[asterisk] 10.5.2

Jeffrey C. Ollie jcollie at fedoraproject.org
Thu Jul 5 21:45:56 UTC 2012 

commit cd05c6dd97eeaa95d16820a80edbdbc20d96cc99
Author: Jeffrey C. Ollie <jeff at ocjtech.us>
Date:   Thu Jul 5 16:44:13 2012 -0500

    10.5.2

 .gitignore    |    2 ++
 asterisk.spec |   42 ++++++++++++++++++++++++++++++++++++++++--
 sources       |    4 ++--
 3 files changed, 44 insertions(+), 4 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index e60244f..0d41a98 100644
--- a/.gitignore
+++ b/.gitignore
@@ -76,3 +76,5 @@ asterisk-1.8.0-beta3.tar.gz.asc
 /asterisk-10.4.2.tar.gz.asc
 /asterisk-10.5.1.tar.gz
 /asterisk-10.5.1.tar.gz.asc
+/asterisk-10.5.2.tar.gz
+/asterisk-10.5.2.tar.gz.asc
diff --git a/asterisk.spec b/asterisk.spec
index 4a43ec5..3c2b31b 100644
--- a/asterisk.spec
+++ b/asterisk.spec
@@ -28,8 +28,8 @@
 
 Summary: The Open Source PBX
 Name: asterisk
-Version: 10.5.1
-Release: 1%{?_rc:.rc%{_rc}}%{?_beta:.beta%{_beta}}%{?dist}.1
+Version: 10.5.2
+Release: 1%{?_rc:.rc%{_rc}}%{?_beta:.beta%{_beta}}%{?dist}
 License: GPLv2
 Group: Applications/Internet
 URL: http://www.asterisk.org/
@@ -1359,6 +1359,44 @@ fi
 %{_libdir}/asterisk/modules/app_voicemail_plain.so
 
 %changelog
+* Thu Jul  5 2012 Jeffrey Ollie <jeff at ocjtech.us> - 10.5.2-1:
+- The Asterisk Development Team has announced security releases for Certified
+- Asterisk 1.8.11 and Asterisk 1.8 and 10. The available security releases are
+- released as versions 1.8.11-cert4, 1.8.13.1, 10.5.2, and 10.5.2-digiumphones.
+-
+- These releases are available for immediate download at
+- http://downloads.asterisk.org/pub/telephony/asterisk/releases
+-
+- The release of Asterisk 1.8.11-cert4, 1.8.13.1, 10.5.2, and 10.5.2-digiumphones
+- resolve the following two issues:
+-
+- * If Asterisk sends a re-invite and an endpoint responds to the re-invite with
+-   a provisional response but never sends a final response, then the SIP dialog
+-   structure is never freed and the RTP ports for the call are never released. If
+-   an attacker has the ability to place a call, they could create a denial of
+-   service by using all available RTP ports.
+-
+- * If a single voicemail account is manipulated by two parties simultaneously,
+-   a condition can occur where memory is freed twice causing a crash.
+-
+- These issues and their resolution are described in the security advisories.
+-
+- For more information about the details of these vulnerabilities, please read
+- security advisories AST-2012-010 and AST-2012-011, which were released at the
+- same time as this announcement.
+-
+- For a full list of changes in the current releases, please see the ChangeLogs:
+-
+- http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.11-cert4
+- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.13.1
+- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.5.2
+- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.5.2-digiumphones
+-
+- The security advisories are available at:
+-
+-  * http://downloads.asterisk.org/pub/security/AST-2012-010.pdf
+-  * http://downloads.asterisk.org/pub/security/AST-2012-011.pdf
+
 * Thu Jun 28 2012 Petr Pisar <ppisar at redhat.com> - 10.5.1-1.1
 - Perl 5.16 rebuild
 
diff --git a/sources b/sources
index b01170c..c10a654 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-fbbea8a1ed26144cfa94b54df4adb3fd  asterisk-10.5.1.tar.gz
-42b4e85b5eea7a457c7e30327d895924  asterisk-10.5.1.tar.gz.asc
+89ce2431ea99ee9645f76193d1566034  asterisk-10.5.2.tar.gz
+fcef686bb5d7e73dd50b617140965e81  asterisk-10.5.2.tar.gz.asc

More information about the scm-commits mailing list