Date: Thu, 3 Jan 2013 19:41:31 +0000 (UTC) From: Florian Smeets <flo@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r309903 - in head: net/asterisk net/asterisk10 net/asterisk11 security/vuxml Message-ID: <201301031941.r03JfVrS071822@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: flo Date: Thu Jan 3 19:41:30 2013 New Revision: 309903 URL: http://svnweb.freebsd.org/changeset/ports/309903 Log: - update net/asterisk to 1.8.19.1 - update net/asterisk10 to 10.11.1 - update net/asterisk11 to 10.1.2 - add vuln.xml entry Security: f7c87a8a-55d5-11e2-a255-c8600054b392 Modified: head/net/asterisk/Makefile head/net/asterisk/distinfo head/net/asterisk10/Makefile head/net/asterisk10/distinfo head/net/asterisk11/Makefile head/net/asterisk11/distinfo head/security/vuxml/vuln.xml Modified: head/net/asterisk/Makefile ============================================================================== --- head/net/asterisk/Makefile Thu Jan 3 19:02:19 2013 (r309902) +++ head/net/asterisk/Makefile Thu Jan 3 19:41:30 2013 (r309903) @@ -6,7 +6,7 @@ # PORTNAME= asterisk -PORTVERSION= 1.8.19.0 +PORTVERSION= 1.8.19.1 CATEGORIES= net MASTER_SITES= http://downloads.asterisk.org/pub/telephony/asterisk/ \ http://downloads.asterisk.org/pub/telephony/asterisk/old-releases/ Modified: head/net/asterisk/distinfo ============================================================================== --- head/net/asterisk/distinfo Thu Jan 3 19:02:19 2013 (r309902) +++ head/net/asterisk/distinfo Thu Jan 3 19:41:30 2013 (r309903) @@ -1,2 +1,2 @@ -SHA256 (asterisk-1.8.19.0.tar.gz) = ca99358d1be95d8cb4f37eaa9dcbbcf1e5dc57e0e47bec1f2f68c01ef6da87ce -SIZE (asterisk-1.8.19.0.tar.gz) = 25160700 +SHA256 (asterisk-1.8.19.1.tar.gz) = 2600e5b1888735c1ba7a7712b05347d8297efe819545800750b70f3e39a3aad1 +SIZE (asterisk-1.8.19.1.tar.gz) = 25158882 Modified: head/net/asterisk10/Makefile ============================================================================== --- head/net/asterisk10/Makefile Thu Jan 3 19:02:19 2013 (r309902) +++ head/net/asterisk10/Makefile Thu Jan 3 19:41:30 2013 (r309903) @@ -6,7 +6,7 @@ # PORTNAME= asterisk -PORTVERSION= 10.11.0 +PORTVERSION= 10.11.1 CATEGORIES= net MASTER_SITES= http://downloads.asterisk.org/pub/telephony/asterisk/ \ http://downloads.asterisk.org/pub/telephony/asterisk/old-releases/ Modified: head/net/asterisk10/distinfo ============================================================================== --- head/net/asterisk10/distinfo Thu Jan 3 19:02:19 2013 (r309902) +++ head/net/asterisk10/distinfo Thu Jan 3 19:41:30 2013 (r309903) @@ -1,2 +1,2 @@ -SHA256 (asterisk-10.11.0.tar.gz) = f580b4a341f7eef5a1d25bb5fce42ab9ecffe388ac1b18a05c198e9945237131 -SIZE (asterisk-10.11.0.tar.gz) = 25095528 +SHA256 (asterisk-10.11.1.tar.gz) = c9a66376434fd410eb8b29eac5d796a31c38860c4f310059b23a9c9d0e404f07 +SIZE (asterisk-10.11.1.tar.gz) = 25090000 Modified: head/net/asterisk11/Makefile ============================================================================== --- head/net/asterisk11/Makefile Thu Jan 3 19:02:19 2013 (r309902) +++ head/net/asterisk11/Makefile Thu Jan 3 19:41:30 2013 (r309903) @@ -1,7 +1,7 @@ # $FreeBSD$ PORTNAME= asterisk -PORTVERSION= 11.1.0 +PORTVERSION= 11.1.2 CATEGORIES= net MASTER_SITES= http://downloads.asterisk.org/pub/telephony/asterisk/ \ http://downloads.asterisk.org/pub/telephony/asterisk/old-releases/ Modified: head/net/asterisk11/distinfo ============================================================================== --- head/net/asterisk11/distinfo Thu Jan 3 19:02:19 2013 (r309902) +++ head/net/asterisk11/distinfo Thu Jan 3 19:41:30 2013 (r309903) @@ -1,2 +1,2 @@ -SHA256 (asterisk-11.1.0.tar.gz) = bf5eb3615529e18fd51e82a60585a7ad2635e4658d484dea482d15d7bce5874d -SIZE (asterisk-11.1.0.tar.gz) = 30448814 +SHA256 (asterisk-11.1.2.tar.gz) = 5d0aa1930584f54f43f9886e70c65b68bf22db1f1df79bcac2e58e25b216a67b +SIZE (asterisk-11.1.2.tar.gz) = 30439547 Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Thu Jan 3 19:02:19 2013 (r309902) +++ head/security/vuxml/vuln.xml Thu Jan 3 19:41:30 2013 (r309903) @@ -51,6 +51,44 @@ Note: Please add new entries to the beg --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">; + <vuln vid="f7c87a8a-55d5-11e2-a255-c8600054b392"> + <topic>asterisk -- multiple vulnerabilities</topic> + <affects> + <package> + <name>asterisk11</name> + <range><gt>11.*</gt><lt>11.1.2</lt></range> + </package> + <package> + <name>asterisk10</name> + <range><gt>10.*</gt><lt>10.7.1</lt></range> + </package> + <package> + <name>asterisk18</name> + <range><gt>1.8.*</gt><lt>1.8.15.1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>Asterisk project reports:</p> + <blockquote cite="https://www.asterisk.org/security">; + <p>Crashes due to large stack allocations when using TCP</p> + <p>Denial of Service Through Exploitation of Device State Caching</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2012-5976</cvename> + <cvename>CVE-2012-5977</cvename> + <url>http://downloads.digium.com/pub/security/AST-2012-014.html</url>; + <url>http://downloads.digium.com/pub/security/AST-2012-015.html</url>; + <url>https://www.asterisk.org/security</url>; + </references> + <dates> + <discovery>2013-01-02</discovery> + <entry>2013-01-03</entry> + </dates> + </vuln> + <vuln vid="4108cc57-54d7-11e2-9483-14dae938ec40"> <topic>ircd-ratbox and charybdis -- remote DoS vulnerability</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201301031941.r03JfVrS071822>