file

56. By Jean-Michel Dault

* New upstream bugfix release (1.6.2.5)
 * Security Fixes:
  - AST-2010-003: Invalid parsing of ACL rules can compromise security
  - AST-2010-002: Dialplan injection vulnerability

* Remaining Ubuntu-specific changes:
  - debian/control: Build-depend on hardening-wrapper
  - debian/rules: Make use of hardening-wrapper
  - debian/control: Change Maintainer
  - debian/control: Removed Uploaders field.
  - debian/control: Removed Debian Vcs-Svn entry and replaced with
      ubuntu-voip Vcs-Bzr, to reflect divergence in packages.
  - debian/asterisk.init : chown /dev/dahdi
  - debian/backports/hardy : add file
  - debian/backports/asterisk.init.hardy : add file

55. By Steve Beattie

debian/{control,rules}: re-enable hardened options to gain PIE build
(Debian bug 542741, LP: #527538)

54. By Jean-Michel Dault

* Merge from Debian: security update
  * Changes:
  - debian/control: Change Maintainer
  - debian/control: Removed Uploaders field.
  - debian/control: Removed Debian Vcs-Svn entry and replaced with
      ubuntu-voip Vcs-Bzr, to reflect divergence in packages.
  - debian/asterisk.init : chown /dev/dahdi
  - debian/backports/hardy : add file
  - debian/backports/asterisk.init.hardy : add file

53. By Devid Antonio Filoni

debian/control: remove libreadline5-dev from Depends field.

52. By Roberto D'Auria

[ Dave Walker (Daviey) ]
* SECURITY UPDATE: ACL not respected on SIP INVITE (LP: #491632).
  - debian/patches/AST-2009-007: Additional check in channels/chan_sip.c to
    check ACL for handling SIP INVITEs. This blocks calls on networks
    intended to be prohibited, by configuration. Based on upstream patch.
  - AST-2009-007
  - CVE-2009-3723
* SECURITY UPDATE: SIP responses expose valid usernames (LP: #491637).
  - debian/patches/AST-2009-008: Sanitise certain return of REGISTER message
    to stop a specially crafted series of requests returning valid usernames.
    Based on upstream patch.
  - AST-2009-008
  - CVE-2009-3727
* SECURITY UPDATE: RTP Remote Crash Vulnerability (LP: #493555).
  - debian/patches/AST-2009-010: Stops Asterisk from crashing when an RTP
    comfort noise payload containing 24 bytes or greater is recieved.
  - AST-2009-010
  - CVE-2009-4055

[ Roberto D'Auria ]
* debian/patches/iax2-heavy-traffic-fix: Stops asterisk crashing on
  heavy traffic on iax2 channel, editing channels/chan_iax2.c.
  Based on upstream patch. (LP: #501116)

51. By Dave Walker

* New upstream version, upstream is now DFSG compliant.
  - ilibc has been removed upstream.
  - Music on Hold is now cc-by-sa.
  - binary firmware iaxy.bin has been removed upstream.
* debian/rules: Santitised UPSTREAM variable for compatiability
  with Ubuntu and other variants.
* debian/control: Removed Debian Vcs-Svn entry and replaced
  with ubuntu-voip Vcs-Bzr, to reflect divergence in packages.
* patches/makefile_appdocs_dtd: Removed, merged upstream.
* patches/disable_moh: Previosly disabled, removed from pool.
* patches/ubuntu-banner: Ported debian-banner to display Ubuntu
  centric bug report information.
* Refresh quilt patches

50. By Kees Cook

debian/{control,rules}: enable hardened options to gain PIE build
(Debian bug 542741).

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/oneiric/asterisk
This branch contains Public information 
Everyone can see this information.

Subscribers