[asterisk] Update to 1.8.4.3

Sat Jun 25 03:04:22 UTC 2011

commit bd9828ba813ba77948581b16dc6fb0ee9183b1c1
Author: Jeffrey C. Ollie <jeff at ocjtech.us>
Date:   Fri Jun 24 22:03:47 2011 -0500

    Update to 1.8.4.3

 .gitignore    |    2 ++
 asterisk.spec |   52 ++++++++++++++++++++++++++++++++++++++++++++++++++--
 sources       |    4 ++--
 3 files changed, 54 insertions(+), 4 deletions(-)
---

diff --git a/.gitignore b/.gitignore
index b4da8e1..bfbf0a0 100644
--- a/.gitignore
+++ b/.gitignore
@@ -40,3 +40,5 @@ asterisk-1.8.0-beta3.tar.gz.asc
 /asterisk-1.8.3.3.tar.gz.asc
 /asterisk-1.8.4.2.tar.gz
 /asterisk-1.8.4.2.tar.gz.asc
+/asterisk-1.8.4.3.tar.gz
+/asterisk-1.8.4.3.tar.gz.asc
diff --git a/asterisk.spec b/asterisk.spec
index a0092b0..97da0a7 100644
--- a/asterisk.spec
+++ b/asterisk.spec
@@ -2,8 +2,8 @@
 #global _beta 5
 Summary: The Open Source PBX
 Name: asterisk
-Version: 1.8.4.2
-Release: 2%{?_rc:.rc%{_rc}}%{?_beta:.beta%{_beta}}%{?dist}
+Version: 1.8.4.3
+Release: 1%{?_rc:.rc%{_rc}}%{?_beta:.beta%{_beta}}%{?dist}
 License: GPLv2
 Group: Applications/Internet
 URL: http://www.asterisk.org/
@@ -1210,6 +1210,54 @@ fi
 %{_libdir}/asterisk/modules/app_voicemail_plain.so
 
 %changelog
+* Fri Jun 24 2011 Jeffrey C. Ollie <jeff at ocjtech.us> - 1.8.4.3-1
+- The Asterisk Development Team has announced the release of Asterisk versions
+- 1.4.41.1, 1.6.2.18.1, and 1.8.4.3, which are security releases.
+- 
+- These releases are available for immediate download at
+- http://downloads.asterisk.org/pub/telephony/asterisk/releases
+- 
+- The release of Asterisk 1.4.41.1, 1.6.2.18, and 1.8.4.3 resolves several issues
+- as outlined below:
+- 
+- * AST-2011-008: If a remote user sends a SIP packet containing a null,
+-  Asterisk assumes available data extends past the null to the
+-  end of the packet when the buffer is actually truncated when
+-  copied.  This causes SIP header parsing to modify data past
+-  the end of the buffer altering unrelated memory structures.
+-  This vulnerability does not affect TCP/TLS connections.
+-  -- Resolved in 1.6.2.18.1 and 1.8.4.3
+- 
+- * AST-2011-009: A remote user sending a SIP packet containing a Contact header
+-  with a missing left angle bracket (<) causes Asterisk to
+-  access a null pointer.
+-  -- Resolved in 1.8.4.3
+- 
+- * AST-2011-010: A memory address was inadvertently transmitted over the
+-  network via IAX2 via an option control frame and the remote party would try
+-  to access it.
+-  -- Resolved in 1.4.41.1, 1.6.2.18.1, and 1.8.4.3
+- 
+- The issues and resolutions are described in the AST-2011-008, AST-2011-009, and
+- AST-2011-010 security advisories.
+- 
+- For more information about the details of these vulnerabilities, please read
+- the security advisories AST-2011-008, AST-2011-009, and AST-2011-010, which were
+- released at the same time as this announcement.
+- 
+- For a full list of changes in the current releases, please see the ChangeLog:
+- 
+- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.4.41.1
+- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.18.1
+- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.4.3
+- 
+- Security advisories AST-2011-008, AST-2011-009, and AST-2011-010 are available
+- at:
+- 
+- http://downloads.asterisk.org/pub/security/AST-2011-008.pdf
+- http://downloads.asterisk.org/pub/security/AST-2011-009.pdf
+- http://downloads.asterisk.org/pub/security/AST-2011-010.pdf
+
 * Tue Jun 21 2011 Jeffrey C. Ollie <jeff at ocjtech.us> - 1.8.4.2-2
 - Convert to systemd
 
diff --git a/sources b/sources
index edf6f0c..6f59124 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-930ce297119e9feb201779d524653371  asterisk-1.8.4.2.tar.gz
-6a694b967a5cc6cdb5b5a34ed97c2a3a  asterisk-1.8.4.2.tar.gz.asc
+bae6240682736ebbcd3596bc6cc1ad14  asterisk-1.8.4.3.tar.gz
+7fbeb8063157220da4a473505e4f617d  asterisk-1.8.4.3.tar.gz.asc
