Package: asterisk / 1:1.8.13.1~dfsg1-3+deb7u3

Metadata

Package Version Patches format
asterisk 1:1.8.13.1~dfsg1-3+deb7u3 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
allow tilde destdir | (download)

Makefile | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 
 relax badshell tilde test
hack multiple app voicemail | (download)

Makefile.moddir_rules | 2 1 + 1 - 0 !
apps/Makefile | 21 21 + 0 - 0 !
2 files changed, 22 insertions(+), 1 deletion(-)

 
 build multiple versions of app_voicemail.so
safe_asterisk config | (download)

contrib/scripts/safe_asterisk | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

 
 use /etc/default/settings for configuring safe_asterisk (vendor specific)
safe_asterisk nobg | (download)

contrib/scripts/safe_asterisk | 7 6 + 1 - 0 !
1 file changed, 6 insertions(+), 1 deletion(-)

 
 add an option to safe_asterisk so that it won't background.
astgenkey security | (download)

contrib/scripts/astgenkey | 4 4 + 0 - 0 !
1 file changed, 4 insertions(+)

 
 astgenkey should generate a private key that is not world-readable
reinclude_docs | (download)

Makefile | 9 9 + 0 - 0 !
doc/CODING-GUIDELINES | 982 982 + 0 - 0 !
doc/HOWTO_collect_debug_information.txt | 89 89 + 0 - 0 !
doc/India-CID.txt | 75 75 + 0 - 0 !
doc/PEERING | 503 503 + 0 - 0 !
doc/README.txt | 10 0 + 10 - 0 !
doc/advice_of_charge.txt | 189 189 + 0 - 0 !
doc/asterisk-mib.txt | 778 778 + 0 - 0 !
doc/backtrace.txt | 277 277 + 0 - 0 !
doc/building_queues.txt | 823 823 + 0 - 0 !
doc/callfiles.txt | 139 139 + 0 - 0 !
doc/chan_sip-perf-testing.txt | 110 110 + 0 - 0 !
doc/cli.txt | 33 33 + 0 - 0 !
doc/codec-64bit.txt | 47 47 + 0 - 0 !
doc/database_transactions.txt | 29 29 + 0 - 0 !
doc/datastores.txt | 63 63 + 0 - 0 !
doc/digium-mib.txt | 24 24 + 0 - 0 !
doc/distributed_devstate-XMPP.txt | 433 433 + 0 - 0 !
doc/distributed_devstate.txt | 320 320 + 0 - 0 !
doc/externalivr.txt | 197 197 + 0 - 0 !
doc/followme.txt | 32 32 + 0 - 0 !
doc/google-soc2009-ideas.txt | 3 3 + 0 - 0 !
doc/hoard.txt | 38 38 + 0 - 0 !
doc/jabber.txt | 107 107 + 0 - 0 !
doc/janitor-projects.txt | 28 28 + 0 - 0 !
doc/jingle.txt | 10 10 + 0 - 0 !
doc/ldap.txt | 65 65 + 0 - 0 !
doc/macroexclusive.txt | 78 78 + 0 - 0 !
doc/manager_1_1.txt | 454 454 + 0 - 0 !
doc/modules.txt | 25 25 + 0 - 0 !
doc/osp.txt | 747 747 + 0 - 0 !
doc/queue.txt | 39 39 + 0 - 0 !
doc/realtimetext.txt | 84 84 + 0 - 0 !
doc/res_config_sqlite.txt | 124 124 + 0 - 0 !
doc/rtp-packetization.txt | 75 75 + 0 - 0 !
doc/sip-retransmit.txt | 126 126 + 0 - 0 !
doc/siptls.txt | 97 97 + 0 - 0 !
doc/smdi.txt | 137 137 + 0 - 0 !
doc/sms.txt | 147 147 + 0 - 0 !
doc/snmp.txt | 53 53 + 0 - 0 !
doc/speechrec.txt | 295 295 + 0 - 0 !
doc/ss7.txt | 116 116 + 0 - 0 !
doc/tex/Makefile | 76 76 + 0 - 0 !
doc/tex/README.txt | 24 24 + 0 - 0 !
doc/tex/ael.tex | 1305 1305 + 0 - 0 !
doc/tex/ajam.tex | 97 97 + 0 - 0 !
doc/tex/app-sms.tex | 518 518 + 0 - 0 !
doc/tex/asterisk-conf.tex | 149 149 + 0 - 0 !
doc/tex/asterisk.tex | 183 183 + 0 - 0 !
doc/tex/backtrace.tex | 217 217 + 0 - 0 !
doc/tex/billing.tex | 86 86 + 0 - 0 !
doc/tex/calendaring.tex | 206 206 + 0 - 0 !
doc/tex/ccss.tex | 414 414 + 0 - 0 !
doc/tex/cdrdriver.tex | 509 509 + 0 - 0 !
doc/tex/cel-doc.tex | 958 958 + 0 - 0 !
doc/tex/celdriver.tex | 451 451 + 0 - 0 !
doc/tex/chan-mobile.tex | 262 262 + 0 - 0 !
doc/tex/chaniax.tex | 84 84 + 0 - 0 !
doc/tex/channelvariables.tex | 1066 1066 + 0 - 0 !
doc/tex/cliprompt.tex | 29 29 + 0 - 0 !
doc/tex/configuration.tex | 233 233 + 0 - 0 !
doc/tex/dundi.tex | 41 41 + 0 - 0 !
doc/tex/enum.tex | 355 355 + 0 - 0 !
doc/tex/extensions.tex | 79 79 + 0 - 0 !
doc/tex/freetds.tex | 6 6 + 0 - 0 !
doc/tex/hardware.tex | 100 100 + 0 - 0 !
doc/tex/ices.tex | 7 7 + 0 - 0 !
doc/tex/imapstorage.tex | 241 241 + 0 - 0 !
doc/tex/jitterbuffer.tex | 98 98 + 0 - 0 !
doc/tex/localchannel.tex | 508 508 + 0 - 0 !
doc/tex/manager.tex | 274 274 + 0 - 0 !
doc/tex/misdn.tex | 282 282 + 0 - 0 !
doc/tex/mp3.tex | 11 11 + 0 - 0 !
doc/tex/odbcstorage.tex | 34 34 + 0 - 0 !
doc/tex/partymanip.tex | 331 331 + 0 - 0 !
doc/tex/phoneprov.tex | 307 307 + 0 - 0 !
doc/tex/plc.tex | 139 139 + 0 - 0 !
doc/tex/privacy.tex | 364 364 + 0 - 0 !
doc/tex/qos.tex | 144 144 + 0 - 0 !
doc/tex/queuelog.tex | 118 118 + 0 - 0 !
doc/tex/queues-with-callback-members.tex | 551 551 + 0 - 0 !
doc/tex/realtime.tex | 150 150 + 0 - 0 !
doc/tex/secure-calls.tex | 45 45 + 0 - 0 !
doc/tex/security-events.tex | 250 250 + 0 - 0 !
doc/tex/security.tex | 80 80 + 0 - 0 !
doc/tex/sla.tex | 387 387 + 0 - 0 !
doc/tex/sounds.tex | 80 80 + 0 - 0 !
doc/timing.txt | 90 90 + 0 - 0 !
doc/unistim.txt | 127 127 + 0 - 0 !
doc/valgrind.txt | 24 24 + 0 - 0 !
doc/video.txt | 47 47 + 0 - 0 !
doc/video_console.txt | 159 159 + 0 - 0 !
doc/voicemail_odbc_postgresql.txt | 454 454 + 0 - 0 !
93 files changed, 20750 insertions(+), 10 deletions(-)

 
 [patch] remove most of the contents of the doc dir in favor of the
 wiki content.
sound_files | (download)

sounds/sounds.xml | 2 0 + 2 - 0 !
1 file changed, 2 deletions(-)

 
 avoid downloading extra sound files
mpglib | (download)

addons/mp3/MPGLIB_README | 39 39 + 0 - 0 !
addons/mp3/MPGLIB_TODO | 2 2 + 0 - 0 !
addons/mp3/Makefile | 24 24 + 0 - 0 !
addons/mp3/README | 1 1 + 0 - 0 !
addons/mp3/common.c | 267 267 + 0 - 0 !
addons/mp3/dct64_i386.c | 335 335 + 0 - 0 !
addons/mp3/decode_i386.c | 153 153 + 0 - 0 !
addons/mp3/decode_ntom.c | 219 219 + 0 - 0 !
addons/mp3/huffman.h | 332 332 + 0 - 0 !
addons/mp3/interface.c | 323 323 + 0 - 0 !
addons/mp3/layer3.c | 2029 2029 + 0 - 0 !
addons/mp3/mpg123.h | 132 132 + 0 - 0 !
addons/mp3/mpglib.h | 75 75 + 0 - 0 !
addons/mp3/tabinit.c | 81 81 + 0 - 0 !
14 files changed, 4012 insertions(+)

 
 mpglib code originally in asterisk-addons
enable_addons | (download)

addons/app_mysql.c | 1 0 + 1 - 0 !
addons/app_saycountpl.c | 1 0 + 1 - 0 !
addons/cdr_mysql.c | 1 0 + 1 - 0 !
addons/chan_mobile.c | 1 0 + 1 - 0 !
addons/chan_ooh323.c | 1 0 + 1 - 0 !
addons/format_mp3.c | 1 0 + 1 - 0 !
addons/res_config_mysql.c | 1 0 + 1 - 0 !
7 files changed, 7 deletions(-)

 
 enable modules formly from asterisk-addons
no_uname | (download)

bootstrap.sh | 4 0 + 4 - 0 !
1 file changed, 4 deletions(-)

 
---
kfreebsd | (download)

channels/chan_oss.c | 2 1 + 1 - 0 !
main/Makefile | 2 1 + 1 - 0 !
main/netsock.c | 2 1 + 1 - 0 !
3 files changed, 3 insertions(+), 3 deletions(-)

 
---
menuselect_cflags | (download)

Makefile | 4 3 + 1 - 0 !
menuselect/Makefile | 12 6 + 6 - 0 !
2 files changed, 9 insertions(+), 7 deletions(-)

 
 pass build_cflgas and build_ldflags to menuselect

Allow menuselect to get its set of CFLAGS and LDFLAGS through the
environment of Make:

  make BUILD_CFLAGS="whatever" BUILD_LDFLAGS="whatever"

Also keep menuselect from steping over them on its own.

Commited to upstream trunk (asterisk r366002, menuselect r1033).
Will be included in asterisk 11.
ilbc_disable | (download)

codecs/Makefile | 2 2 + 0 - 0 !
codecs/codec_ilbc.c | 1 1 + 0 - 0 !
2 files changed, 3 insertions(+)

 
---
httpd_port | (download)

main/http.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 
 set httpd default port to 8088

Due to a regression in upstream's code (r353770) the port on which the
Asterisk httpd listens on by default (if it does) has changed from 8088
to 8080. Set it back to 8088.

Fixed in upstream branch 1.8. Will be included in 1.8.14 or so. No
regression in 10 and trunk.
AST 2012 012 | (download)

README-SERIOUSLY.bestpractices.txt | 51 51 + 0 - 0 !
main/manager.c | 1 1 + 0 - 0 !
2 files changed, 52 insertions(+)

 
 ast-2012-012: ami user shell access with externalivr
AST 2012 013 | (download)

channels/chan_iax2.c | 11 6 + 5 - 0 !
1 file changed, 6 insertions(+), 5 deletions(-)

 
 ast-2012-013: acl rules ignored during calls by some iax2 peers
AST 2012 014 | (download)

channels/chan_sip.c | 12 11 + 1 - 0 !
channels/sip/include/sip.h | 1 1 + 0 - 0 !
main/http.c | 20 15 + 5 - 0 !
res/res_jabber.c | 5 2 + 3 - 0 !
4 files changed, 29 insertions(+), 9 deletions(-)

 
 resolve crashes due to large stack allocations when using tcp
AST 2012 015 | (download)

apps/app_confbridge.c | 4 2 + 2 - 0 !
apps/app_meetme.c | 16 8 + 8 - 0 !
channels/chan_agent.c | 12 6 + 6 - 0 !
channels/chan_dahdi.c | 7 4 + 3 - 0 !
channels/chan_iax2.c | 31 18 + 13 - 0 !
channels/chan_local.c | 3 3 + 0 - 0 !
channels/chan_sip.c | 18 11 + 7 - 0 !
channels/chan_skinny.c | 16 8 + 8 - 0 !
funcs/func_devstate.c | 6 3 + 3 - 0 !
include/asterisk/channel.h | 6 6 + 0 - 0 !
include/asterisk/devicestate.h | 16 13 + 3 - 0 !
include/asterisk/event_defs.h | 8 7 + 1 - 0 !
main/channel.c | 5 3 + 2 - 0 !
main/devicestate.c | 51 33 + 18 - 0 !
main/event.c | 1 1 + 0 - 0 !
main/features.c | 2 1 + 1 - 0 !
res/res_calendar.c | 8 4 + 4 - 0 !
res/res_jabber.c | 61 46 + 15 - 0 !
18 files changed, 177 insertions(+), 94 deletions(-)

 
 prevent exhaustion of system resources through exploitation of event cache
CVE: CVE-2012-5977
AST 2013 002 | (download)

main/http.c | 9 9 + 0 - 0 !
1 file changed, 9 insertions(+)

 
 ast-2013-002: prevent denial of service in http server
AST 2013 003 | (download)

channels/chan_sip.c | 128 83 + 45 - 0 !
channels/sip/include/sip.h | 1 0 + 1 - 0 !
2 files changed, 83 insertions(+), 46 deletions(-)

 
 ast-2013-003: prevent username disclosure in sip channel driver
Bug: https://issues.asterisk.org/jira/browse/ASTERISK-21013
bluetooth_bind | (download)

addons/chan_mobile.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 
 fix issue where chan_mobile fails to bind to first available port
Bug: https://issues.asterisk.org/jira/browse/ASTERISK-16357
fix_xmpp_19532 | (download)

res/res_jabber.c | 12 12 + 0 - 0 !
1 file changed, 12 insertions(+)

 
 check for presence of buddy in info/dinfo handlers
Bug: https://issues.asterisk.org/jira/browse/ASTERISK-19532
AST 2013 004 | (download)

channels/chan_sip.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 
 ast-2013-004: fix crash when handling ack on dialog that has no channel
Bug: https://issues.asterisk.org/jira/browse/ASTERISK-21064
CVE: CVE-2013-5641
AST 2013 005 | (download)

channels/chan_sip.c | 8 4 + 4 - 0 !
1 file changed, 4 insertions(+), 4 deletions(-)

 
 ast-2013-005: fix crash caused by invalid sdp
Bug: https://issues.asterisk.org/jira/browse/ASTERISK-22007
CVE: CVE-2013-5642
AST 2013 006 | (download)

apps/app_sms.c | 3 2 + 1 - 0 !
1 file changed, 2 insertions(+), 1 deletion(-)

 
 app_sms: bufferoverflow when receiving odd length 16 bit message
ASTERISK 20658 | (download)

funcs/func_realtime.c | 17 17 + 0 - 0 !
main/config.c | 11 11 + 0 - 0 !
2 files changed, 28 insertions(+)

 
 prevent crashes from occurring when reading from data sources with large values

When reading configuration data from an Asterisk .conf file or when pulling
data from an Asterisk RealTime backend, Asterisk was copying the data on the
stack for manipulation. Unfortunately, it is possible to read configuration
data or realtime data from some data source that provides a large blob of
characters. This could potentially cause a crash via a stack overflow.

This patch prevents large sets of data from being read from an ARA backend or
from an Asterisk conf file.

Reported by: wdoekes
Tested by: wdoekes, mmichelson
patches:
 * issueA20658_dont_process_overlong_config_lines.patch uploaded by wdoekes (license 5674)
 * issueA20658_func_realtime_limit.patch uploaded by wdoekes (license 5674)
AST 2013 007 | (download)

README-SERIOUSLY.bestpractices.txt | 24 24 + 0 - 0 !
UPGRADE.txt | 9 9 + 0 - 0 !
configs/asterisk.conf.sample | 6 6 + 0 - 0 !
funcs/func_db.c | 20 19 + 1 - 0 !
funcs/func_env.c | 28 24 + 4 - 0 !
funcs/func_lock.c | 21 18 + 3 - 0 !
funcs/func_realtime.c | 60 40 + 20 - 0 !
funcs/func_shell.c | 19 12 + 7 - 0 !
include/asterisk/pbx.h | 54 54 + 0 - 0 !
main/asterisk.c | 7 7 + 0 - 0 !
main/pbx.c | 254 251 + 3 - 0 !
main/tcptls.c | 11 11 + 0 - 0 !
12 files changed, 475 insertions(+), 38 deletions(-)

 
 inhibit execution of privilege escalating functions