rpms/asterisk/F-7 asterisk-1.4.18-funcdesc.patch, NONE, 1.1 asterisk-1.4.18-httpmgrids.patch, NONE, 1.1 .cvsignore, 1.7, 1.8 asterisk.spec, 1.8, 1.9 sources, 1.7, 1.8
Jeffrey C. Ollie (jcollie)
fedora-extras-commits at redhat.com
Thu Mar 20 03:19:24 UTC 2008
- Previous message (by thread): rpms/ltsp/devel ltsp.spec,1.2,1.3 sources,1.3,1.4
- Next message (by thread): rpms/referencer/devel .cvsignore, 1.4, 1.5 referencer.spec, 1.9, 1.10 sources, 1.4, 1.5
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: jcollie
Update of /cvs/pkgs/rpms/asterisk/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv7419
Modified Files:
.cvsignore asterisk.spec sources
Added Files:
asterisk-1.4.18-funcdesc.patch
asterisk-1.4.18-httpmgrids.patch
Log Message:
Update to 1.4.18.1 plus a patch to fix some decurity issues.
asterisk-1.4.18-funcdesc.patch:
--- NEW FILE asterisk-1.4.18-funcdesc.patch ---
>From 0d18b1b78dbae3d548192883a858838bbc23011a Mon Sep 17 00:00:00 2001
From: David Woodhouse <dwmw2 at infradead.org>
Date: Wed, 27 Feb 2008 14:54:45 -0600
Subject: [PATCH] Fix building on PPC64.
1. build_tools/strip_nonapi was looking at the wrong output from
nm(1). This is fixed by checking for a PPC64 processor and
adjusting.
2. Makefile would always hide the execution of
build_tools/strip_nonapi which made it difficult to diagnose the
problem. Now when NOISY_BUILD is enabled you'll be able to see the
execution of the script.
---
build_tools/strip_nonapi | 11 ++++++++++-
main/Makefile | 2 +-
2 files changed, 11 insertions(+), 2 deletions(-)
diff --git a/build_tools/strip_nonapi b/build_tools/strip_nonapi
index c2262ca..91e41aa 100755
--- a/build_tools/strip_nonapi
+++ b/build_tools/strip_nonapi
@@ -15,11 +15,20 @@
# astman_
# pbx_
+case "${PROC}" in
+ powerpc64)
+ TEXTSYM=" D "
+ ;;
+ *)
+ TEXTSYM=" T "
+ ;;
+esac
+
FILTER="${GREP} -v -e ^ast_ -e ^_ast_ -e ^__ast_ -e ^astman_ -e ^pbx_"
case "${OSARCH}" in
linux-gnu)
- nm ${1} | ${GREP} -e " T " | cut -d" " -f3 | ${FILTER} > striplist
+ nm ${1} | ${GREP} -e "$TEXTSYM" | cut -d" " -f3 | ${FILTER} > striplist
sed -e "s/^/-N /" striplist | xargs ${STRIP} ${1}
rm -f striplist
;;
diff --git a/main/Makefile b/main/Makefile
index 204e7df..c9de882 100644
--- a/main/Makefile
+++ b/main/Makefile
@@ -146,7 +146,7 @@ ifneq ($(findstring chan_h323,$(MENUSELECT_CHANNELS)),)
else
$(CMD_PREFIX) $(CXX) $(STATIC_BUILD) -o $@ $(ASTLINK) $(AST_EMBED_LDFLAGS) $(ASTLDFLAGS) $(H323LDFLAGS) $^ buildinfo.o $(AST_LIBS) $(AST_EMBED_LIBS) $(H323LDLIBS)
endif
- @$(ASTTOPDIR)/build_tools/strip_nonapi $@
+ $(CMD_PREFIX) $(ASTTOPDIR)/build_tools/strip_nonapi $@ || rm $@
clean::
rm -f asterisk
--
1.5.4.1
asterisk-1.4.18-httpmgrids.patch:
--- NEW FILE asterisk-1.4.18-httpmgrids.patch ---
>From 0fb7bf7edd33bcbb26ead986309e6544ab325d68 Mon Sep 17 00:00:00 2001
From: kpfleming <kpfleming at 614ede4d-c843-0410-af14-a771ab80d22e>
Date: Thu, 21 Feb 2008 14:33:51 +0000
Subject: [PATCH] reduce the likelihood that HTTP Manager session ids will consist of primarily '1' bits
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@104015 614ede4d-c843-0410-af14-a771ab80d22e
---
main/manager.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/main/manager.c b/main/manager.c
index 8e33096..3edbc3e 100644
--- a/main/manager.c
+++ b/main/manager.c
@@ -2660,7 +2660,7 @@ static char *generic_http_callback(int format, struct sockaddr_in *requestor, co
ast_mutex_init(&s->__lock);
ast_mutex_lock(&s->__lock);
s->inuse = 1;
- s->managerid = rand() | (unsigned long)s;
+ s->managerid = rand() ^ (unsigned long) s;
AST_LIST_LOCK(&sessions);
AST_LIST_INSERT_HEAD(&sessions, s, list);
/* Hook into the last spot in the event queue */
--
1.5.4.3
>From 7403fb6e261f26b0e01bd538e61ded65c8321ba6 Mon Sep 17 00:00:00 2001
From: tilghman <tilghman at 614ede4d-c843-0410-af14-a771ab80d22e>
Date: Wed, 27 Feb 2008 18:15:10 +0000
Subject: [PATCH] Ensure the session ID can't be 0.
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@104704 614ede4d-c843-0410-af14-a771ab80d22e
---
main/manager.c | 7 ++++++-
1 files changed, 6 insertions(+), 1 deletions(-)
diff --git a/main/manager.c b/main/manager.c
index 3edbc3e..b78ecf5 100644
--- a/main/manager.c
+++ b/main/manager.c
@@ -2660,7 +2660,12 @@ static char *generic_http_callback(int format, struct sockaddr_in *requestor, co
ast_mutex_init(&s->__lock);
ast_mutex_lock(&s->__lock);
s->inuse = 1;
- s->managerid = rand() ^ (unsigned long) s;
+ /*!\note There is approximately a 1 in 1.8E19 chance that the following
+ * calculation will produce 0, which is an invalid ID, but due to the
+ * properties of the rand() function (and the constantcy of s), that
+ * won't happen twice in a row.
+ */
+ while ((s->managerid = rand() ^ (unsigned long) s) == 0);
AST_LIST_LOCK(&sessions);
AST_LIST_INSERT_HEAD(&sessions, s, list);
/* Hook into the last spot in the event queue */
--
1.5.4.3
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/asterisk/F-7/.cvsignore,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- .cvsignore 19 Feb 2008 14:51:18 -0000 1.7
+++ .cvsignore 20 Mar 2008 03:18:46 -0000 1.8
@@ -1 +1 @@
-asterisk-1.4.18-stripped.tar.gz
+asterisk-1.4.18.1-stripped.tar.gz
Index: asterisk.spec
===================================================================
RCS file: /cvs/pkgs/rpms/asterisk/F-7/asterisk.spec,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- asterisk.spec 19 Feb 2008 14:51:18 -0000 1.8
+++ asterisk.spec 20 Mar 2008 03:18:46 -0000 1.9
@@ -2,15 +2,12 @@
Summary: The Open Source PBX
Name: asterisk
-Version: 1.4.18
+Version: 1.4.18.1
Release: 1%{?dist}
License: GPLv2
Group: Applications/Internet
URL: http://www.asterisk.org/
-# will file a bug once the asterisk bugzilla component shows up
-ExcludeArch: ppc64
-
# The asterisk tarball contains some items that we don't want in there,
# so start with the original tarball from here:
# http://downloads.digium.com/pub/telephony/asterisk/releases/asterisk-%{version}.tar.gz
@@ -20,13 +17,13 @@
#
# MD5 Sums
# ========
-# 3d8b2b2ef4f202901771663b40f19c3d asterisk-1.4.18.tar.gz
-# b5027a1a87592db138e10ddbd0cece8a asterisk-1.4.18-stripped.tar.gz
+# a0d7ee4054a04529b745e60dd4e750c4 asterisk-1.4.18.1.tar.gz
+# 31f42bbdc070fef1302adfeb81fc9251 asterisk-1.4.18.1-stripped.tar.gz
#
# SHA1 Sums
# =========
-# 3a027488395510b6ebe4a0a0c372db33b2044b0a asterisk-1.4.18.tar.gz
-# 6f66bf67e87d17f9ccce5fc07643abb759862289 asterisk-1.4.18-stripped.tar.gz
+# 2991e972f3c2f8cac3849f9359afbb0db7e7203a asterisk-1.4.18.1.tar.gz
+# 14eaeb210f91c843291b018e67f765cb1b5356b4 asterisk-1.4.18.1-stripped.tar.gz
Source0: asterisk-%{version}-stripped.tar.gz
Source1: asterisk-logrotate
@@ -43,6 +40,8 @@
Patch7: asterisk-1.4.18-optimization.patch
Patch8: asterisk-1.4.18-chanmobile.patch
Patch9: asterisk-1.4.18-autoconf.patch
+Patch10: asterisk-1.4.18-funcdesc.patch
+Patch11: asterisk-1.4.18-httpmgrids.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-root-%(%{__id_u} -n)
@@ -333,6 +332,8 @@
%patch7 -p1
%patch8 -p1
%patch9 -p1
+%patch10 -p1
+%patch11 -p1
cp %{SOURCE2} menuselect.makedeps
cp %{SOURCE3} menuselect.makeopts
@@ -429,6 +430,7 @@
mkdir -p %{buildroot}%{_datadir}/asterisk/sounds/
mkdir -p %{buildroot}%{_localstatedir}/lib/asterisk
mkdir -p %{buildroot}%{_localstatedir}/log/asterisk/cdr-custom/
+mkdir -p %{buildroot}%{_localstatedir}/spool/asterisk/monitor/
mkdir -p %{buildroot}%{_localstatedir}/spool/asterisk/outgoing/
# We're not going to package any of the sample AGI scripts
@@ -733,6 +735,7 @@
%attr(0750,asterisk,asterisk) %dir %{_localstatedir}/log/asterisk/cdr-custom/
%attr(0750,asterisk,asterisk) %dir %{_localstatedir}/spool/asterisk/
+%attr(0770,asterisk,asterisk) %dir %{_localstatedir}/spool/asterisk/monitor/
%attr(0770,asterisk,asterisk) %dir %{_localstatedir}/spool/asterisk/outgoing/
%attr(0750,asterisk,asterisk) %dir %{_localstatedir}/spool/asterisk/tmp/
%attr(0750,asterisk,asterisk) %dir %{_localstatedir}/spool/asterisk/voicemail/
@@ -901,6 +904,29 @@
%{_libdir}/asterisk/modules/codec_zap.so
%changelog
+* Wed Mar 19 2008 Jeffrey C. Ollie <jeff at ocjtech.us> - 1.4.18.1-1
+- Update to 1.4.18.1 plus another patch to fix some security issues.
+-
+- AST-2008-002 details two buffer overflows that were discovered in
+- RTP codec payload type handling.
+- * http://downloads.digium.com/pub/security/AST-2008-002.pdf
+- * All users of SIP in Asterisk 1.4 and 1.6 are affected.
+-
+- AST-2008-003 details a vulnerability which allows an attacker to
+- bypass SIP authentication and to make a call into the context
+- specified in the general section of sip.conf.
+- * http://downloads.digium.com/pub/security/AST-2008-003.pdf
+- * All users of SIP in Asterisk 1.0, 1.2, 1.4, or 1.6 are affected.
+-
+- AST-2008-005 details a problem in the way manager IDs are caculated.
+- * http://downloads.digium.com/pub/security/AST-2008-005.pdf
+
+* Mon Mar 3 2008 Jeffrey C. Ollie <jeff at ocjtech.us> - 1.4.18-3
+- Package the directory used to store monitor recordings.
+
+* Wed Feb 27 2008 Jeffrey C. Ollie <jeff at ocjtech.us> - 1.4.18-2
+- Add patch from David Woodhouse to fix building on PPC64.
+
* Wed Feb 13 2008 Jeffrey C. Ollie <jeff at ocjtech.us> - 1.4.18-1
- Update to 1.4.18.
- Use -march=i486 on i386 builds for atomic operations (GCC 4.3
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/asterisk/F-7/sources,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- sources 19 Feb 2008 14:51:18 -0000 1.7
+++ sources 20 Mar 2008 03:18:46 -0000 1.8
@@ -1 +1 @@
-b5027a1a87592db138e10ddbd0cece8a asterisk-1.4.18-stripped.tar.gz
+31f42bbdc070fef1302adfeb81fc9251 asterisk-1.4.18.1-stripped.tar.gz
- Previous message (by thread): rpms/ltsp/devel ltsp.spec,1.2,1.3 sources,1.3,1.4
- Next message (by thread): rpms/referencer/devel .cvsignore, 1.4, 1.5 referencer.spec, 1.9, 1.10 sources, 1.4, 1.5
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list