From 648a1ab9c3bdc2b16824697fd80bca691f65e49f Mon Sep 17 00:00:00 2001 From: Tony Vroon Date: Fri, 16 Mar 2012 10:40:04 +0000 Subject: Security update, fixing a remote DoS (no code execution, AST-2012-002) in app_milliwatt and a stack buffer overflow in the HTTP manager interface (remote code injection, AST-2012-003). As per bug #408431 by Tim Sammut. Actually honour the IAX2 trunk frequency, as per Jaco Kroon in bug #408033. Remove vulnerable ebuilds from tree. (Portage version: 2.1.10.49/cvs/Linux x86_64, signed Manifest commit with key 0xB5058F9A) --- net-misc/asterisk/Manifest | 23 +++++++---------------- 1 file changed, 7 insertions(+), 16 deletions(-) (limited to 'net-misc') diff --git a/net-misc/asterisk/Manifest b/net-misc/asterisk/Manifest index 45a4124c2933..98c9ac692ffc 100644 --- a/net-misc/asterisk/Manifest +++ b/net-misc/asterisk/Manifest @@ -14,31 +14,22 @@ DIST asterisk-1.8.10.0.tar.gz 25211602 RMD160 8ba398bab24647cfd78b9ecca393e0371c DIST asterisk-1.8.8.2.tar.gz 24776534 RMD160 140d2bafdeeb259469b1514c3c6a4d09eb17aa17 SHA1 4046350bc9143882db6569d1fa8df90a63c53f26 SHA256 8dae66785d2b3c991a04ae096ee6d85053e2ca0b7d5874075de7433b8ccf9171 DIST asterisk-1.8.9.2.tar.gz 24820991 RMD160 cd57801defd69b358979a1e2ff8db73ba3364e57 SHA1 ac53c6db9d68b36479000326d88f200057d641ef SHA256 cd02e9c655d9b97b3860a999c6ba056b683343e037a14c1d5b130260484f0128 DIST asterisk-1.8.9.3.tar.gz 24825965 RMD160 0e118391e0ecc03f5546cd2ec31f47f10af9dc1e SHA1 013ac12b372b96c0e1f2e968fd5e738eeb5fff76 SHA256 a03edefae57d0048c768f793376cff3a7dcbaf2ca8a9b3c93307f7459757fe0d -DIST asterisk-10.0.1.tar.gz 24866828 RMD160 289731127e45351047f565acd0f6372cb48cb7d1 SHA1 7a700c3c5b9af28f433f20d4267d5fc71ca32341 SHA256 f60ed688e2c8959d82e521e30dd1c2225d78bf079b5886d9cde7a86f5f55a802 -DIST asterisk-10.1.0.tar.gz 24745392 RMD160 8c08392d67c407cbb17eae84d8509daf7176808e SHA1 a2123563d37a1f1bc4222798065ec88f2943712b SHA256 6642e558fa2dc64749a209c2878536e7ec3e9672981ac41ceee794f58b7f7af0 -DIST asterisk-10.1.2.tar.gz 24735448 RMD160 972ef8066be66179e2e7d2bd1798605ad9b38320 SHA1 a07f934dee0dd77efe3a4566a515998f8b1e8627 SHA256 b62aa1083400d80ab6da179beb8c7094d97bcbdc6dae95d38f4cf011cbc4b049 -DIST asterisk-10.1.3.tar.gz 24738519 RMD160 813aacebe3b2dde1f7f49b52987f505c4d542bfd SHA1 a61574d06e6dc1a6115f9624e0d0438a85aa05e4 SHA256 c30e9a61da0af9896dc9eeab812632c7e75509022513ba970a044d3ffdcbb95c -DIST asterisk-10.2.0.tar.gz 25131266 RMD160 1cf481102232a8e733983edff079e8b7bbff0648 SHA1 bdba827120469dcb457d16887c5d2c7595942a33 SHA256 4bf64c484e7b727d3b40dc249afbbfba422119a0124d1cabe8c345b14aae192d +DIST asterisk-10.2.1.tar.gz 25121295 RMD160 ad4bf33d0d544e3a1ac28d1547c771fc6c80b31f SHA1 1353019ade550eccd7989dc87fa4313f42919fc7 SHA256 e1511569e9db2d17eb60f5ebf65dfecf679acfb1463dbd2d7d4e9a8db0ed7c1f DIST gentoo-asterisk-patchset-1.7.tar.bz2 30115 RMD160 78a9a74f0346339d63badec8e6cb001135eedde9 SHA1 81b5cfea40616d047baf866c741738f0a8037f36 SHA256 0eff0193130f5a08a0e04cc1c4ab52c535dfeea21d9894a3461b143f40c8add2 DIST gentoo-asterisk-patchset-1.8.tar.bz2 29452 RMD160 3a140e687ab8d5f32579c4eca960ca9e2949ad41 SHA1 c7aedc911d161bc6e5153f3f92df47db37314825 SHA256 2ce7225a69c43898a24a3b6ed6c2bdebfbd020eae14467a2f14cba276d7a9fd9 DIST gentoo-asterisk-patchset-1.9.tar.bz2 30535 RMD160 388d7a76a234695faba86cb08abd1def6fdc6df4 SHA1 0d41ac4ed299465d28dde5b2cb95caf6fcb4877d SHA256 daf20c321ef13083bbc707d01b8e122c37cb067ea549f5902dcea49fc05d1a2f -DIST gentoo-asterisk-patchset-2.0.tar.bz2 6125 RMD160 75fa8bf76e11ee12025ed3f38ab06998a752ad59 SHA1 f38a963c8d479a248b151f089fe172a701d6b505 SHA256 b02fb7e7e1d281a653fd98d7389a0a1777376398572c06ecb912fe7ed0b6c9e2 -DIST gentoo-asterisk-patchset-2.1.tar.bz2 7315 RMD160 6ef55959a8e3772a5878c1a84fc2e01ea5ee76b4 SHA1 e2ba7c014212bca9ee604b971f3c67010a9fd3d8 SHA256 d7244d75d93416171ac5926953bcec49f96fbf65dfafebb445d5b49c38d2cd6e +DIST gentoo-asterisk-patchset-2.2.tar.bz2 7552 RMD160 616475b5eeb899e29e51323b202a70bb8053024e SHA1 347b11bee2ea7921658f3be94e70a5e4c754bfef SHA256 0badf6a22a75f7161b35d8d44ab3801a47a32362d4a3e12c28e8703444666259 EBUILD asterisk-1.8.10.0.ebuild 8470 RMD160 9745119434d1a8bc1c5b86bceafd72f3f47ca467 SHA1 e3dafe61337f30fb263d6fb78431bd81b305727f SHA256 52ffbfc8dadecb315f2af985ab63754036e8d9c9a022750db61da301f7356869 EBUILD asterisk-1.8.8.2.ebuild 8438 RMD160 e208cef00fdced6f3b218172d0c1265c2bc1e537 SHA1 3f074f91868aabcc1665646f46522a8ed2854953 SHA256 2875a67d13b6af27526e27b65027c4adb4033ba652cc6cc06a3d72449a2c17a0 EBUILD asterisk-1.8.9.2.ebuild 8469 RMD160 fdbdc0b609397dca75a6e9a84f0e2c3d491e0690 SHA1 9878fd84d74f9395b4adae1529d0414c6e44feb0 SHA256 4cfd9eab559250c392ba893c4649349e306e77e57a6a3a47fd34cc35fcb6185a EBUILD asterisk-1.8.9.3.ebuild 8469 RMD160 82a49be3bccbc23521b3cac1fa43b6eaaf98b794 SHA1 e86cbb49f8589e2c4153df45999c4151240891ef SHA256 86f09d70b7f59a4c9a554e32a549433d8e4471825fa0910cd1ec9b4a9ae1f14f -EBUILD asterisk-10.0.1.ebuild 8517 RMD160 94ed893d72f84ddf8b1bdd3f847b7651734a9cd1 SHA1 79ed708af3629c7f80692b375b0d5eb7daa8254f SHA256 285b5e69cadc40b2cbbb2d224a56779c1e46ee6de7ce73a1def5b9c30f1a7fc5 -EBUILD asterisk-10.1.0.ebuild 8517 RMD160 843816b54be2b1cc8b7f179b449b2c84d3c2c324 SHA1 46360a155384bd5c21668e8fa1dedc8a46028ea4 SHA256 182a4273f31eb5bbe5311ae8c90f18dbcb026e06172c178f04cb357af2b914d4 -EBUILD asterisk-10.1.2.ebuild 8517 RMD160 43876b520fac6cb290b7b5e997f8fe649c217432 SHA1 da9708371ae269606396b681d49c66ac07fc049e SHA256 7f386f7fc35b93901288c522ce51ff2c20cf3a9e40f3d9dda7f07c20410bce23 -EBUILD asterisk-10.1.3.ebuild 8517 RMD160 a55f37bb6b1f3f806fff77039663f87aea47caca SHA1 f335c64dc0a0e613ec6a0cc43b64d288084579b6 SHA256 f96116e53b35072752b1e877192a28d08af0a7248433fc6f09d84b82011c294b -EBUILD asterisk-10.2.0.ebuild 8517 RMD160 ec0c241a87a05a9ce5448cab45edc55bc087def2 SHA1 60f8c8d254c2e06ff9f00d5ebdc9c0ade381e7a1 SHA256 0f213283f600a65b6d165dccb3a9620fd8e662cece730bda27d855032902a691 -MISC ChangeLog 96302 RMD160 20fb8e162984034bf0d477946345e9c3bf89247a SHA1 99064b405f5993a2332d1e3f1ca4540b48745885 SHA256 b648cc9eaba3f4f7f4f2241b0732b762b71d00d1f0c03db895f30454ce7f2012 +EBUILD asterisk-10.2.1.ebuild 8517 RMD160 88af390521d52a3b6a9a7e08559d33307417a2b3 SHA1 a2e0e9e723a6cd68edeecc753f18edc0988cab74 SHA256 4e36d276248d5c37f9c766bf667238cc715883561e216ea683b5303f7b172495 +MISC ChangeLog 96879 RMD160 c7ed1d266978273eb9cd7db98686006678f050d0 SHA1 9d9f822cbe723533ecb4786ac1a2df494de30873 SHA256 92eb0b0c9180e36911888683d874d6a9764f7a4abad5dc88ac569a5e00c3ed8e MISC metadata.xml 1028 RMD160 5b59e20d3efbe652abf786d05a7b9744105a088b SHA1 e718c3ce0210047b34a05c92ff8a7b4707316e17 SHA256 63267079fefbcc798d902e6b9822609df79c756a9934c3ad3abdabfbad357de5 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (GNU/Linux) -iEYEARECAAYFAk9fOREACgkQp5vW4rUFj5r4/QCffVon7fBgs3Nft9mzaBph1oW3 -UI4AoLNYuSS8cHx8CKSktTPfzcLKnfmj -=4CpH +iEYEARECAAYFAk9jGIcACgkQp5vW4rUFj5ry/gCfTR9RKHNXn4yWkXR/FnhAEx64 +HZAAmwR7kplh+oICVT+0YoS3aWSEVstI +=uoff -----END PGP SIGNATURE----- -- cgit v1.2.3-65-gdbad