Navigation:
Browse pkgsrc
(this page)
comms asterisk..
CVSweb ] [ 
Homepage ] [ 
RSS ] [ 
Required by ] | 2026-05-14 18:42:34 by Ryo ONODERA | Files touched by this commit (1335) |
Log message: *: Recursive revbump from security/nettle-4.0 |
| 2026-04-10 10:41:36 by Thomas Klausner | Files touched by this commit (12) |
Log message: *: remove OWNER definition OWNER, when it was introduced, was to protect packages deep in the infrastructure by emphasizing that they should not be touched by non-MAINTAINERs. No infrastructure package still sets OWNER. Note: non-trivial change to packages should be passed by MAINTAINERs. As discussed on tech-pkg. |
| 2026-02-06 11:06:21 by Thomas Klausner | Files touched by this commit (1305) |
Log message: *: recursive bump for nettle 4.0 shlib major bump |
| 2026-01-07 09:49:50 by Thomas Klausner | Files touched by this commit (2525) |
Log message: *: recursive bump for icu 78.1 |
| 2025-10-05 21:26:29 by Jonathan Schleifer | Files touched by this commit (485) |
Log message: *: rev bump for curl |
| 2025-09-29 05:12:19 by John Nemeth | Files touched by this commit (3) |
Log message: asterisk18: Update to Asterisk 18.26.4. pkgsrc change: - fix PR pkg/59478 ## Change Log for Release asterisk-18.26.4 ### Links: - [Full \ ChangeLog](https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-18.26.4.html) ### Summary: - Commits: 1 - Commit Authors: 1 - Issues Resolved: 0 - Security Advisories Resolved: 1 - \ [GHSA-557q-795j-wfx2](https://github.com/asterisk/asterisk/security/advisories/GHSA-557q-795j-wfx2): \ Resource exhaustion (DoS) vulnerability: remotely exploitable leak of RTP UDP \ ports and internal resources ### Commit Authors: - George Joseph: (1) ## Issue and Commit Detail: ### Closed Issues: - !GHSA-557q-795j-wfx2: Resource exhaustion (DoS) vulnerability: remotely \ exploitable leak of RTP UDP ports and internal resources ### Commits By Author: - #### George Joseph (1): - pjproject: Update bundled to 2.15.1. ### Commit List: - pjproject: Update bundled to 2.15.1. ### Commit Details: #### pjproject: Update bundled to 2.15.1. Author: George Joseph Date: 2025-08-25 This resolves a security issue where RTP ports weren't being released causing possible resource exhaustion issues. Resolves: #GHSA-557q-795j-wfx2 |
| 2025-08-31 00:46:51 by Thomas Klausner | Files touched by this commit (1355) |
Log message: *: recursive bump for tiff growing lerc dependency |
2025-08-04 22:17:18 by John Nemeth | Files touched by this commit (3) |  |
Log message: Update to Asterisk 18.26.3. This is a security update. ## Change Log for Release asterisk-18.26.3 ### Links: - [Full \ ChangeLog](https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-18.26.3.html) ### Summary: - Commits: 2 - Commit Authors: 2 - Issues Resolved: 0 - Security Advisories Resolved: 2 - \ [GHSA-mrq5-74j5-f5cr](https://github.com/asterisk/asterisk/security/advisories/GHSA-mrq5-74j5-f5cr): \ Remote DoS and possible RCE in asterisk/res/res_stir_shaken/verification.c - \ [GHSA-v9q8-9j8m-5xwp](https://github.com/asterisk/asterisk/security/advisories/GHSA-v9q8-9j8m-5xwp): \ Uncontrolled Search-Path Element in safe_asterisk script may allow local \ privilege escalation. ### User Notes: ### Upgrade Notes: - #### safe_asterisk: Add ownership checks for /etc/asterisk/startup.d and its files. The safe_asterisk script now checks that, if it was run by the root user, the /etc/asterisk/startup.d directory and all the files it contains are owned by root. If the checks fail, safe_asterisk will exit with an error and Asterisk will not be started. Additionally, the default logging destination is now stderr instead of tty "9" which probably won't exist in modern systems. ### Developer Notes: ### Commit Authors: - George Joseph: (1) - ThatTotallyRealMyth: (1) ## Issue and Commit Detail: ### Closed Issues: - !GHSA-mrq5-74j5-f5cr: Remote DoS and possible RCE in \ asterisk/res/res_stir_shaken/verification.c - !GHSA-v9q8-9j8m-5xwp: Uncontrolled Search-Path Element in safe_asterisk \ script may allow local privilege escalation. ### Commits By Author: - #### George Joseph (1): - res_stir_shaken: Test for missing semicolon in Identity header. - #### ThatTotallyRealMyth (1): - safe_asterisk: Add ownership checks for /etc/asterisk/startup.d and its files. ### Commit List: - safe_asterisk: Add ownership checks for /etc/asterisk/startup.d and its files. - res_stir_shaken: Test for missing semicolon in Identity header. ### Commit Details: #### safe_asterisk: Add ownership checks for /etc/asterisk/startup.d and its files. Author: ThatTotallyRealMyth Date: 2025-06-10 UpgradeNote: The safe_asterisk script now checks that, if it was run by the root user, the /etc/asterisk/startup.d directory and all the files it contains are owned by root. If the checks fail, safe_asterisk will exit with an error and Asterisk will not be started. Additionally, the default logging destination is now stderr instead of tty "9" which probably won't exist in modern systems. Resolves: #GHSA-v9q8-9j8m-5xwp #### res_stir_shaken: Test for missing semicolon in Identity header. Author: George Joseph Date: 2025-07-31 ast_stir_shaken_vs_verify() now makes sure there's a semicolon in the Identity header to prevent a possible segfault. Resolves: #GHSA-mrq5-74j5-f5cr |
New packages: