[asterisk/f17] 10.11.1
Jeffrey C. Ollie
jcollie at fedoraproject.org
Fri Jan 4 15:45:36 UTC 2013
commit 62e4d67e04cf5b4a61c836f5408d6444418b7a75
Author: Jeffrey C. Ollie <jeff at ocjtech.us>
Date: Fri Jan 4 09:45:28 2013 -0600
10.11.1
.gitignore | 2 ++
asterisk.spec | 43 +++++++++++++++++++++++++++++++++++++++++--
sources | 4 ++--
3 files changed, 45 insertions(+), 4 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 989f386..f1b696e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -90,3 +90,5 @@ asterisk-1.8.0-beta3.tar.gz.asc
/asterisk-10.10.1.tar.gz.asc
/asterisk-10.11.0.tar.gz
/asterisk-10.11.0.tar.gz.asc
+/asterisk-10.11.1.tar.gz
+/asterisk-10.11.1.tar.gz.asc
diff --git a/asterisk.spec b/asterisk.spec
index c3ce8a2..92e6181 100644
--- a/asterisk.spec
+++ b/asterisk.spec
@@ -28,7 +28,7 @@
Summary: The Open Source PBX
Name: asterisk
-Version: 10.11.0
+Version: 10.11.1
Release: 1%{?_rc:.rc%{_rc}}%{?_beta:.beta%{_beta}}%{?dist}
License: GPLv2
Group: Applications/Internet
@@ -1364,7 +1364,46 @@ fi
%{_libdir}/asterisk/modules/app_voicemail_plain.so
%changelog
-* Fri Dec 14 2012 Jeffrey Ollie <jeff at ocjtech.us> - 10.11.0-1
+* Fri Jan 4 2013 Jeffrey Ollie <jeff at ocjtech.us> - 10.11.1-1:
+- The Asterisk Development Team has announced security releases for Certified
+- Asterisk 1.8.11 and Asterisk 1.8, 10, and 11. The available security releases
+- are released as versions 1.8.11-cert10, 1.8.19.1, 10.11.1, 10.11.1-digiumphones,
+- and 11.1.1.
+-
+- These releases are available for immediate download at
+- http://downloads.asterisk.org/pub/telephony/asterisk/releases
+-
+- The release of these versions resolve the following two issues:
+-
+- * Stack overflows that occur in some portions of Asterisk that manage a TCP
+- connection. In SIP, this is exploitable via a remote unauthenticated session;
+- in XMPP and HTTP connections, this is exploitable via remote authenticated
+- sessions.
+-
+- * A denial of service vulnerability through exploitation of the device state
+- cache. Anonymous calls had the capability to create devices in Asterisk that
+- would never be disposed of.
+-
+- These issues and their resolutions are described in the security advisories.
+-
+- For more information about the details of these vulnerabilities, please read
+- security advisories AST-2012-014 and AST-2012-015, which were released at the
+- same time as this announcement.
+-
+- For a full list of changes in the current releases, please see the ChangeLogs:
+-
+- http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.11-cert10
+- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.19.1
+- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.11.1
+- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.11.1-digiumphones
+- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.1.1
+-
+- The security advisories are available at:
+-
+- * http://downloads.asterisk.org/pub/security/AST-2012-014.pdf
+- * http://downloads.asterisk.org/pub/security/AST-2012-015.pdf
+
+* Fri Dec 14 2012 Jeffrey Ollie <jeff at ocjtech.us> - 10.11.0-1:
- The Asterisk Development Team has announced the release of Asterisk 10.11.0.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk
diff --git a/sources b/sources
index 2ad0b8c..a926f9b 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-c09cc8c4923578bef43843ce2badeb93 asterisk-10.11.0.tar.gz
-f18cf1d42d2ad917128e3cefb4b54382 asterisk-10.11.0.tar.gz.asc
+4d6be4b47c1aed62934ae291f535efec asterisk-10.11.1.tar.gz
+cb427ef085629cb4cfb961ad4266c553 asterisk-10.11.1.tar.gz.asc
More information about the scm-commits
mailing list