ubuntu/+source/asterisk:ubuntu/dapper-security

Last commit made on 2007-03-25
Get this branch:
git clone -b ubuntu/dapper-security https://git.launchpad.net/ubuntu/+source/asterisk
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/dapper-security
Repository:
lp:ubuntu/+source/asterisk

Recent commits

25615cd... by Kees Cook on 2007-03-24

Import patches-unapplied version 1:1.2.7.1.dfsg-2ubuntu3.4 to ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: eade0f057fe63c2787fbf84620075e56dba54d0c

New changelog entries:
  * SECURITY UPDATE: Fix SIP DoS vulnerability
  * References:
    https://launchpad.net/ubuntu/+source/asterisk/+bug/94792
    http://svn.digium.com/view/asterisk/branches/1.2/channels/chan_sip.c?r1=58115&r2=58579
    http://www.asterisk.org/node/48339
    CVE-2007-1561

eade0f0... by Kees Cook on 2007-03-05

Import patches-unapplied version 1:1.2.7.1.dfsg-2ubuntu3.3 to ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: 4e3a633094d3c98ab8592f86f79c619478fd064f

New changelog entries:
  * SECURITY UPDATE: DoS in unauthenticated SIP handling.
  * debian/patches/patch.1.2.16-security.dpatch: upstream fix.
  * References
    http://asterisk.org/node/48319
    http://svn.digium.com/view/asterisk/branches/1.2/channels/chan_sip.c?r1=56230&r2=57475

4e3a633... by pirast on 2006-12-02

Import patches-unapplied version 1:1.2.7.1.dfsg-2ubuntu3.2 to ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: 7d604c6392a227537dc60c01c0246de005e9e7eb

New changelog entries:
  * SECURITY UPDATE: remote arbitrary code execution.
  * Add debian/patches/patch.CVE-2006-5444.dpatch: fix signedness problem.
  * References:
    CVE 2006-5444
    https://bugs.launchpad.net/distros/ubuntu/+source/asterisk/+bug/66912

7d604c6... by Martin Pitt on 2006-08-04

Import patches-unapplied version 1:1.2.7.1.dfsg-2ubuntu3.1 to ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: 03ae648e4dd780a167aae7953ef4e0e8810563f1

New changelog entries:
  * SECURITY UPDATE: Remote DoS.
  * Add debian/patches/99_CVE-2006-2898.dpatch:
    - Fix insufficient verification of meta packages which could be exploited
      to remotely crash the server.
    - Patch taken from Sarge security update.
    - CVE-2006-2898

03ae648... by Chuck Short on 2006-05-26

Import patches-unapplied version 1:1.2.7.1.dfsg-2ubuntu3 to ubuntu/dapper

Imported using git-ubuntu import.

Changelog parent: 97b4b52f6013431b5c8f06e7c11a620e24767d38

New changelog entries:
  * debian/*.init:
    - Change the ownership of the pid file again.
      (Closes: Malone ##45952).

97b4b52... by Chuck Short on 2006-05-22

Import patches-unapplied version 1:1.2.7.1.dfsg-2ubuntu2 to ubuntu/dapper

Imported using git-ubuntu import.

Changelog parent: bfee664b859fd48e36ab5c17d9b0c40a4b58d9d5

New changelog entries:
  * debian/*.init
    - Change the ownership of the pid file.
      (Closes: Malone #45952).

bfee664... by Daniel Holbach on 2006-05-18

Import patches-unapplied version 1:1.2.7.1.dfsg-2ubuntu1 to ubuntu/dapper

Imported using git-ubuntu import.

Changelog parent: 228048bbb640c563741aa5621977dfa5a37f8345

New changelog entries:
  * Resynchronized with Debian, only Ubuntu changes:
    - debian/*.init:
      - create /var/run/ directory if necessary.
  [ Kilian Krause ]
  * Urgency bumped since 1.2.7 is a security update [CVE-2006-1827]
    (Closes: #364195)
  [ Mark Purcell ]
  * Previous Upload also fixes:
    - cannot install - directories not created (Closes: #360233)
    - package uninstallable (Closes: #359970)
  * Update postinst to fix: fails to upgrade when /etc/asterisk/voicemail.conf
    is deleted (Closes: #360220)
  * Link debian/asterisk-bristuff.asterisk.{logrotate,init} &
    provide debian/asterisk-classic.asterisk.logfile
    - Fixes: init.d and logrotate.d conflicts (Closes: #360181)
  [ Tzafrir Cohen ]
  * New upstream release.
  * nomarch.dpatch: removed the patching to internal libgsm, as we don't use
    it (and it broke in this version)
  * bristuff.dpatch: based on the patch from bristuff-0.3.0-PRE1n
  * bristuff.dpatch: A small fix in chan_sip.c
  * bristuff.dpatch: Disabling "libgsm" until it is renamed
  * 30_ast-data-dir.dpatch: the symlink sounds/voicemail is now gone
  * rules: do fail if bristuff patching hasfailed
  * zap_restart.dpatch: allow restarting zaptel channel with "zap restart"
  * backport_playdtmf.dpatch: a harmless backport (no impact if not used)
  * completed the merge of logrotate and init.d scripts
  [ Lionel Elie Mamane ]
  * When not running asterisk, do it successfully, not by failure.
    (closes: #360234)
  * Create /var/log/asterisk/cdr-csv, not cdr-cvs.
  [ Mark Purcell ]
  * Update debian/control for asterisk-h323 package description
  * Create /var/spool/asterisk & /var/lib/asterisk in debian/*.postinst
  * New upstream release. Fixes:
    - Version 1.2.5 is out (Closes: #355299)
    - since 1.2.0 no chan_modem (Closes: #343232)
    - Undefined symbol in chan_zap.so (Closes: #339559)
    - Unapplying patches fail (Closes: #345676)
    - utils.c:619 tvfix: warning negative timestamp... (Closes: #347929)
    - creates /.asterisk_history on reboot (Closes: #307218)
  * h323 modules can be unstable so dont load my default
  * Cleanup debian/patches to remove obsolete/ old patches
  * New upstream release. (Closes: #355299)
  * correct_pid_display.dpatch: adjusted to 1.2.6
  * 30_ast-data-dir.dpatch: adjusted to 1.2.6
  * debian/control: Add adduser to depends of asterisk-config to shut up
    lintian.
  * rules: no need to copy config to the bristuff install
  * rules: but use cp -a for ast_config, as there may be subdirs.
  * Recompile to fix missing asterisk-config from last binNMU round
    (Closes: #356712, #358413, #355524, #358145)
  * postinstall: Add /var/spool/asterisk/meetme if nonexistant.
    (Closes: #355046)
  * asterisk.init: Install both asterisk-classic and asterisk-bristuff with
    /etc/init.d/asterisk (Closes: #354729)
  * logroate: create /var/log/asterisk/cdr-custom/ as well as cdr-csv
    (Closes: #355048)
  * logrotate: share location of logrotate file as /etc/logrotate.d/asterisk
    for both classic and bristuff version (Closes: #356712)
  * delete chan_capi modules from bristuff
  * Move postinstall and postrm to asterisk-classsic, asterisk-bristuff and
    asterisk-config. (Closes: #355524)
  * Add chan_h323 back with new Atlas_devel3 OpenH323.
  * Fix install of asterisk-bristuff with dh_install.
  * Create missing /var/spool/asterisk/voicemail in postinst (Closes: #352586)
  * Fix asterisk-bristuff install target to catch correct versions.
  * update to bristuff 0.3.0-PRE-1k
  [ Tzafrir Cohen ]
  * Fix PID display (Closes: #338646)
  * changes to the init.d script (Tzafrir)
  * debian/ast_config/ place here configurutaion files that will override
    the defaults from the source, though not get into the sample documentation
    dir
  * debian/ast_config/manager.conf: asterisk does listen onthe manager by
    default, but only on localhost. Other packages need not edit manager.conf
    to get a manager acount
  * bristuff 0.3.0-PRE-1f
  * option_detach.dpatch: Adds option -D: always daemonize (even with -v,-d)
    (conflicts with bristuff, though)
  * ukcid.dpatch: UK Caller ID patch for the X100P. (Closes: #302380)
  [ Kilian Krause ]
  * New upstream release. (Closes: #350905)
  * Bumping depends on libpri and zaptel to according 1.2 versions.
  * Build-Depends on libpri1.2 since new ABI caused new package name.
  * Removed alternatives from Build-Depends since sbuild will only take first
    anyway to ensure constant rebuilds.
  * Add a noload for chan_capi by default, so that we d not stop loading when
    no CAPI is installed. (Closes: #328835)
  * Include smsq by adding Build-Depends on libpopt-dev (Closes: #348090)

228048b... by Kilian Krause on 2006-01-02

Import patches-unapplied version 1:1.2.1.dfsg-3 to ubuntu/dapper

Imported using git-ubuntu import.

Changelog parent: ea0b606916772f9e8be88cbe3a3bee1c32330488

New changelog entries:
  * Remove -msoft-float from compile flags to fix compilation on arm.
    (Closes: #343154)
  * Provide nonexistant dirs before running chown on them. (Closes: #341810)
  * Depend on Perl module in libapache-dbi-perl or libdbi-perl or web-vmail
    (Closes: #337448)
  * Fix permissions on voicemail.conf. (Closes: #304615)
  * Build-Depend on gsfonts to have Helvetica font for doxygen
    (Closes: #343079)

ea0b606... by Tzafrir Cohen <email address hidden> on 2005-12-31

Import patches-unapplied version 1:1.2.1.dfsg-2 to ubuntu/dapper

Imported using git-ubuntu import.

Changelog parent: 45cea0744f29f8e15c946f3bdfc82c3f46ba6623

New changelog entries:
  [ Tzafrir Cohen ]
  * bristuff 0.3.0-PRE-1d . Still disabled by default
  * libpri_bristuffed.dpatch: link chan_zap with libpri-bristuffed.so.1
  * Use asterisk(8) as a man page for rasterisk
  * Removing binary steroize: can be done with soxmix of package sox.
  * Removing binary streamplay: can be done with netcat

  [ Kilian Krause ]
  * Fix asterisk-dev to include asterisk.h

45cea07... by Mark Purcell on 2005-12-07

Import patches-unapplied version 1:1.2.1.dfsg-1 to ubuntu/dapper

Imported using git-ubuntu import.

Changelog parent: d387e112f7a6fa4611f210ad227358155411f21a

New changelog entries:
  * New upstream release
    - Please package asterisk 1.2.1 (Closes: #342463)
  * Temporary disable bristuff for upstream release
  * sip-1.914.dpatch merged upstream
  * Add Build-Depends: libcurl3-dev | libcurl-dev
    - Should build-depend on libcurl3-dev (Closes: #341363)
  * Add Build-Depends: doxygen
    - Missing build-dependency on doxygen (Closes: #341362)
  * Build-Depends: adduser (>= 3.63)
  * disable chan_zap building (in channels makefile) against old
    libmfcr2 (Closes: #342139)
  * seperate api docs and configuration samples (Closes: #341395)
  * Add sip-1.913.dpatch; SIP error 400 on outgoing calls (Closes: #340574)
  [ Tzafrir Cohen ]
  * Added bristuff 0.3.0-PRE1
  [ Mark Purcell ]
  * asterisk-sounds-main Replaces: asterisk-sounds-extra
    - asterisk-sounds-{main,extra}: file conflict (Closes: #339791)
  * Fix 50_debian-libgsm.dpatch to apply correctly
    - asterisk - FTBFS: Tries to build a i386 assembler file (Closes:
    #340102)
  * Remove -march to fix FTBFS. (Closes: #338753)
  * libreadline4-dev is superseeded by libreadline5-dev. Fixed build-depends.
  * New upstream release
  * New upstream release
  * New upstream release
  * Suggests: asterisk-rate-engine
  * debian/rules touch .cleancount (upstream bug?)
  * Fix debian/patches/30_ast-data-dir with /var/run/asterisk. Thanks
    Alessandro Polverini
  * Copyright audit into debian/copyright (Closes: #331318)
  * Please package 1.2 beta 2 (Closes: #336749)
  * New upstream release
  * Update Build-Depends: libpri1 >= 1.2.0-beta2
  * Remove Build-Depends: doxygen. Takes too long for experimental ;-)
  [ Tzafrir Cohen ]
  * recreated system_libgsm patch, http://bugs.digium.com/view.php?id=5434
  * Added public key from Junction Networks (pubkey_jnctn.dpatch).
    Any other keys for IAX providers we can add?
  * updating to a beta of Asterisk 1.2
  * added defaults_debian.dpatch to set pathes
  * BuildDepends on graphviz
  * disabled most patches: still need to review them
  * What about h323?
  * deleted from patches/00list a number of patches that should not go in
  [ Mark Purcell ]
  * Fix: old-fsf-address-in-copyright-file
  * Please package version 1.2 betas (Closes: #325268)
  * Fix memleak bug (http://bugs.digium.com/view.php?id=4318)
  * Fix depends to adduser 3.64 (Closes: #326198)
  [ Kilian Krause ]
  * debian/control: fix GCI to read CGI. (Closes: #311291)
  [ Mark Purcell ]
  * /var/lib/dpkg/info/asterisk.postinst: line 22: adduser: command not
    found (Closes: #322115)
  * debian/patches/chan-modem.dpatch from Simon Peter
    - chan_modem.c should set default read & write format (Closes:
    #303903)
  * apply patch from Jérôme Warnier
    - Asterisk autosupport script not recognized as such (Closes: #316799)
  * Updated debian/postrm:
    - 'apt-get --purge remove asterisk' removes configuration files from
    another package (Closes: #318455)
  * Cleanup bristuff to build under gcc4, thanks for the suggestions
    - Closes: #318337: FTBFS. channel.c:64: error: static declaration of
    'uniquelock' follows non-static declaration
  * Cleanup 70_debian-libpe-fe.dpatch to check in Makefile
  * Enable bristuff-0.2.0-RC8j.dpatch
  * Remove debian/patches/08_debian-zaptel.dpatch as it is no longer
    needed with new zaptel-source package
  * Cleanup debian/patches/
  * Conflicts: asterisk-oh323 (<= 0.6.6pre3-3)
    - Closes: #318189: asterisk-oh323: chan_oh323.so cannot find symbol
    and Asterisk crashes
    - Closes: #318216: chan_oh323.so symbols
  * Cleanup postinit error: adduser asterisk audio; adduser asterisk
    dialout
  * Incorporate suggestions from Tzafrir Cohen <email address hidden>
    - postinst script has an error
    - modified astdir patch, so it won't conflict with bristuff patch
    - typo in the debian/asterisk.default: s/exra/extra/
    - build-depends both on zaptel-source (>= 1.0.6) and simply
    on zaptel-source, The latter is probably unnecessary
    - man pages for the other executables in the package
  * Closes: #301490: Please add patch for Italian syntax
  * Closes: #305734: On PowerPC, hanging up on voicemail causes non-stop
    log messages