# ChangeLog for net-misc/asterisk # Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2 # $Header: /var/cvsroot/gentoo-x86/net-misc/asterisk/ChangeLog,v 1.525 2015/06/19 11:14:05 chainsaw Exp $ *asterisk-13.4.0 (19 Jun 2015) *asterisk-11.18.0 (19 Jun 2015) 19 Jun 2015; Tony Vroon +asterisk-11.18.0.ebuild, -asterisk-12.8.2.ebuild, +asterisk-13.4.0.ebuild, +files/1.6.2/asterisk.logrotate4: Bugfix releases on the 11 & 13 branches. One more fix (IAX2 concurrency by Jaco Kroon) is now upstream. As announced the 12 branch is being withdrawn, please use 13 instead. Updated logrotate snippet closes bug #552200 by Jaco Kroon. 16 May 2015; Pacho Ramos asterisk-11.17.1.ebuild, asterisk-12.8.2.ebuild, asterisk-13.3.2.ebuild: Rename jabber to xmpp USE (#216300) 28 Apr 2015; Tony Vroon -asterisk-11.15.0-r1.ebuild: Remove vulnerable ebuild, for security bug #546040. 17 Apr 2015; Agostino Sarubbo asterisk-11.17.1.ebuild: Stable for x86, wrt bug #546040 14 Apr 2015; Agostino Sarubbo asterisk-11.17.1.ebuild: Stable for amd64, wrt bug #546040 *asterisk-13.3.2 (13 Apr 2015) *asterisk-12.8.2 (13 Apr 2015) *asterisk-11.17.1 (13 Apr 2015) 13 Apr 2015; Tony Vroon -asterisk-11.16.0.ebuild, +asterisk-11.17.1.ebuild, -asterisk-12.8.1.ebuild, +asterisk-12.8.2.ebuild, -asterisk-13.1.1.ebuild, -asterisk-13.2.0.ebuild, +asterisk-13.3.2.ebuild: Upgrades on branches 11, 12 & 13 to address a null-byte exploit in TLS certificate CN field verification (CVE-2015-3008 / AST-2015-003). Removed all vulnerable non-stable ebuilds. For security bug #546040 by Agostino "ago" Sarubbo. *asterisk-13.2.0 (23 Mar 2015) *asterisk-11.16.0 (23 Mar 2015) 23 Mar 2015; Tony Vroon +asterisk-11.16.0.ebuild, +asterisk-13.2.0.ebuild: New releases on 11 & 13 branches; DAHDI channel variable patch now upstream (after only 3.5 years). *asterisk-13.1.1 (11 Feb 2015) *asterisk-12.8.1 (11 Feb 2015) 11 Feb 2015; Tony Vroon -asterisk-11.14.2.ebuild, -asterisk-11.14.2-r1.ebuild, -asterisk-11.15.0.ebuild, -asterisk-12.7.2.ebuild, -asterisk-12.7.2-r1.ebuild, -asterisk-12.8.0.ebuild, -asterisk-12.8.0-r1.ebuild, +asterisk-12.8.1.ebuild, -asterisk-13.1.0.ebuild, +asterisk-13.1.1.ebuild: Upgrades on the 12 & 13 branches for security bug #539806 (CVE-2015-1558). Removed vulnerable ebuilds. 10 Feb 2015; Agostino Sarubbo asterisk-11.15.0-r1.ebuild: Stable for x86, wrt bug #539058 10 Feb 2015; Agostino Sarubbo asterisk-11.15.0-r1.ebuild: Stable for amd64, wrt bug #539058 *asterisk-13.1.0 (05 Jan 2015) 05 Jan 2015; Tony Vroon +asterisk-13.1.0.ebuild: Introduction of the LTS 13 branch, currently masked. Expect the 12 branch to fall away and 13 to take its place. The aim is to have only 11 marked stable for the short term. G729 VAD patch rediffed by Jaco Kroon. Closes bug #529396 by Milos Ivanovic. *asterisk-11.14.2-r1 (30 Dec 2014) *asterisk-11.15.0-r1 (30 Dec 2014) *asterisk-12.8.0-r1 (30 Dec 2014) *asterisk-12.7.2-r1 (30 Dec 2014) 30 Dec 2014; Matthias Maier +asterisk-11.14.2-r1.ebuild, +asterisk-11.15.0-r1.ebuild, +asterisk-12.7.2-r1.ebuild, +asterisk-12.8.0-r1.ebuild, +files/asterisk.service, +files/asterisk.service.conf, +files/asterisk.tmpfiles.conf: provide systemd service files, bug #529192 28 Dec 2014; Aaron W. Swenson asterisk-11.14.2.ebuild, asterisk-11.15.0.ebuild, asterisk-12.7.2.ebuild, asterisk-12.8.0.ebuild: Rename virtual/postgresql to dev-db/postgresql *asterisk-12.8.0 (22 Dec 2014) *asterisk-11.15.0 (22 Dec 2014) 22 Dec 2014; Tony Vroon -asterisk-11.14.1.ebuild, +asterisk-11.15.0.ebuild, +asterisk-12.8.0.ebuild: Remove vulnerable stable ebuild for security bug #532242. Add newer ebuilds on both branches which contain primarily crash fixes. 21 Dec 2014; Agostino Sarubbo asterisk-11.14.2.ebuild: Stable for x86, wrt bug #532242 21 Dec 2014; Agostino Sarubbo asterisk-11.14.2.ebuild: Stable for amd64, wrt bug #532242 *asterisk-12.7.2 (16 Dec 2014) *asterisk-11.14.2 (16 Dec 2014) 16 Dec 2014; Tony Vroon +asterisk-11.14.2.ebuild, -asterisk-12.7.1.ebuild, +asterisk-12.7.2.ebuild: Incorrect and unsafe memory handling (AST-2014-019) in res_http_websocket addressed in both branches, vulnerable non-stable ebuilds removed. For security bug #532242. Enable MeetMe conference support if DAHDI is enabled, as requested by Kristian Fiskerstrand in bug #531486. 24 Nov 2014; Tony Vroon -asterisk-11.13.1.ebuild: Remove vulnerable ebuilds now that stabilisation is complete. For security bug #530056. 24 Nov 2014; Agostino Sarubbo asterisk-11.14.1.ebuild: Stable for x86, wrt bug #530056 24 Nov 2014; Agostino Sarubbo asterisk-11.14.1.ebuild: Stable for amd64, wrt bug #530056 *asterisk-12.7.1 (24 Nov 2014) *asterisk-11.14.1 (24 Nov 2014) 24 Nov 2014; Tony Vroon -asterisk-11.14.0.ebuild, +asterisk-11.14.1.ebuild, -asterisk-12.6.1.ebuild, -asterisk-12.7.0.ebuild, +asterisk-12.7.1.ebuild: 11 branch susceptible to AST-2014-012, AST-2014-014, AST-2014-017 & AST-2014-018. 12 branch susceptible to AST-2014-012, AST-2014-013, AST-2014-015, AST-2014-016, AST-2014-017 & AST-2014-018. Vulnerable non-stable ebuilds removed. For security bug #530056. *asterisk-12.7.0 (20 Nov 2014) *asterisk-11.14.0 (20 Nov 2014) 20 Nov 2014; Tony Vroon +asterisk-11.14.0.ebuild, +asterisk-12.7.0.ebuild: Resource leak fixes, particularly in error paths. 03 Nov 2014; Aaron W. Swenson asterisk-11.13.1.ebuild, asterisk-12.6.1.ebuild: Update PostgreSQL dependencies and/or checks to virtual/postgresql. 02 Nov 2014; Sven Vermeulen asterisk-11.13.1.ebuild, asterisk-12.6.1.ebuild: Remove sec-policy/selinux-* dependency from DEPEND but keep in RDEPEND (bug #527698) 21 Oct 2014; Tony Vroon -asterisk-11.12.1.ebuild: Remove vulnerable ebuilds now that stabilisation is complete. For security bug #526208. 21 Oct 2014; Agostino Sarubbo asterisk-11.13.1.ebuild: Stable for x86, wrt bug #526208 21 Oct 2014; Agostino Sarubbo asterisk-11.13.1.ebuild: Stable for amd64, wrt bug #526208 *asterisk-12.6.1 (21 Oct 2014) *asterisk-11.13.1 (21 Oct 2014) 21 Oct 2014; Tony Vroon -asterisk-1.8.28.2.ebuild, -asterisk-1.8.29.0.ebuild, -asterisk-11.13.0.ebuild, +asterisk-11.13.1.ebuild, -asterisk-12.5.1.ebuild, -asterisk-12.6.0.ebuild, +asterisk-12.6.1.ebuild, -files/1.6.0/asterisk.confd, -files/1.8.0/asterisk.initd4, -files/1.8.0/asterisk.initd5, -files/1.8.0/asterisk.initd6: New releases on the 11 & 12 branches to address the POODLE (AST-2014-011) SSL 3.0 vulnerability. The 1.8 branch is hereby removed from portage as previously announced. 11 is low-churn and ideal to target for production environments. Our patch sets against 1.8 cost significant effort to maintain and essentially add 11-branch features to it. *asterisk-12.6.0 (29 Sep 2014) 29 Sep 2014; Tony Vroon +asterisk-12.6.0.ebuild: Additional resilience against invalid (ao2) object references. Now supports empty passwords for PJSIP userpass authentication. Masquerade fixes for T38 between PJSIP and non-PJSIP chanels. FORTIFY_SOURCE fix now upstream. Modify permissions to suit a multi-daemon setup as per Jaco Kroon in bug #507894. *asterisk-11.13.0 (29 Sep 2014) 29 Sep 2014; Tony Vroon +asterisk-11.13.0.ebuild: Additional resilience against invalid (ao2) object references. FORTIFY_SOURCE fix now upstream. Modify permissions to suit a multi-daemon setup as per Jaco Kroon in bug #507894. 22 Sep 2014; Tony Vroon -asterisk-11.10.2.ebuild: Remove vulnerable ebuild for security bug #523216 as stabilisation is complete. 1.8 branch not affected. 20 Sep 2014; Agostino Sarubbo asterisk-11.12.1.ebuild: Stable for x86, wrt bug #523216 20 Sep 2014; Agostino Sarubbo asterisk-11.12.1.ebuild: Stable for amd64, wrt bug #523216 *asterisk-12.5.1 (19 Sep 2014) *asterisk-11.12.1 (19 Sep 2014) 19 Sep 2014; Tony Vroon -asterisk-11.11.0.ebuild, -asterisk-11.12.0.ebuild, +asterisk-11.12.1.ebuild, -asterisk-12.3.2.ebuild, -asterisk-12.4.0.ebuild, -asterisk-12.5.0.ebuild, +asterisk-12.5.1.ebuild: Upstream fix to fully respect SpanDSP API and avoid a potential null pointer dereference. On the 12 branch, additional input validation for the PubSub framework in PJSIP. Remove older non-stable ebuilds. 18 Sep 2014; Tony Vroon asterisk-1.8.28.2.ebuild, asterisk-1.8.29.0.ebuild, asterisk-11.10.2.ebuild, asterisk-11.11.0.ebuild, asterisk-11.12.0.ebuild, asterisk-12.3.2.ebuild, asterisk-12.4.0.ebuild, asterisk-12.5.0.ebuild: Add missing build-time dependency on pkgconfig, as identified by cyberbat in bug #522396. *asterisk-12.5.0 (20 Aug 2014) *asterisk-11.12.0 (20 Aug 2014) 20 Aug 2014; Tony Vroon +asterisk-11.12.0.ebuild, +asterisk-12.5.0.ebuild: Squelching the FORTIFY_SOURCE warnings, as we have this in our GCC specs the build system should not try to apply it again on the command line. At long last handles large SIP-over-SSL packets correctly. LUA vs convential dial plan context clashes found & fixed. *asterisk-12.4.0 (14 Jul 2014) *asterisk-11.11.0 (14 Jul 2014) *asterisk-1.8.29.0 (14 Jul 2014) 14 Jul 2014; Tony Vroon +asterisk-1.8.29.0.ebuild, +asterisk-11.11.0.ebuild, +asterisk-12.4.0.ebuild: New development on the 12 branch adds persistent connection support on the built-in HTTP server. Fixes trickling down to stable branches include making ast_careful_fwrite careful enough to avoid infinite loops and avoiding unnecessary MOH restarts. Downstream patchset unchanged. 23 Jun 2014; Tony Vroon -asterisk-1.8.26.1.ebuild, -asterisk-11.8.1.ebuild, -asterisk-12.1.1.ebuild, -asterisk-12.2.0.ebuild: Remove vulnerable ebuilds for security bug #513102, as requested by Agostino "ago" Sarubbo. 21 Jun 2014; Agostino Sarubbo asterisk-1.8.28.2.ebuild, asterisk-11.10.2.ebuild: Stable for x86, wrt bug #513102 21 Jun 2014; Agostino Sarubbo asterisk-1.8.28.2.ebuild, asterisk-11.10.2.ebuild: Stable for amd64, wrt bug #513102 *asterisk-12.3.2 (16 Jun 2014) 16 Jun 2014; Tony Vroon -asterisk-12.3.1.ebuild, +asterisk-12.3.2.ebuild: Upstream distributed a broken release that did not carry traffic for SIP over TCP or SIP over TLS. This remains masked and is not recommended for production deployments. *asterisk-11.10.2 (16 Jun 2014) *asterisk-1.8.28.2 (16 Jun 2014) 16 Jun 2014; Tony Vroon -asterisk-1.8.28.1.ebuild, +asterisk-1.8.28.2.ebuild, -asterisk-11.10.1.ebuild, +asterisk-11.10.2.ebuild: Upstream distributed a broken release that did not carry traffic for SIP over TCP or SIP over TLS. *asterisk-12.3.1 (14 Jun 2014) 14 Jun 2014; Tony Vroon -asterisk-12.1.1.ebuild, -asterisk-12.2.0.ebuild, -asterisk-12.3.0.ebuild, +asterisk-12.3.1.ebuild: And now for the 12 branch, which has additional vulnerabilities in the PJSIP channel driver. MixMonitor AMI command allowed arbitrary shell commands to be executed (AST-2014-006). Upstream replacement of plain broken SSL read implementation as part of an HTTPS denial of service (AST-2014-007) finally fixes ASTERISK-18345 after almost three years. Relevant downstream patch removed, this means we were very likely not vulnerable. Resolves a remote crash in publish/subscribe framework (AST-2014-005) due to deadlock on a synchronously dispatched task. *asterisk-12.3.1 (14 Jun 2014) 14 Jun 2014; Tony Vroon -asterisk-12.1.1.ebuild, -asterisk-12.2.0.ebuild, -asterisk-12.3.0.ebuild, +asterisk-12.3.1.ebuild: And now for the 12 branch, which has additional vulnerabilities in the PJSIP channel driver. MixMonitor AMI command allowed arbitrary shell commands to be executed (AST-2014-006). Upstream replacement of plain broken SSL read implementation as part of an HTTPS denial of service (AST-2014-007) finally fixes ASTERISK-18345 after almost three years. Relevant downstream patch removed, this means we were very likely not vulnerable. Resolves a remote crash in publish/subscribe framework (AST-2014-005) due to deadlock on a synchronously dispatched task. *asterisk-11.10.1 (14 Jun 2014) *asterisk-1.8.28.1 (14 Jun 2014) 14 Jun 2014; Tony Vroon -asterisk-1.8.27.0.ebuild, -asterisk-1.8.28.0.ebuild, +asterisk-1.8.28.1.ebuild, -asterisk-11.9.0.ebuild, -asterisk-11.10.0.ebuild, +asterisk-11.10.1.ebuild: MixMonitor AMI command allowed arbitrary shell commands to be executed (AST-2014-006). Upstream replacement of plain broken SSL read implementation as part of an HTTPS denial of service (AST-2014-007) finally fixes ASTERISK-18345 after almost three years. Relevant downstream patch removed, this means we were very likely not vulnerable. *asterisk-12.3.0 (02 Jun 2014) 02 Jun 2014; Tony Vroon +asterisk-12.3.0.ebuild: Significant string handling fixes as encouraged by GCC 4.10; leak fixes for PJSIP. Still not recommended for production deployment, remains masked. *asterisk-11.10.0 (30 May 2014) *asterisk-1.8.28.0 (30 May 2014) 30 May 2014; Tony Vroon +asterisk-1.8.28.0.ebuild, +asterisk-11.10.0.ebuild: Bugfixes trickling down from Asterisk 12 development, particularly around string handling and signedness mismatches (GCC 4.10 is clamping down on this hard). T38 backport patch rediffed for 1.8 branch. 08 May 2014; Tony Vroon asterisk-1.8.26.1.ebuild, asterisk-1.8.27.0.ebuild, asterisk-11.8.1.ebuild, asterisk-11.9.0.ebuild, asterisk-12.1.1.ebuild, asterisk-12.2.0.ebuild: Update ebuild dependencies to ensure only the 2.6 slot of gmime is selected. Inverting the search order in the configure script was only a partial fix. As pointed out by Pacho Ramos in bug #439846. *asterisk-12.2.0 (25 Apr 2014) 25 Apr 2014; Tony Vroon +asterisk-12.2.0.ebuild: Adds HEPv3 protocol support and PJSIP gains DNS client abilities that unlock SRV records & weighting. This branch remains experimental and is not recommended for production use at this time. *asterisk-1.8.27.0 (25 Apr 2014) 25 Apr 2014; Tony Vroon +asterisk-1.8.27.0.ebuild: Select bug fixes as cherry picked from the 11 branch. TLS chaining support finally upstream. Move up to 11 if you still use this. *asterisk-11.9.0 (25 Apr 2014) 25 Apr 2014; Tony Vroon +asterisk-11.9.0.ebuild: Bug fix release, fixes include but are not limited to dial plan functions coping with a NULL channel (AMI global function), correct NULL handling in ODBC, advertising MESSAGE support in SIP headers, SpanDSP API adherence and protection against non-G711 data in fax detection routines. TLS chaining support finally upstream. 11 Mar 2014; Agostino Sarubbo -asterisk-1.8.25.0.ebuild, -asterisk-11.7.0.ebuild: Remove old 11 Mar 2014; Agostino Sarubbo asterisk-1.8.26.1.ebuild, asterisk-11.8.1.ebuild: Stable for x86, wrt bug #504180 11 Mar 2014; Agostino Sarubbo asterisk-1.8.26.1.ebuild, asterisk-11.8.1.ebuild: Stable for amd64, wrt bug #504180 *asterisk-12.1.1 (11 Mar 2014) *asterisk-11.8.1 (11 Mar 2014) *asterisk-1.8.26.1 (11 Mar 2014) 11 Mar 2014; Tony Vroon -asterisk-1.8.26.0.ebuild, +asterisk-1.8.26.1.ebuild, -asterisk-11.7.0-r1.ebuild, -asterisk-11.8.0.ebuild, +asterisk-11.8.1.ebuild, -asterisk-12.0.0.ebuild, -asterisk-12.1.0.ebuild, +asterisk-12.1.1.ebuild: New releases in all three branches to address a stack overflow in HTTP cookie header processing, a file descriptor exhaustion through session timers in chan_sip and two remote crashes in PJSIP (12 branch only). Removed all vulnerable non-stable ebuilds. Upstream vulnerability reports AST-2014-001, 002, 003 & 004. *asterisk-12.1.0 (04 Mar 2014) 04 Mar 2014; Tony Vroon +asterisk-12.1.0.ebuild: Version bump on the 12 branch. This, at long last, merges the TLS chaining support. Still not recommended for production deployments at this time. *asterisk-1.8.26.0 (04 Mar 2014) 04 Mar 2014; Tony Vroon +asterisk-1.8.26.0.ebuild: Version bump on the 1.8 branch. If you still use this, you should be thinking about 11. *asterisk-11.8.0 (04 Mar 2014) 04 Mar 2014; Tony Vroon +asterisk-11.8.0.ebuild: Fixes a crash on hangup cause set, which is a regression introduced by an earlier fix. Performance improvements for high console verbosity. Updated G729 VAD detection patch by Jaco Kroon, closes bug #496584. *asterisk-11.7.0-r1 (06 Feb 2014) 06 Feb 2014; Tony Vroon +asterisk-11.7.0-r1.ebuild: Stop blowing up the V21 tone detector in SpanDSP by sanitising the input data properly. Patch by Michal Rybarik scavenged from an upstream bug report by Jaco Kroon. Closes bug #500504. *asterisk-12.0.0 (13 Jan 2014) 13 Jan 2014; Tony Vroon +asterisk-12.0.0.ebuild: First release on the 12 branch. This is not LTS, and uses the new PJSIP-based SIP channel. If in doubt, you are not ready for this. 08 Jan 2014; Mike Frysinger asterisk-1.8.25.0.ebuild, asterisk-11.7.0.ebuild: Inherit the user eclass for enewuser/etc... 23 Dec 2013; Tony Vroon -asterisk-1.8.23.1.ebuild, -asterisk-1.8.24.0.ebuild, -asterisk-11.5.1.ebuild, -asterisk-11.6.0.ebuild, -asterisk-11.6.0-r1.ebuild: Remove all vulnerable ebuilds for AST-2013-006 & AST-2013-007; for security bug #494630. 23 Dec 2013; Agostino Sarubbo asterisk-1.8.25.0.ebuild, asterisk-11.7.0.ebuild: Stable for x86, wrt bug #494630 23 Dec 2013; Agostino Sarubbo asterisk-1.8.25.0.ebuild, asterisk-11.7.0.ebuild: Stable for amd64, wrt bug #494630 *asterisk-11.7.0 (18 Dec 2013) *asterisk-1.8.25.0 (18 Dec 2013) 18 Dec 2013; Tony Vroon +asterisk-1.8.25.0.ebuild, +asterisk-11.7.0.ebuild: Upgrades on both branches for memory corruption (AST-2013-006) & security bypass (AST-2013-007) vulnerabilities, as per Agostino Sarubbo in security bug #494630. Squelch unnecessary chatter from build system, as per Patryk Rzadzinski in bug #489862. *asterisk-11.6.0-r1 (30 Oct 2013) 30 Oct 2013; Tony Vroon +asterisk-11.6.0-r1.ebuild: A useful response to the debug USE-flag, as suggested by Kerin Millar and implemented by Jaco Kroon. Closes bug #346959. 27 Oct 2013; Pacho Ramos metadata.xml: Voip herd is removed: http://article.gmane.org/gmane.linux.gentoo.devel/88434 *asterisk-1.8.24.0 (22 Oct 2013) 22 Oct 2013; Tony Vroon +asterisk-1.8.24.0.ebuild: Version bump. *asterisk-11.6.0 (22 Oct 2013) 22 Oct 2013; Tony Vroon +asterisk-11.6.0.ebuild: Version bump. Features improved NAT support and plugs a memory leak in the logger. 28 Aug 2013; Agostino Sarubbo -asterisk-1.8.20.2.ebuild, -asterisk-11.2.2.ebuild: Remove old 28 Aug 2013; Agostino Sarubbo asterisk-1.8.23.1.ebuild, asterisk-11.5.1.ebuild: Stable for x86, wrt bug #482776 28 Aug 2013; Agostino Sarubbo asterisk-1.8.23.1.ebuild, asterisk-11.5.1.ebuild: Stable for amd64, wrt bug #482776 *asterisk-11.5.1 (28 Aug 2013) *asterisk-1.8.23.1 (28 Aug 2013) 28 Aug 2013; Tony Vroon -asterisk-1.8.22.0.ebuild, -asterisk-1.8.23.0.ebuild, +asterisk-1.8.23.1.ebuild, -asterisk-11.4.0.ebuild, -asterisk-11.5.0.ebuild, +asterisk-11.5.1.ebuild, +files/1.8.0/asterisk.initd7: Security upgrades for AST-2013-004 & AST-2013-005 on both branches. Behavioral improvements for G729 VAD, closes bug #480928. Add missed ownership checks to init script, closes bug #482688. Both by Jaco Kroon. Removed all insecure non-stable ebuilds. 31 Jul 2013; Tony Vroon asterisk-1.8.20.2.ebuild, -asterisk-1.8.21.0.ebuild, asterisk-1.8.22.0.ebuild, asterisk-1.8.23.0.ebuild, asterisk-11.2.2.ebuild, -asterisk-11.3.0.ebuild, asterisk-11.4.0.ebuild, asterisk-11.5.0.ebuild: Make our inability to co-exist with net-libs/pjsip explicit to avoid any build failures. Closes bug #47812 by Steven Lai. Removed older non-stable builds on both branches. *asterisk-11.5.0 (23 Jul 2013) *asterisk-1.8.23.0 (23 Jul 2013) 23 Jul 2013; Tony Vroon +asterisk-1.8.23.0.ebuild, +asterisk-11.5.0.ebuild, +files/1.8.0/asterisk.initd6: Bugfix releases on both branches. Completely revised init script by Jaco Kroon that supports running multiple Asterisk instances on a single host, closes bug #473224. *asterisk-1.8.22.0 (20 May 2013) 20 May 2013; Tony Vroon +asterisk-1.8.22.0.ebuild: One of the last bugfix releases on the 1.8 branch. You need to migrate to 11. And soon. *asterisk-11.4.0 (20 May 2013) 20 May 2013; Tony Vroon +asterisk-11.4.0.ebuild: In a refreshing change of heart, upstream now care about parallel build failures. Drop our relevant two downstream patches. Fixes a res_timing_pthread deadlock, an FD leak in the web server and more SRTP decryption/white noise issues. 30 Mar 2013; Tony Vroon -asterisk-1.8.20.1.ebuild, -asterisk-11.2.1.ebuild: Remove vulnerable ebuilds after stabling, for security bug #463622. 30 Mar 2013; Agostino Sarubbo asterisk-1.8.20.2.ebuild, asterisk-11.2.2.ebuild: Stable for x86, wrt bug #463622 30 Mar 2013; Agostino Sarubbo asterisk-1.8.20.2.ebuild, asterisk-11.2.2.ebuild: Stable for amd64, wrt bug #463622 *asterisk-11.3.0 (29 Mar 2013) *asterisk-1.8.21.0 (29 Mar 2013) 29 Mar 2013; Tony Vroon +asterisk-1.8.21.0.ebuild, +asterisk-11.3.0.ebuild: Bugfix releases on both branches. Native RTP bridging is no longer attempted if packetisation differs, this helps to prevent fax failures. Improved locking to prevent deadlocks. *asterisk-11.2.2 (28 Mar 2013) *asterisk-1.8.20.2 (28 Mar 2013) 28 Mar 2013; Tony Vroon -asterisk-1.8.19.1.ebuild, -asterisk-1.8.20.0.ebuild, +asterisk-1.8.20.2.ebuild, -asterisk-11.1.2.ebuild, -asterisk-11.2.0.ebuild, -asterisk-11.2.1-r2.ebuild, +asterisk-11.2.2.ebuild: Security upgrade to address a boundary error in H264 video SDP handling, naive Content-Length variable parsing in HTTP POST requests and an information leak around account existence for the SIP channel driver. *asterisk-11.2.1-r2 (06 Mar 2013) 06 Mar 2013; Tony Vroon -asterisk-11.2.1-r1.ebuild, +asterisk-11.2.1-r2.ebuild: Stop installing the /var/run directory structure, closes bug #451808. Two additional stability fixes, closes bug #460568. Removing -r1 ebuild as the reload protections within it are incomplete. Use -r2 or last stable. All patching by Jaco Kroon. *asterisk-11.2.1-r1 (05 Mar 2013) 05 Mar 2013; Tony Vroon +asterisk-11.2.1-r1.ebuild: Fix by Jaco Kroon to correctly handle error returns for dundi lookups, previously resulting in segmentation faults. Closes bug #460406. 26 Feb 2013; Agostino Sarubbo asterisk-11.2.1.ebuild: Stable for x86, wrt bug #458126 26 Feb 2013; Agostino Sarubbo asterisk-11.2.1.ebuild: Stable for amd64, wrt bug #458126 12 Feb 2013; Agostino Sarubbo asterisk-1.8.20.1.ebuild: Stable for x86, wrt bug #456936 12 Feb 2013; Agostino Sarubbo asterisk-1.8.20.1.ebuild: Stable for amd64, wrt bug #456936 *asterisk-11.2.1 (24 Jan 2013) *asterisk-1.8.20.1 (24 Jan 2013) 24 Jan 2013; Tony Vroon +files/1.8.0/asterisk.initd5, -files/1.8.0/asterisk.initd, -files/1.8.0/asterisk.initd2, -files/1.8.0/asterisk.initd3, +asterisk-1.8.20.1.ebuild, +asterisk-11.2.1.ebuild: Partial rewrite of the init script by Jaco Kroon addresses shortcomings identified by Vincent Brillault in bug #445176. Upstream fixes include an astcanary PID mix-up and a necessary reset of the RTP sequence counter when SSRC changes. *asterisk-1.8.20.0 (15 Jan 2013) 15 Jan 2013; Tony Vroon +asterisk-1.8.20.0.ebuild: Bugfix release on the 1.8 branch. The fix for bug #440278 is now upstream. *asterisk-11.2.0 (15 Jan 2013) 15 Jan 2013; Tony Vroon +asterisk-11.2.0.ebuild: Bugfix release on the 11 branch. The fix for bug #440278 is now upstream. *asterisk-11.1.2 (07 Jan 2013) 07 Jan 2013; Tony Vroon -asterisk-11.1.1.ebuild, +asterisk-11.1.2.ebuild: One final unsafe use of TCP reads onto the stack in res_xmpp; also stops caching taking place where unnecessary. This completes the DoS protection intended for 11.1.1; removing unsafe ebuild from tree. 04 Jan 2013; Tony Vroon asterisk-1.8.19.1.ebuild, asterisk-11.1.1.ebuild: Remove /var/run keepdir statements as per Diego Elio Pettenò in bug #450222. 04 Jan 2013; Tony Vroon -asterisk-10.11.1.ebuild: As previously announced the 10 branch of Asterisk is now being removed. For stable releases, you want the 1.8 branch. For an actively developed branch with more features, you want the 11 branch. 03 Jan 2013; Tony Vroon -asterisk-1.8.18.0-r2.ebuild: Clear vulnerable ebuild in 1.8 branch now that stabling has completed. 03 Jan 2013; Agostino Sarubbo asterisk-1.8.19.1.ebuild: Stable for amd64, wrt bug #449828 03 Jan 2013; Andreas Schuerch asterisk-1.8.19.1.ebuild: x86 stable, see bug 449828 *asterisk-11.1.1 (02 Jan 2013) *asterisk-10.11.1 (02 Jan 2013) *asterisk-1.8.19.1 (02 Jan 2013) 02 Jan 2013; Tony Vroon -asterisk-1.8.15.1.ebuild, -asterisk-1.8.18.1.ebuild, -asterisk-1.8.19.0.ebuild, +asterisk-1.8.19.1.ebuild, -asterisk-10.10.1.ebuild, -asterisk-10.11.0.ebuild, +asterisk-10.11.1.ebuild, -asterisk-11.0.2.ebuild, -asterisk-11.1.0.ebuild, +asterisk-11.1.1.ebuild: Security releases on all three branches; stop using stack allocations in TCP receive paths, as multiple packets may be concatenated together and overflow the stack as a result (CVE-2012-5976 / AST-2012-015). Never cache devices that are not associated with a physical entity, as to do so allows a denial of service through cache exhaustion (CVE-2012-5977 / AST-2012-014). Remove all non-stable vulnerable ebuilds. As requested by Sean Amoss in bug #449828. 01 Jan 2013; Andreas K. Huettel +ChangeLog-2012: Split ChangeLog. For previous entries, please see ChangeLog-2012.