639 lines
27 KiB
Text
639 lines
27 KiB
Text
# ChangeLog for net-misc/asterisk
|
|
# Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2
|
|
# $Header: /var/cvsroot/gentoo-x86/net-misc/asterisk/ChangeLog,v 1.525 2015/06/19 11:14:05 chainsaw Exp $
|
|
|
|
*asterisk-13.4.0 (19 Jun 2015)
|
|
*asterisk-11.18.0 (19 Jun 2015)
|
|
|
|
19 Jun 2015; Tony Vroon <chainsaw@gentoo.org> +asterisk-11.18.0.ebuild,
|
|
-asterisk-12.8.2.ebuild, +asterisk-13.4.0.ebuild,
|
|
+files/1.6.2/asterisk.logrotate4:
|
|
Bugfix releases on the 11 & 13 branches. One more fix (IAX2 concurrency by
|
|
Jaco Kroon) is now upstream. As announced the 12 branch is being withdrawn,
|
|
please use 13 instead. Updated logrotate snippet closes bug #552200 by Jaco
|
|
Kroon.
|
|
|
|
16 May 2015; Pacho Ramos <pacho@gentoo.org> asterisk-11.17.1.ebuild,
|
|
asterisk-12.8.2.ebuild, asterisk-13.3.2.ebuild:
|
|
Rename jabber to xmpp USE (#216300)
|
|
|
|
28 Apr 2015; Tony Vroon <chainsaw@gentoo.org> -asterisk-11.15.0-r1.ebuild:
|
|
Remove vulnerable ebuild, for security bug #546040.
|
|
|
|
17 Apr 2015; Agostino Sarubbo <ago@gentoo.org> asterisk-11.17.1.ebuild:
|
|
Stable for x86, wrt bug #546040
|
|
|
|
14 Apr 2015; Agostino Sarubbo <ago@gentoo.org> asterisk-11.17.1.ebuild:
|
|
Stable for amd64, wrt bug #546040
|
|
|
|
*asterisk-13.3.2 (13 Apr 2015)
|
|
*asterisk-12.8.2 (13 Apr 2015)
|
|
*asterisk-11.17.1 (13 Apr 2015)
|
|
|
|
13 Apr 2015; Tony Vroon <chainsaw@gentoo.org> -asterisk-11.16.0.ebuild,
|
|
+asterisk-11.17.1.ebuild, -asterisk-12.8.1.ebuild, +asterisk-12.8.2.ebuild,
|
|
-asterisk-13.1.1.ebuild, -asterisk-13.2.0.ebuild, +asterisk-13.3.2.ebuild:
|
|
Upgrades on branches 11, 12 & 13 to address a null-byte exploit in TLS
|
|
certificate CN field verification (CVE-2015-3008 / AST-2015-003). Removed all
|
|
vulnerable non-stable ebuilds. For security bug #546040 by Agostino "ago"
|
|
Sarubbo.
|
|
|
|
*asterisk-13.2.0 (23 Mar 2015)
|
|
*asterisk-11.16.0 (23 Mar 2015)
|
|
|
|
23 Mar 2015; Tony Vroon <chainsaw@gentoo.org> +asterisk-11.16.0.ebuild,
|
|
+asterisk-13.2.0.ebuild:
|
|
New releases on 11 & 13 branches; DAHDI channel variable patch now upstream
|
|
(after only 3.5 years).
|
|
|
|
*asterisk-13.1.1 (11 Feb 2015)
|
|
*asterisk-12.8.1 (11 Feb 2015)
|
|
|
|
11 Feb 2015; Tony Vroon <chainsaw@gentoo.org> -asterisk-11.14.2.ebuild,
|
|
-asterisk-11.14.2-r1.ebuild, -asterisk-11.15.0.ebuild,
|
|
-asterisk-12.7.2.ebuild, -asterisk-12.7.2-r1.ebuild, -asterisk-12.8.0.ebuild,
|
|
-asterisk-12.8.0-r1.ebuild, +asterisk-12.8.1.ebuild, -asterisk-13.1.0.ebuild,
|
|
+asterisk-13.1.1.ebuild:
|
|
Upgrades on the 12 & 13 branches for security bug #539806 (CVE-2015-1558).
|
|
Removed vulnerable ebuilds.
|
|
|
|
10 Feb 2015; Agostino Sarubbo <ago@gentoo.org> asterisk-11.15.0-r1.ebuild:
|
|
Stable for x86, wrt bug #539058
|
|
|
|
10 Feb 2015; Agostino Sarubbo <ago@gentoo.org> asterisk-11.15.0-r1.ebuild:
|
|
Stable for amd64, wrt bug #539058
|
|
|
|
*asterisk-13.1.0 (05 Jan 2015)
|
|
|
|
05 Jan 2015; Tony Vroon <chainsaw@gentoo.org> +asterisk-13.1.0.ebuild:
|
|
Introduction of the LTS 13 branch, currently masked. Expect the 12 branch to
|
|
fall away and 13 to take its place. The aim is to have only 11 marked stable
|
|
for the short term. G729 VAD patch rediffed by Jaco Kroon. Closes bug #529396
|
|
by Milos Ivanovic.
|
|
|
|
*asterisk-11.14.2-r1 (30 Dec 2014)
|
|
*asterisk-11.15.0-r1 (30 Dec 2014)
|
|
*asterisk-12.8.0-r1 (30 Dec 2014)
|
|
*asterisk-12.7.2-r1 (30 Dec 2014)
|
|
|
|
30 Dec 2014; Matthias Maier <tamiko@gentoo.org> +asterisk-11.14.2-r1.ebuild,
|
|
+asterisk-11.15.0-r1.ebuild, +asterisk-12.7.2-r1.ebuild,
|
|
+asterisk-12.8.0-r1.ebuild, +files/asterisk.service,
|
|
+files/asterisk.service.conf, +files/asterisk.tmpfiles.conf:
|
|
provide systemd service files, bug #529192
|
|
|
|
28 Dec 2014; Aaron W. Swenson <titanofold@gentoo.org>
|
|
asterisk-11.14.2.ebuild, asterisk-11.15.0.ebuild, asterisk-12.7.2.ebuild,
|
|
asterisk-12.8.0.ebuild:
|
|
Rename virtual/postgresql to dev-db/postgresql
|
|
|
|
*asterisk-12.8.0 (22 Dec 2014)
|
|
*asterisk-11.15.0 (22 Dec 2014)
|
|
|
|
22 Dec 2014; Tony Vroon <chainsaw@gentoo.org> -asterisk-11.14.1.ebuild,
|
|
+asterisk-11.15.0.ebuild, +asterisk-12.8.0.ebuild:
|
|
Remove vulnerable stable ebuild for security bug #532242. Add newer ebuilds
|
|
on both branches which contain primarily crash fixes.
|
|
|
|
21 Dec 2014; Agostino Sarubbo <ago@gentoo.org> asterisk-11.14.2.ebuild:
|
|
Stable for x86, wrt bug #532242
|
|
|
|
21 Dec 2014; Agostino Sarubbo <ago@gentoo.org> asterisk-11.14.2.ebuild:
|
|
Stable for amd64, wrt bug #532242
|
|
|
|
*asterisk-12.7.2 (16 Dec 2014)
|
|
*asterisk-11.14.2 (16 Dec 2014)
|
|
|
|
16 Dec 2014; Tony Vroon <chainsaw@gentoo.org> +asterisk-11.14.2.ebuild,
|
|
-asterisk-12.7.1.ebuild, +asterisk-12.7.2.ebuild:
|
|
Incorrect and unsafe memory handling (AST-2014-019) in res_http_websocket
|
|
addressed in both branches, vulnerable non-stable ebuilds removed. For
|
|
security bug #532242. Enable MeetMe conference support if DAHDI is enabled,
|
|
as requested by Kristian Fiskerstrand in bug #531486.
|
|
|
|
24 Nov 2014; Tony Vroon <chainsaw@gentoo.org> -asterisk-11.13.1.ebuild:
|
|
Remove vulnerable ebuilds now that stabilisation is complete. For security
|
|
bug #530056.
|
|
|
|
24 Nov 2014; Agostino Sarubbo <ago@gentoo.org> asterisk-11.14.1.ebuild:
|
|
Stable for x86, wrt bug #530056
|
|
|
|
24 Nov 2014; Agostino Sarubbo <ago@gentoo.org> asterisk-11.14.1.ebuild:
|
|
Stable for amd64, wrt bug #530056
|
|
|
|
*asterisk-12.7.1 (24 Nov 2014)
|
|
*asterisk-11.14.1 (24 Nov 2014)
|
|
|
|
24 Nov 2014; Tony Vroon <chainsaw@gentoo.org> -asterisk-11.14.0.ebuild,
|
|
+asterisk-11.14.1.ebuild, -asterisk-12.6.1.ebuild, -asterisk-12.7.0.ebuild,
|
|
+asterisk-12.7.1.ebuild:
|
|
11 branch susceptible to AST-2014-012, AST-2014-014, AST-2014-017 &
|
|
AST-2014-018. 12 branch susceptible to AST-2014-012, AST-2014-013,
|
|
AST-2014-015, AST-2014-016, AST-2014-017 & AST-2014-018. Vulnerable
|
|
non-stable ebuilds removed. For security bug #530056.
|
|
|
|
*asterisk-12.7.0 (20 Nov 2014)
|
|
*asterisk-11.14.0 (20 Nov 2014)
|
|
|
|
20 Nov 2014; Tony Vroon <chainsaw@gentoo.org> +asterisk-11.14.0.ebuild,
|
|
+asterisk-12.7.0.ebuild:
|
|
Resource leak fixes, particularly in error paths.
|
|
|
|
03 Nov 2014; Aaron W. Swenson <titanofold@gentoo.org>
|
|
asterisk-11.13.1.ebuild, asterisk-12.6.1.ebuild:
|
|
Update PostgreSQL dependencies and/or checks to virtual/postgresql.
|
|
|
|
02 Nov 2014; Sven Vermeulen <swift@gentoo.org> asterisk-11.13.1.ebuild,
|
|
asterisk-12.6.1.ebuild:
|
|
Remove sec-policy/selinux-* dependency from DEPEND but keep in RDEPEND (bug
|
|
#527698)
|
|
|
|
21 Oct 2014; Tony Vroon <chainsaw@gentoo.org> -asterisk-11.12.1.ebuild:
|
|
Remove vulnerable ebuilds now that stabilisation is complete. For security
|
|
bug #526208.
|
|
|
|
21 Oct 2014; Agostino Sarubbo <ago@gentoo.org> asterisk-11.13.1.ebuild:
|
|
Stable for x86, wrt bug #526208
|
|
|
|
21 Oct 2014; Agostino Sarubbo <ago@gentoo.org> asterisk-11.13.1.ebuild:
|
|
Stable for amd64, wrt bug #526208
|
|
|
|
*asterisk-12.6.1 (21 Oct 2014)
|
|
*asterisk-11.13.1 (21 Oct 2014)
|
|
|
|
21 Oct 2014; Tony Vroon <chainsaw@gentoo.org> -asterisk-1.8.28.2.ebuild,
|
|
-asterisk-1.8.29.0.ebuild, -asterisk-11.13.0.ebuild,
|
|
+asterisk-11.13.1.ebuild, -asterisk-12.5.1.ebuild, -asterisk-12.6.0.ebuild,
|
|
+asterisk-12.6.1.ebuild, -files/1.6.0/asterisk.confd,
|
|
-files/1.8.0/asterisk.initd4, -files/1.8.0/asterisk.initd5,
|
|
-files/1.8.0/asterisk.initd6:
|
|
New releases on the 11 & 12 branches to address the POODLE (AST-2014-011) SSL
|
|
3.0 vulnerability. The 1.8 branch is hereby removed from portage as
|
|
previously announced. 11 is low-churn and ideal to target for production
|
|
environments. Our patch sets against 1.8 cost significant effort to maintain
|
|
and essentially add 11-branch features to it.
|
|
|
|
*asterisk-12.6.0 (29 Sep 2014)
|
|
|
|
29 Sep 2014; Tony Vroon <chainsaw@gentoo.org> +asterisk-12.6.0.ebuild:
|
|
Additional resilience against invalid (ao2) object references. Now supports
|
|
empty passwords for PJSIP userpass authentication. Masquerade fixes for T38
|
|
between PJSIP and non-PJSIP chanels. FORTIFY_SOURCE fix now upstream. Modify
|
|
permissions to suit a multi-daemon setup as per Jaco Kroon in bug #507894.
|
|
|
|
*asterisk-11.13.0 (29 Sep 2014)
|
|
|
|
29 Sep 2014; Tony Vroon <chainsaw@gentoo.org> +asterisk-11.13.0.ebuild:
|
|
Additional resilience against invalid (ao2) object references. FORTIFY_SOURCE
|
|
fix now upstream. Modify permissions to suit a multi-daemon setup as per Jaco
|
|
Kroon in bug #507894.
|
|
|
|
22 Sep 2014; Tony Vroon <chainsaw@gentoo.org> -asterisk-11.10.2.ebuild:
|
|
Remove vulnerable ebuild for security bug #523216 as stabilisation is
|
|
complete. 1.8 branch not affected.
|
|
|
|
20 Sep 2014; Agostino Sarubbo <ago@gentoo.org> asterisk-11.12.1.ebuild:
|
|
Stable for x86, wrt bug #523216
|
|
|
|
20 Sep 2014; Agostino Sarubbo <ago@gentoo.org> asterisk-11.12.1.ebuild:
|
|
Stable for amd64, wrt bug #523216
|
|
|
|
*asterisk-12.5.1 (19 Sep 2014)
|
|
*asterisk-11.12.1 (19 Sep 2014)
|
|
|
|
19 Sep 2014; Tony Vroon <chainsaw@gentoo.org> -asterisk-11.11.0.ebuild,
|
|
-asterisk-11.12.0.ebuild, +asterisk-11.12.1.ebuild, -asterisk-12.3.2.ebuild,
|
|
-asterisk-12.4.0.ebuild, -asterisk-12.5.0.ebuild, +asterisk-12.5.1.ebuild:
|
|
Upstream fix to fully respect SpanDSP API and avoid a potential null pointer
|
|
dereference. On the 12 branch, additional input validation for the PubSub
|
|
framework in PJSIP. Remove older non-stable ebuilds.
|
|
|
|
18 Sep 2014; Tony Vroon <chainsaw@gentoo.org> asterisk-1.8.28.2.ebuild,
|
|
asterisk-1.8.29.0.ebuild, asterisk-11.10.2.ebuild, asterisk-11.11.0.ebuild,
|
|
asterisk-11.12.0.ebuild, asterisk-12.3.2.ebuild, asterisk-12.4.0.ebuild,
|
|
asterisk-12.5.0.ebuild:
|
|
Add missing build-time dependency on pkgconfig, as identified by cyberbat in
|
|
bug #522396.
|
|
|
|
*asterisk-12.5.0 (20 Aug 2014)
|
|
*asterisk-11.12.0 (20 Aug 2014)
|
|
|
|
20 Aug 2014; Tony Vroon <chainsaw@gentoo.org> +asterisk-11.12.0.ebuild,
|
|
+asterisk-12.5.0.ebuild:
|
|
Squelching the FORTIFY_SOURCE warnings, as we have this in our GCC specs the
|
|
build system should not try to apply it again on the command line. At long
|
|
last handles large SIP-over-SSL packets correctly. LUA vs convential dial
|
|
plan context clashes found & fixed.
|
|
|
|
*asterisk-12.4.0 (14 Jul 2014)
|
|
*asterisk-11.11.0 (14 Jul 2014)
|
|
*asterisk-1.8.29.0 (14 Jul 2014)
|
|
|
|
14 Jul 2014; Tony Vroon <chainsaw@gentoo.org> +asterisk-1.8.29.0.ebuild,
|
|
+asterisk-11.11.0.ebuild, +asterisk-12.4.0.ebuild:
|
|
New development on the 12 branch adds persistent connection support on the
|
|
built-in HTTP server. Fixes trickling down to stable branches include making
|
|
ast_careful_fwrite careful enough to avoid infinite loops and avoiding
|
|
unnecessary MOH restarts. Downstream patchset unchanged.
|
|
|
|
23 Jun 2014; Tony Vroon <chainsaw@gentoo.org> -asterisk-1.8.26.1.ebuild,
|
|
-asterisk-11.8.1.ebuild, -asterisk-12.1.1.ebuild, -asterisk-12.2.0.ebuild:
|
|
Remove vulnerable ebuilds for security bug #513102, as requested by Agostino
|
|
"ago" Sarubbo.
|
|
|
|
21 Jun 2014; Agostino Sarubbo <ago@gentoo.org> asterisk-1.8.28.2.ebuild,
|
|
asterisk-11.10.2.ebuild:
|
|
Stable for x86, wrt bug #513102
|
|
|
|
21 Jun 2014; Agostino Sarubbo <ago@gentoo.org> asterisk-1.8.28.2.ebuild,
|
|
asterisk-11.10.2.ebuild:
|
|
Stable for amd64, wrt bug #513102
|
|
|
|
*asterisk-12.3.2 (16 Jun 2014)
|
|
|
|
16 Jun 2014; Tony Vroon <chainsaw@gentoo.org> -asterisk-12.3.1.ebuild,
|
|
+asterisk-12.3.2.ebuild:
|
|
Upstream distributed a broken release that did not carry traffic for SIP over
|
|
TCP or SIP over TLS. This remains masked and is not recommended for
|
|
production deployments.
|
|
|
|
*asterisk-11.10.2 (16 Jun 2014)
|
|
*asterisk-1.8.28.2 (16 Jun 2014)
|
|
|
|
16 Jun 2014; Tony Vroon <chainsaw@gentoo.org> -asterisk-1.8.28.1.ebuild,
|
|
+asterisk-1.8.28.2.ebuild, -asterisk-11.10.1.ebuild,
|
|
+asterisk-11.10.2.ebuild:
|
|
Upstream distributed a broken release that did not carry traffic for SIP over
|
|
TCP or SIP over TLS.
|
|
|
|
*asterisk-12.3.1 (14 Jun 2014)
|
|
|
|
14 Jun 2014; Tony Vroon <chainsaw@gentoo.org> -asterisk-12.1.1.ebuild,
|
|
-asterisk-12.2.0.ebuild, -asterisk-12.3.0.ebuild, +asterisk-12.3.1.ebuild:
|
|
And now for the 12 branch, which has additional vulnerabilities in the PJSIP
|
|
channel driver. MixMonitor AMI command allowed arbitrary shell commands to be
|
|
executed (AST-2014-006). Upstream replacement of plain broken SSL read
|
|
implementation as part of an HTTPS denial of service (AST-2014-007) finally
|
|
fixes ASTERISK-18345 after almost three years. Relevant downstream patch
|
|
removed, this means we were very likely not vulnerable. Resolves a remote
|
|
crash in publish/subscribe framework (AST-2014-005) due to deadlock on a
|
|
synchronously dispatched task.
|
|
|
|
*asterisk-12.3.1 (14 Jun 2014)
|
|
|
|
14 Jun 2014; Tony Vroon <chainsaw@gentoo.org> -asterisk-12.1.1.ebuild,
|
|
-asterisk-12.2.0.ebuild, -asterisk-12.3.0.ebuild, +asterisk-12.3.1.ebuild:
|
|
And now for the 12 branch, which has additional vulnerabilities in the PJSIP
|
|
channel driver. MixMonitor AMI command allowed arbitrary shell commands to be
|
|
executed (AST-2014-006). Upstream replacement of plain broken SSL read
|
|
implementation as part of an HTTPS denial of service (AST-2014-007) finally
|
|
fixes ASTERISK-18345 after almost three years. Relevant downstream patch
|
|
removed, this means we were very likely not vulnerable. Resolves a remote
|
|
crash in publish/subscribe framework (AST-2014-005) due to deadlock on a
|
|
synchronously dispatched task.
|
|
|
|
*asterisk-11.10.1 (14 Jun 2014)
|
|
*asterisk-1.8.28.1 (14 Jun 2014)
|
|
|
|
14 Jun 2014; Tony Vroon <chainsaw@gentoo.org> -asterisk-1.8.27.0.ebuild,
|
|
-asterisk-1.8.28.0.ebuild, +asterisk-1.8.28.1.ebuild,
|
|
-asterisk-11.9.0.ebuild, -asterisk-11.10.0.ebuild, +asterisk-11.10.1.ebuild:
|
|
MixMonitor AMI command allowed arbitrary shell commands to be executed
|
|
(AST-2014-006). Upstream replacement of plain broken SSL read implementation
|
|
as part of an HTTPS denial of service (AST-2014-007) finally fixes
|
|
ASTERISK-18345 after almost three years. Relevant downstream patch removed,
|
|
this means we were very likely not vulnerable.
|
|
|
|
*asterisk-12.3.0 (02 Jun 2014)
|
|
|
|
02 Jun 2014; Tony Vroon <chainsaw@gentoo.org> +asterisk-12.3.0.ebuild:
|
|
Significant string handling fixes as encouraged by GCC 4.10; leak fixes for
|
|
PJSIP. Still not recommended for production deployment, remains masked.
|
|
|
|
*asterisk-11.10.0 (30 May 2014)
|
|
*asterisk-1.8.28.0 (30 May 2014)
|
|
|
|
30 May 2014; Tony Vroon <chainsaw@gentoo.org> +asterisk-1.8.28.0.ebuild,
|
|
+asterisk-11.10.0.ebuild:
|
|
Bugfixes trickling down from Asterisk 12 development, particularly around
|
|
string handling and signedness mismatches (GCC 4.10 is clamping down on this
|
|
hard). T38 backport patch rediffed for 1.8 branch.
|
|
|
|
08 May 2014; Tony Vroon <chainsaw@gentoo.org> asterisk-1.8.26.1.ebuild,
|
|
asterisk-1.8.27.0.ebuild, asterisk-11.8.1.ebuild, asterisk-11.9.0.ebuild,
|
|
asterisk-12.1.1.ebuild, asterisk-12.2.0.ebuild:
|
|
Update ebuild dependencies to ensure only the 2.6 slot of gmime is selected.
|
|
Inverting the search order in the configure script was only a partial fix. As
|
|
pointed out by Pacho Ramos in bug #439846.
|
|
|
|
*asterisk-12.2.0 (25 Apr 2014)
|
|
|
|
25 Apr 2014; Tony Vroon <chainsaw@gentoo.org> +asterisk-12.2.0.ebuild:
|
|
Adds HEPv3 protocol support and PJSIP gains DNS client abilities that unlock
|
|
SRV records & weighting. This branch remains experimental and is not
|
|
recommended for production use at this time.
|
|
|
|
*asterisk-1.8.27.0 (25 Apr 2014)
|
|
|
|
25 Apr 2014; Tony Vroon <chainsaw@gentoo.org> +asterisk-1.8.27.0.ebuild:
|
|
Select bug fixes as cherry picked from the 11 branch. TLS chaining support
|
|
finally upstream. Move up to 11 if you still use this.
|
|
|
|
*asterisk-11.9.0 (25 Apr 2014)
|
|
|
|
25 Apr 2014; Tony Vroon <chainsaw@gentoo.org> +asterisk-11.9.0.ebuild:
|
|
Bug fix release, fixes include but are not limited to dial plan functions
|
|
coping with a NULL channel (AMI global function), correct NULL handling in
|
|
ODBC, advertising MESSAGE support in SIP headers, SpanDSP API adherence and
|
|
protection against non-G711 data in fax detection routines. TLS chaining
|
|
support finally upstream.
|
|
|
|
11 Mar 2014; Agostino Sarubbo <ago@gentoo.org> -asterisk-1.8.25.0.ebuild,
|
|
-asterisk-11.7.0.ebuild:
|
|
Remove old
|
|
|
|
11 Mar 2014; Agostino Sarubbo <ago@gentoo.org> asterisk-1.8.26.1.ebuild,
|
|
asterisk-11.8.1.ebuild:
|
|
Stable for x86, wrt bug #504180
|
|
|
|
11 Mar 2014; Agostino Sarubbo <ago@gentoo.org> asterisk-1.8.26.1.ebuild,
|
|
asterisk-11.8.1.ebuild:
|
|
Stable for amd64, wrt bug #504180
|
|
|
|
*asterisk-12.1.1 (11 Mar 2014)
|
|
*asterisk-11.8.1 (11 Mar 2014)
|
|
*asterisk-1.8.26.1 (11 Mar 2014)
|
|
|
|
11 Mar 2014; Tony Vroon <chainsaw@gentoo.org> -asterisk-1.8.26.0.ebuild,
|
|
+asterisk-1.8.26.1.ebuild, -asterisk-11.7.0-r1.ebuild,
|
|
-asterisk-11.8.0.ebuild, +asterisk-11.8.1.ebuild, -asterisk-12.0.0.ebuild,
|
|
-asterisk-12.1.0.ebuild, +asterisk-12.1.1.ebuild:
|
|
New releases in all three branches to address a stack overflow in HTTP cookie
|
|
header processing, a file descriptor exhaustion through session timers in
|
|
chan_sip and two remote crashes in PJSIP (12 branch only). Removed all
|
|
vulnerable non-stable ebuilds. Upstream vulnerability reports AST-2014-001,
|
|
002, 003 & 004.
|
|
|
|
*asterisk-12.1.0 (04 Mar 2014)
|
|
|
|
04 Mar 2014; Tony Vroon <chainsaw@gentoo.org> +asterisk-12.1.0.ebuild:
|
|
Version bump on the 12 branch. This, at long last, merges the TLS chaining
|
|
support. Still not recommended for production deployments at this time.
|
|
|
|
*asterisk-1.8.26.0 (04 Mar 2014)
|
|
|
|
04 Mar 2014; Tony Vroon <chainsaw@gentoo.org> +asterisk-1.8.26.0.ebuild:
|
|
Version bump on the 1.8 branch. If you still use this, you should be thinking
|
|
about 11.
|
|
|
|
*asterisk-11.8.0 (04 Mar 2014)
|
|
|
|
04 Mar 2014; Tony Vroon <chainsaw@gentoo.org> +asterisk-11.8.0.ebuild:
|
|
Fixes a crash on hangup cause set, which is a regression introduced by an
|
|
earlier fix. Performance improvements for high console verbosity. Updated
|
|
G729 VAD detection patch by Jaco Kroon, closes bug #496584.
|
|
|
|
*asterisk-11.7.0-r1 (06 Feb 2014)
|
|
|
|
06 Feb 2014; Tony Vroon <chainsaw@gentoo.org> +asterisk-11.7.0-r1.ebuild:
|
|
Stop blowing up the V21 tone detector in SpanDSP by sanitising the input data
|
|
properly. Patch by Michal Rybarik scavenged from an upstream bug report by
|
|
Jaco Kroon. Closes bug #500504.
|
|
|
|
*asterisk-12.0.0 (13 Jan 2014)
|
|
|
|
13 Jan 2014; Tony Vroon <chainsaw@gentoo.org> +asterisk-12.0.0.ebuild:
|
|
First release on the 12 branch. This is not LTS, and uses the new PJSIP-based
|
|
SIP channel. If in doubt, you are not ready for this.
|
|
|
|
08 Jan 2014; Mike Frysinger <vapier@gentoo.org> asterisk-1.8.25.0.ebuild,
|
|
asterisk-11.7.0.ebuild:
|
|
Inherit the user eclass for enewuser/etc...
|
|
|
|
23 Dec 2013; Tony Vroon <chainsaw@gentoo.org> -asterisk-1.8.23.1.ebuild,
|
|
-asterisk-1.8.24.0.ebuild, -asterisk-11.5.1.ebuild, -asterisk-11.6.0.ebuild,
|
|
-asterisk-11.6.0-r1.ebuild:
|
|
Remove all vulnerable ebuilds for AST-2013-006 & AST-2013-007; for security
|
|
bug #494630.
|
|
|
|
23 Dec 2013; Agostino Sarubbo <ago@gentoo.org> asterisk-1.8.25.0.ebuild,
|
|
asterisk-11.7.0.ebuild:
|
|
Stable for x86, wrt bug #494630
|
|
|
|
23 Dec 2013; Agostino Sarubbo <ago@gentoo.org> asterisk-1.8.25.0.ebuild,
|
|
asterisk-11.7.0.ebuild:
|
|
Stable for amd64, wrt bug #494630
|
|
|
|
*asterisk-11.7.0 (18 Dec 2013)
|
|
*asterisk-1.8.25.0 (18 Dec 2013)
|
|
|
|
18 Dec 2013; Tony Vroon <chainsaw@gentoo.org> +asterisk-1.8.25.0.ebuild,
|
|
+asterisk-11.7.0.ebuild:
|
|
Upgrades on both branches for memory corruption (AST-2013-006) & security
|
|
bypass (AST-2013-007) vulnerabilities, as per Agostino Sarubbo in security
|
|
bug #494630. Squelch unnecessary chatter from build system, as per Patryk
|
|
Rzadzinski in bug #489862.
|
|
|
|
*asterisk-11.6.0-r1 (30 Oct 2013)
|
|
|
|
30 Oct 2013; Tony Vroon <chainsaw@gentoo.org> +asterisk-11.6.0-r1.ebuild:
|
|
A useful response to the debug USE-flag, as suggested by Kerin Millar and
|
|
implemented by Jaco Kroon. Closes bug #346959.
|
|
|
|
27 Oct 2013; Pacho Ramos <pacho@gentoo.org> metadata.xml:
|
|
Voip herd is removed: http://article.gmane.org/gmane.linux.gentoo.devel/88434
|
|
|
|
*asterisk-1.8.24.0 (22 Oct 2013)
|
|
|
|
22 Oct 2013; Tony Vroon <chainsaw@gentoo.org> +asterisk-1.8.24.0.ebuild:
|
|
Version bump.
|
|
|
|
*asterisk-11.6.0 (22 Oct 2013)
|
|
|
|
22 Oct 2013; Tony Vroon <chainsaw@gentoo.org> +asterisk-11.6.0.ebuild:
|
|
Version bump. Features improved NAT support and plugs a memory leak in the
|
|
logger.
|
|
|
|
28 Aug 2013; Agostino Sarubbo <ago@gentoo.org> -asterisk-1.8.20.2.ebuild,
|
|
-asterisk-11.2.2.ebuild:
|
|
Remove old
|
|
|
|
28 Aug 2013; Agostino Sarubbo <ago@gentoo.org> asterisk-1.8.23.1.ebuild,
|
|
asterisk-11.5.1.ebuild:
|
|
Stable for x86, wrt bug #482776
|
|
|
|
28 Aug 2013; Agostino Sarubbo <ago@gentoo.org> asterisk-1.8.23.1.ebuild,
|
|
asterisk-11.5.1.ebuild:
|
|
Stable for amd64, wrt bug #482776
|
|
|
|
*asterisk-11.5.1 (28 Aug 2013)
|
|
*asterisk-1.8.23.1 (28 Aug 2013)
|
|
|
|
28 Aug 2013; Tony Vroon <chainsaw@gentoo.org> -asterisk-1.8.22.0.ebuild,
|
|
-asterisk-1.8.23.0.ebuild, +asterisk-1.8.23.1.ebuild,
|
|
-asterisk-11.4.0.ebuild, -asterisk-11.5.0.ebuild, +asterisk-11.5.1.ebuild,
|
|
+files/1.8.0/asterisk.initd7:
|
|
Security upgrades for AST-2013-004 & AST-2013-005 on both branches.
|
|
Behavioral improvements for G729 VAD, closes bug #480928. Add missed
|
|
ownership checks to init script, closes bug #482688. Both by Jaco Kroon.
|
|
Removed all insecure non-stable ebuilds.
|
|
|
|
31 Jul 2013; Tony Vroon <chainsaw@gentoo.org> asterisk-1.8.20.2.ebuild,
|
|
-asterisk-1.8.21.0.ebuild, asterisk-1.8.22.0.ebuild,
|
|
asterisk-1.8.23.0.ebuild, asterisk-11.2.2.ebuild, -asterisk-11.3.0.ebuild,
|
|
asterisk-11.4.0.ebuild, asterisk-11.5.0.ebuild:
|
|
Make our inability to co-exist with net-libs/pjsip explicit to avoid any
|
|
build failures. Closes bug #47812 by Steven Lai. Removed older non-stable
|
|
builds on both branches.
|
|
|
|
*asterisk-11.5.0 (23 Jul 2013)
|
|
*asterisk-1.8.23.0 (23 Jul 2013)
|
|
|
|
23 Jul 2013; Tony Vroon <chainsaw@gentoo.org> +asterisk-1.8.23.0.ebuild,
|
|
+asterisk-11.5.0.ebuild, +files/1.8.0/asterisk.initd6:
|
|
Bugfix releases on both branches. Completely revised init script by Jaco
|
|
Kroon that supports running multiple Asterisk instances on a single host,
|
|
closes bug #473224.
|
|
|
|
*asterisk-1.8.22.0 (20 May 2013)
|
|
|
|
20 May 2013; Tony Vroon <chainsaw@gentoo.org> +asterisk-1.8.22.0.ebuild:
|
|
One of the last bugfix releases on the 1.8 branch. You need to migrate to 11.
|
|
And soon.
|
|
|
|
*asterisk-11.4.0 (20 May 2013)
|
|
|
|
20 May 2013; Tony Vroon <chainsaw@gentoo.org> +asterisk-11.4.0.ebuild:
|
|
In a refreshing change of heart, upstream now care about parallel build
|
|
failures. Drop our relevant two downstream patches. Fixes a
|
|
res_timing_pthread deadlock, an FD leak in the web server and more SRTP
|
|
decryption/white noise issues.
|
|
|
|
30 Mar 2013; Tony Vroon <chainsaw@gentoo.org> -asterisk-1.8.20.1.ebuild,
|
|
-asterisk-11.2.1.ebuild:
|
|
Remove vulnerable ebuilds after stabling, for security bug #463622.
|
|
|
|
30 Mar 2013; Agostino Sarubbo <ago@gentoo.org> asterisk-1.8.20.2.ebuild,
|
|
asterisk-11.2.2.ebuild:
|
|
Stable for x86, wrt bug #463622
|
|
|
|
30 Mar 2013; Agostino Sarubbo <ago@gentoo.org> asterisk-1.8.20.2.ebuild,
|
|
asterisk-11.2.2.ebuild:
|
|
Stable for amd64, wrt bug #463622
|
|
|
|
*asterisk-11.3.0 (29 Mar 2013)
|
|
*asterisk-1.8.21.0 (29 Mar 2013)
|
|
|
|
29 Mar 2013; Tony Vroon <chainsaw@gentoo.org> +asterisk-1.8.21.0.ebuild,
|
|
+asterisk-11.3.0.ebuild:
|
|
Bugfix releases on both branches. Native RTP bridging is no longer attempted
|
|
if packetisation differs, this helps to prevent fax failures. Improved
|
|
locking to prevent deadlocks.
|
|
|
|
*asterisk-11.2.2 (28 Mar 2013)
|
|
*asterisk-1.8.20.2 (28 Mar 2013)
|
|
|
|
28 Mar 2013; Tony Vroon <chainsaw@gentoo.org> -asterisk-1.8.19.1.ebuild,
|
|
-asterisk-1.8.20.0.ebuild, +asterisk-1.8.20.2.ebuild,
|
|
-asterisk-11.1.2.ebuild, -asterisk-11.2.0.ebuild, -asterisk-11.2.1-r2.ebuild,
|
|
+asterisk-11.2.2.ebuild:
|
|
Security upgrade to address a boundary error in H264 video SDP handling,
|
|
naive Content-Length variable parsing in HTTP POST requests and an
|
|
information leak around account existence for the SIP channel driver.
|
|
|
|
*asterisk-11.2.1-r2 (06 Mar 2013)
|
|
|
|
06 Mar 2013; Tony Vroon <chainsaw@gentoo.org> -asterisk-11.2.1-r1.ebuild,
|
|
+asterisk-11.2.1-r2.ebuild:
|
|
Stop installing the /var/run directory structure, closes bug #451808. Two
|
|
additional stability fixes, closes bug #460568. Removing -r1 ebuild as the
|
|
reload protections within it are incomplete. Use -r2 or last stable. All
|
|
patching by Jaco Kroon.
|
|
|
|
*asterisk-11.2.1-r1 (05 Mar 2013)
|
|
|
|
05 Mar 2013; Tony Vroon <chainsaw@gentoo.org> +asterisk-11.2.1-r1.ebuild:
|
|
Fix by Jaco Kroon to correctly handle error returns for dundi lookups,
|
|
previously resulting in segmentation faults. Closes bug #460406.
|
|
|
|
26 Feb 2013; Agostino Sarubbo <ago@gentoo.org> asterisk-11.2.1.ebuild:
|
|
Stable for x86, wrt bug #458126
|
|
|
|
26 Feb 2013; Agostino Sarubbo <ago@gentoo.org> asterisk-11.2.1.ebuild:
|
|
Stable for amd64, wrt bug #458126
|
|
|
|
12 Feb 2013; Agostino Sarubbo <ago@gentoo.org> asterisk-1.8.20.1.ebuild:
|
|
Stable for x86, wrt bug #456936
|
|
|
|
12 Feb 2013; Agostino Sarubbo <ago@gentoo.org> asterisk-1.8.20.1.ebuild:
|
|
Stable for amd64, wrt bug #456936
|
|
|
|
*asterisk-11.2.1 (24 Jan 2013)
|
|
*asterisk-1.8.20.1 (24 Jan 2013)
|
|
|
|
24 Jan 2013; Tony Vroon <chainsaw@gentoo.org> +files/1.8.0/asterisk.initd5,
|
|
-files/1.8.0/asterisk.initd, -files/1.8.0/asterisk.initd2,
|
|
-files/1.8.0/asterisk.initd3, +asterisk-1.8.20.1.ebuild,
|
|
+asterisk-11.2.1.ebuild:
|
|
Partial rewrite of the init script by Jaco Kroon addresses shortcomings
|
|
identified by Vincent Brillault in bug #445176. Upstream fixes include an
|
|
astcanary PID mix-up and a necessary reset of the RTP sequence counter when
|
|
SSRC changes.
|
|
|
|
*asterisk-1.8.20.0 (15 Jan 2013)
|
|
|
|
15 Jan 2013; Tony Vroon <chainsaw@gentoo.org> +asterisk-1.8.20.0.ebuild:
|
|
Bugfix release on the 1.8 branch. The fix for bug #440278 is now upstream.
|
|
|
|
*asterisk-11.2.0 (15 Jan 2013)
|
|
|
|
15 Jan 2013; Tony Vroon <chainsaw@gentoo.org> +asterisk-11.2.0.ebuild:
|
|
Bugfix release on the 11 branch. The fix for bug #440278 is now upstream.
|
|
|
|
*asterisk-11.1.2 (07 Jan 2013)
|
|
|
|
07 Jan 2013; Tony Vroon <chainsaw@gentoo.org> -asterisk-11.1.1.ebuild,
|
|
+asterisk-11.1.2.ebuild:
|
|
One final unsafe use of TCP reads onto the stack in res_xmpp; also stops
|
|
caching taking place where unnecessary. This completes the DoS protection
|
|
intended for 11.1.1; removing unsafe ebuild from tree.
|
|
|
|
04 Jan 2013; Tony Vroon <chainsaw@gentoo.org> asterisk-1.8.19.1.ebuild,
|
|
asterisk-11.1.1.ebuild:
|
|
Remove /var/run keepdir statements as per Diego Elio Pettenò in bug #450222.
|
|
|
|
04 Jan 2013; Tony Vroon <chainsaw@gentoo.org> -asterisk-10.11.1.ebuild:
|
|
As previously announced the 10 branch of Asterisk is now being removed. For
|
|
stable releases, you want the 1.8 branch. For an actively developed branch
|
|
with more features, you want the 11 branch.
|
|
|
|
03 Jan 2013; Tony Vroon <chainsaw@gentoo.org> -asterisk-1.8.18.0-r2.ebuild:
|
|
Clear vulnerable ebuild in 1.8 branch now that stabling has completed.
|
|
|
|
03 Jan 2013; Agostino Sarubbo <ago@gentoo.org> asterisk-1.8.19.1.ebuild:
|
|
Stable for amd64, wrt bug #449828
|
|
|
|
03 Jan 2013; Andreas Schuerch <nativemad@gentoo.org>
|
|
asterisk-1.8.19.1.ebuild:
|
|
x86 stable, see bug 449828
|
|
|
|
*asterisk-11.1.1 (02 Jan 2013)
|
|
*asterisk-10.11.1 (02 Jan 2013)
|
|
*asterisk-1.8.19.1 (02 Jan 2013)
|
|
|
|
02 Jan 2013; Tony Vroon <chainsaw@gentoo.org> -asterisk-1.8.15.1.ebuild,
|
|
-asterisk-1.8.18.1.ebuild, -asterisk-1.8.19.0.ebuild,
|
|
+asterisk-1.8.19.1.ebuild, -asterisk-10.10.1.ebuild,
|
|
-asterisk-10.11.0.ebuild, +asterisk-10.11.1.ebuild, -asterisk-11.0.2.ebuild,
|
|
-asterisk-11.1.0.ebuild, +asterisk-11.1.1.ebuild:
|
|
Security releases on all three branches; stop using stack allocations in TCP
|
|
receive paths, as multiple packets may be concatenated together and overflow
|
|
the stack as a result (CVE-2012-5976 / AST-2012-015). Never cache devices
|
|
that are not associated with a physical entity, as to do so allows a denial
|
|
of service through cache exhaustion (CVE-2012-5977 / AST-2012-014). Remove
|
|
all non-stable vulnerable ebuilds. As requested by Sean Amoss in bug #449828.
|
|
|
|
01 Jan 2013; Andreas K. Huettel <dilfridge@gentoo.org> +ChangeLog-2012:
|
|
Split ChangeLog.
|
|
|
|
For previous entries, please see ChangeLog-2012.
|