rpms/asterisk/F-11 .cvsignore, 1.27, 1.28 Makefile, 1.3, 1.4 asterisk.spec, 1.60, 1.61 sources, 1.28, 1.29
Jeffrey C. Ollie
jcollie at fedoraproject.org
Tue Mar 2 16:54:12 UTC 2010
Author: jcollie
Update of /cvs/pkgs/rpms/asterisk/F-11
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv21049
Modified Files:
.cvsignore Makefile asterisk.spec sources
Log Message:
* Mon Mar 1 2010 Jeffrey C. Ollie <jeff at ocjtech.us> - 1.6.1.17-1
- Update to 1.6.1.17
-
- * AST-2010-003: Invalid parsing of ACL rules can compromise security
- * AST-2010-002: This security release is intended to raise awareness
- of how it is possible to insert malicious strings into dialplans,
- and to advise developers to read the best practices documents so
- that they may easily avoid these dangers.
- * AST-2010-001: An attacker attempting to negotiate T.38 over SIP can
- remotely crash Asterisk by modifying the FaxMaxDatagram field of
- the SDP to contain either a negative or exceptionally large value.
- The same crash occurs when the FaxMaxDatagram field is omitted from
- the SDP as well.
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/asterisk/F-11/.cvsignore,v
retrieving revision 1.27
retrieving revision 1.28
diff -u -p -r1.27 -r1.28
--- .cvsignore 8 Jan 2010 17:36:59 -0000 1.27
+++ .cvsignore 2 Mar 2010 16:54:12 -0000 1.28
@@ -1,2 +1,2 @@
-asterisk-1.6.1.12.tar.gz
-asterisk-1.6.1.12.tar.gz.asc
+asterisk-1.6.1.17.tar.gz
+asterisk-1.6.1.17.tar.gz.asc
Index: asterisk.spec
===================================================================
RCS file: /cvs/pkgs/rpms/asterisk/F-11/asterisk.spec,v
retrieving revision 1.60
retrieving revision 1.61
diff -u -p -r1.60 -r1.61
--- asterisk.spec 8 Jan 2010 17:37:00 -0000 1.60
+++ asterisk.spec 2 Mar 2010 16:54:12 -0000 1.61
@@ -1,7 +1,7 @@
#define _rc 2
Summary: The Open Source PBX
Name: asterisk
-Version: 1.6.1.12
+Version: 1.6.1.17
Release: 1%{?_rc:.rc%{_rc}}%{?dist}
License: GPLv2
Group: Applications/Internet
@@ -67,7 +67,7 @@ Requires: latex2html
# asterisk-conference package removed since patch no longer compiles
Obsoletes: asterisk-conference <= 1.6.0-0.14.beta9
-Obsoletes: asterisk-mobile < 1.6.1.0-1
+Obsoletes: asterisk-mobile <= 1.6.1-0.23.rc1
Obsoletes: asterisk-firmware < 1.6.1.9-1
%description
@@ -991,9 +991,22 @@ fi
%{_libdir}/asterisk/modules/app_voicemail_plain.so
%changelog
+* Mon Mar 1 2010 Jeffrey C. Ollie <jeff at ocjtech.us> - 1.6.1.17-1
+- Update to 1.6.1.17
+-
+- * AST-2010-003: Invalid parsing of ACL rules can compromise security
+- * AST-2010-002: This security release is intended to raise awareness
+- of how it is possible to insert malicious strings into dialplans,
+- and to advise developers to read the best practices documents so
+- that they may easily avoid these dangers.
+- * AST-2010-001: An attacker attempting to negotiate T.38 over SIP can
+- remotely crash Asterisk by modifying the FaxMaxDatagram field of
+- the SDP to contain either a negative or exceptionally large value.
+- The same crash occurs when the FaxMaxDatagram field is omitted from
+- the SDP as well.
+
* Mon Dec 21 2009 Jeffrey C. Ollie <jeff at ocjtech.us> - 1.6.1.12-1
- Update to 1.6.1.12
-- Fix obsoletes for asterisk-mobile
* Mon Nov 30 2009 Jeffrey C. Ollie <jeff at ocjtech.us> - 1.6.1.11-1
- Update to 1.6.1.11 to fix AST-2009-010/CVE-2009-4055
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/asterisk/F-11/sources,v
retrieving revision 1.28
retrieving revision 1.29
diff -u -p -r1.28 -r1.29
--- sources 8 Jan 2010 17:37:00 -0000 1.28
+++ sources 2 Mar 2010 16:54:12 -0000 1.29
@@ -1,2 +1,2 @@
-d6bc1448b8fa274a2acaef1b15f4d485 asterisk-1.6.1.12.tar.gz
-979da3e2e0a11824298c2af332b9c9e7 asterisk-1.6.1.12.tar.gz.asc
+969b9a63e3b20e22c8b3b38510aca95b asterisk-1.6.1.17.tar.gz
+e0f910332100c712979be2743e5b9f82 asterisk-1.6.1.17.tar.gz.asc
More information about the scm-commits
mailing list