From: The Asterisk Development Team <asteriskteam@digium.com> To: undisclosed-recipients: ; Date: Tue, 17 Jul 2007 17:22:21 -0500 Subject: [asterisk-announce] Critical Updates: Asterisk 1.2.22 and 1.4.8 released The Asterisk development team has released Asterisk versions 1.2.22 and 1.4.8. These releases contain fixes for four critical security vulnerabilities. One of these vulnerabilities is a remotely exploitable stack buffer overflow, which could allow an attacker to execute arbitrary code on the target machine. The other three are all remotely exploitable crash vulnerabilities. We have released Asterisk Security Advisories for each of the vulnerabilities. The current version of each advisory can be downloaded from the ftp site. http://ftp.digium.com/pub/asa/ASA-2007-014.pdf * Affected systems include those that bridge calls between chan_iax2 and any channel driver that uses RTP for media http://ftp.digium.com/pub/asa/ASA-2007-015.pdf * Affected systems include any system that has chan_iax2 enabled http://ftp.digium.com/pub/asa/ASA-2007-016.pdf * Affected systems include any system that has chan_skinny enabled http://ftp.digium.com/pub/asa/ASA-2007-017.pdf * Affected systems include any 1.4 system that has any channel driver that uses RTP for media enabled All users that have systems that meet any of the criteria listed above should upgrade as soon as possible. Thank you very much for your support.
another release: http://lists.digium.com/pipermail/asterisk-announce/2007-July/000084.html The Asterisk development team has released Asterisk versions 1.2.23 and 1.4.9. These releases contain bug fixes, including one for a security vulnerability. The vulnerability is a potential Denial of Service attack when the Asterisk IAX2 channel driver is configured to allow unauthenticated calls. We have released an Asterisk Security Advisory for the vulnerability. The current version of the advisory can be downloaded from the ftp site. http://ftp.digium.com/pub/asa/ASA-2007-018.pdf * Affected systems include all Asterisk installations running an affected version that allow unauthenticated IAX2 calls. Affected open source versions include 1.2.20 through 1.2.22, and 1.4.5 through 1.4.8. All users that have systems that meet the criteria listed above should upgrade as soon as possible. Thank you very much for your support.
voip, any news here?
fyi, asterisk 1.2.24 has been released. no security fixes. http://lists.digium.com/pipermail/asterisk-announce/2007-August/000088.html
however asterisk 1.4.10 does have security fixes (but the 1.4.x branch is not currently in portage).
*** Bug 188256 has been marked as a duplicate of this bug. ***
voip any further news here?
fyi, asterisk 1.4.11 (1.4.x is not currently in portage) fixes chan_sip issues. http://downloads.digium.com/pub/asa/AST-2007-020.html
you're quite late on the 1.4.11 issue as I added it about an hour after the tarballs were available to the overlay...
We still need a fix for 1.2.x.
Commited asterisk-1.2.17-r1 and asterisk-1.2.21-r1, the following patches have been added: 1.2.17-r1: ASA-2007-14, -15, -16 (<1.2.20 is not affected by ASA-2007-18) 1.2.21.1-r1: ASA-2007-14, -15, -16, -18
Thanks Stefan (and sorry for the my delay here). Arches please test and mark stable.
Created attachment 130419 [details] failed patch log USE=genericjb leads to failing patch: * Applying asterisk-1.2.11-jb.patch ... * Failed Patch: asterisk-1.2.11-jb.patch ! * ( /var/tmp/portage/net-misc/asterisk-1.2.17-r1/work/asterisk-1.2.11-jb.patch ) * * Include in your bugreport the contents of:
Back to ebuild to get this fixed. CVE note: AST-2007-14 = CVE-2007-3762 AST-2007-15 = CVE-2007-3763 AST-2007-16 = CVE-2007-3764 AST-2007-18 = CVE-2007-4103
Maybe I should tell that even the -r0 fails patching and that this is an experimental feature which is added from a third party. So this can be dropped if there is no Asterisk guru available.
Thx for the note opfer. Back to stable marking.
(In reply to comment #15) > Thx for the note opfer. Back to stable marking. So should I remove the jb patches or stable with broken patching?
If it's not a regression from a previous version I'd say go ahead and mark stable. Stefan can you please look into it?
x86 stable and I am out of here, too
I get an error when trying to build asterisk on my sparc264. [ebuild N ] net-misc/asterisk-1.2.17-r1 USE="alsa curl h323 sqlite ssl (-bri) -debug -doc -genericjb -gtk (-hardened) -lowmem (-mmx) -nosamples -odbc (-osp) -postgres -pri -speex (-zaptel)" 0 kB * Building H.323 wrapper lib... make: Entering directory `/var/tmp/portage/net-misc/asterisk-1.2.17-r1/work/asterisk-1.2.17/channels/h323' g++ -O2 -mcpu=ultrasparc3 -pipe -I/usr/include/openh323 -c -o ast_h323.o ast_h323.cpp ast_h323.cpp:1:1: warning: "_GNU_SOURCE" redefined <command line>:1:1: warning: this is the location of the previous definition ast_h323.cpp:44:29: error: asterisk/logger.h: No such file or directory ast_h323.cpp:45:30: error: asterisk/channel.h: No such file or directory chan_h323.h:55: error: 'AST_MAX_ACCOUNT_CODE' was not declared in this scope ast_h323.cpp: In member function 'virtual int PAsteriskLog::Buffer::sync()': ast_h323.cpp:133: error: 'ast_verbose' was not declared in this scope ast_h323.cpp: In function 'void PAssertFunc(const char*)': ast_h323.cpp:169: error: 'LOG_ERROR' was not declared in this scope ast_h323.cpp:169: error: 'ast_log' was not declared in this scope make: *** [ast_h323.o] Error 1 It seems those includes aren't correct. Both channel.h and logger.h are available at the root of the asterisk dir.
sparc64 emerge --info: Portage 2.1.3.9 (default-linux/sparc/sparc64/2007.0, gcc-4.1.2, glibc-2.5-r4, 2.6.17-gentoo-r8 sparc64) ================================================================= System uname: 2.6.17-gentoo-r8 sparc64 sun4u Timestamp of tree: Thu, 20 Sep 2007 00:50:01 +0000 app-shells/bash: 3.2_p17 dev-lang/python: 2.4.4-r4 dev-python/pycrypto: 2.0.1-r6 sys-apps/baselayout: 1.12.9-r2 sys-apps/sandbox: 1.2.17 sys-devel/autoconf: 2.13, 2.61-r1 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10 sys-devel/binutils: 2.17 sys-devel/gcc-config: 1.3.16 sys-devel/libtool: 1.5.24 virtual/os-headers: 2.6.21 ACCEPT_KEYWORDS="sparc" CBUILD="sparc-unknown-linux-gnu" CFLAGS="-O2 -mcpu=ultrasparc3 -pipe" CHOST="sparc-unknown-linux-gnu" CONFIG_PROTECT="/etc /var/bind" CONFIG_PROTECT_MASK="/etc/env.d /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/terminfo" CXXFLAGS="-O2 -mcpu=ultrasparc3 -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="collision-protection distlocks metadata-transfer parallel-fetch sandbox sfperms strict test unmerge-orphans userfetch" GENTOO_MIRRORS="http://ftp.belnet.be/mirror/rsync.gentoo.org/gentoo/ ftp://ftp.gentoo-pt.org/pub/gentoo ftp://mirrors1.netvisao.pt/gentoo/ http://trumpetti.tut.atm.fi/gentoo" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --filter=H_**/files/digest-*" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://atl64.acores.pt/gentoo-portage" USE="bitmap-fonts cli cracklib crypt cups dri fortran gdbm gpm iconv isdnlog midi mudflap nls nptl nptlonly openmp pam pcre ppds pppd reflection session sparc spl tcpd test truetype-fonts type1-fonts unicode vhosts xorg" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" USERLAND="GNU" VIDEO_CARDS="dummy fbdev glint mach64 mga r128 radeon sunbw2 suncg14 suncg3 suncg6 sunffb sunleo tdfx v4l voodoo" Unset: CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
(In reply to comment #19) > I get an error when trying to build asterisk on my sparc264. > > [ebuild N ] net-misc/asterisk-1.2.17-r1 USE="alsa curl h323 sqlite ssl > (-bri) -debug -doc -genericjb -gtk (-hardened) -lowmem (-mmx) -nosamples -odbc > (-osp) -postgres -pri -speex (-zaptel)" 0 kB > > * Building H.323 wrapper lib... > make: Entering directory > `/var/tmp/portage/net-misc/asterisk-1.2.17-r1/work/asterisk-1.2.17/channels/h323' > g++ -O2 -mcpu=ultrasparc3 -pipe -I/usr/include/openh323 -c -o ast_h323.o > ast_h323.cpp > ast_h323.cpp:1:1: warning: "_GNU_SOURCE" redefined > <command line>:1:1: warning: this is the location of the previous definition > ast_h323.cpp:44:29: error: asterisk/logger.h: No such file or directory > ast_h323.cpp:45:30: error: asterisk/channel.h: No such file or directory > chan_h323.h:55: error: 'AST_MAX_ACCOUNT_CODE' was not declared in this scope > ast_h323.cpp: In member function 'virtual int PAsteriskLog::Buffer::sync()': > ast_h323.cpp:133: error: 'ast_verbose' was not declared in this scope > ast_h323.cpp: In function 'void PAssertFunc(const char*)': > ast_h323.cpp:169: error: 'LOG_ERROR' was not declared in this scope > ast_h323.cpp:169: error: 'ast_log' was not declared in this scope > make: *** [ast_h323.o] Error 1 > > It seems those includes aren't correct. Both channel.h and logger.h are > available at the root of the asterisk dir. > I see the same error on my SB1000 when building asterisk-1.2.17-r1 with the same USE flags. USE='-h323' is OK. But this is still a failure; please tell us how to resolve.
I was able to emerge successfully asterisk with the following use flags: net-misc/asterisk-1.2.17-r1 (alsa curl sqlite ssl) net-misc/asterisk-1.2.17-r1 (alsa curl doc speex sqlite ssl) net-misc/asterisk-1.2.21.1 (alsa curl sqlite ssl) net-misc/asterisk-1.2.21.1 (alsa curl doc speex sqlite ssl) However, I got a *few* warnings, some repeat many, *many* times, that I'm going to post on the next entries. emerPortage 2.1.3.9 (default-linux/sparc/sparc64/2007.0, gcc-4.1.2, glibc-2.5-r4, 2.6.17-gentoo-r8 sparc64) ================================================================= System uname: 2.6.17-gentoo-r8 sparc64 sun4u Timestamp of tree: Wed, 26 Sep 2007 22:50:01 +0000 app-shells/bash: 3.2_p17 dev-lang/python: 2.4.4-r4 dev-python/pycrypto: 2.0.1-r6 sys-apps/baselayout: 1.12.9-r2 sys-apps/sandbox: 1.2.17 sys-devel/autoconf: 2.13, 2.61-r1 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10 sys-devel/binutils: 2.17 sys-devel/gcc-config: 1.3.16 sys-devel/libtool: 1.5.24 virtual/os-headers: 2.6.21 ACCEPT_KEYWORDS="sparc" CBUILD="sparc-unknown-linux-gnu" CFLAGS="-O2 -mcpu=ultrasparc3 -pipe" CHOST="sparc-unknown-linux-gnu" CONFIG_PROTECT="/etc /var/bind" CONFIG_PROTECT_MASK="/etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/terminfo" CXXFLAGS="-O2 -mcpu=ultrasparc3 -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="collision-protection distlocks metadata-transfer parallel-fetch sandbox sfperms strict test unmerge-orphans userfetch" GENTOO_MIRRORS="http://ftp.belnet.be/mirror/rsync.gentoo.org/gentoo/ ftp://ftp.gentoo-pt.org/pub/gentoo ftp://mirrors1.netvisao.pt/gentoo/ http://trumpetti.tut.atm.fi/gentoo" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --filter=H_**/files/digest-*" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://atl64.acores.pt/gentoo-portage" USE="bitmap-fonts cli cracklib crypt cups dri fortran gdbm gpm iconv isdnlog midi mudflap nls nptl nptlonly openmp pam pcre ppds pppd reflection session sparc spl tcpd test truetype-fonts type1-fonts unicode vhosts xorg" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" USERLAND="GNU" VIDEO_CARDS="dummy fbdev glint mach64 mga r128 radeon sunbw2 suncg14 suncg3 suncg6 sunffb sunleo tdfx v4l voodoo" Unset: CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS ge --info for sparc64
Warnings for the above emerge processes: net-misc/asterisk-1.2.17-r1 (alsa curl sqlite ssl) ************************************************************* *** You have the WRONG version of mpg123... you need .59r *** *** Use 'make mpg123' to get the right verison *** ************************************************************* * QA Notice: Package has poor programming practices which may compile * fine but exhibit random runtime failures. * analys.c:566: warning: implicit declaration of function 'placev_' analys.c:622: warning: implicit declaration of function 'placea_' synths.c:401: warning: implicit declaration of function 'irc2pc_' synths.c:402: warning: implicit declaration of function 'bsynz_' net-misc/asterisk-1.2.17-r1 (alsa curl doc speex sqlite ssl) /var/tmp/portage/net-misc/asterisk-1.2.17-r1/work/asterisk-1.2.17/asterisk.c:147 Warning: unable to resolve reference to `Config_ast' for \ref command /var/tmp/portage/net-misc/asterisk-1.2.17-r1/work/asterisk-1.2.17/include/asterisk/doxyref.h:409 Warning: unable to resolve reference to `Config_mod' for \ref command /var/tmp/portage/net-misc/asterisk-1.2.17-r1/work/asterisk-1.2.17/include/asterisk/doxyref.h:416 Warning: unable to resolve reference to `Config_mod' for \ref command /var/tmp/portage/net-misc/asterisk-1.2.17-r1/work/asterisk-1.2.17/include/asterisk/doxyref.h:421 Warning: unable to resolve reference to `ast_register_application()' for \ref command Generating docs for file acl.c... Renderer type: "png" not recognized. Use one of: canon cmap cmapx dia dot fig gd gd2 gif hpgl imap ismap mif mp pcl pic plain plain-ext ps ps2 svg svgz vtx wbmp xdot Problems running dot: exit code=1, command='dot', arguments='"acl_8c__incl.dot" -Tpng -o "acl_8c__incl.png"' ************************************************************* *** You have the WRONG version of mpg123... you need .59r *** *** Use 'make mpg123' to get the right verison *** ************************************************************* * QA Notice: Package has poor programming practices which may compile * fine but exhibit random runtime failures. * analys.c:566: warning: implicit declaration of function 'placev_' analys.c:622: warning: implicit declaration of function 'placea_' synths.c:401: warning: implicit declaration of function 'irc2pc_' synths.c:402: warning: implicit declaration of function 'bsynz_' net-misc/asterisk-1.2.21.1 (alsa curl sqlite ssl) (no warnings) net-misc/asterisk-1.2.21.1 (alsa curl doc speex sqlite ssl) format_gsm.c: In function 'gsm_write': msgsm.h:459: warning: 'xmc[48]' may be used uninitialized in this function /var/tmp/portage/net-misc/asterisk-1.2.21.1/work/asterisk-1.2.21.1/asterisk.c:147 Warning: unable to resolve reference to `Config_ast' for \ref command /var/tmp/portage/net-misc/asterisk-1.2.21.1/work/asterisk-1.2.21.1/include/asterisk/doxyref.h:409 Warning: unable to resolve reference to `Config_mod' for \ref command /var/tmp/portage/net-misc/asterisk-1.2.21.1/work/asterisk-1.2.21.1/include/asterisk/doxyref.h:416 Warning: unable to resolve reference to `Config_mod' for \ref command /var/tmp/portage/net-misc/asterisk-1.2.21.1/work/asterisk-1.2.21.1/include/asterisk/doxyref.h:421 Warning: unable to resolve reference to `ast_register_application()' for \ref command /var/tmp/portage/net-misc/asterisk-1.2.21.1/work/asterisk-1.2.21.1/include/asterisk/dundi.h:21 Warning: unable to resolve reference to `AstDUNDi' for \ref command Renderer type: "png" not recognized. Use one of: canon cmap cmapx dia dot fig gd gd2 gif hpgl imap ismap mif mp pcl pic plain plain-ext ps ps2 svg svgz vtx wbmp xdot Problems running dot: exit code=1, command='dot', arguments='"acl_8c__incl.dot" -Tpng -o "acl_8c__incl.png"' * QA Notice: Package has poor programming practices which may compile * fine but exhibit random runtime failures. * analys.c:566: warning: implicit declaration of function 'placev_' analys.c:622: warning: implicit declaration of function 'placea_' synths.c:401: warning: implicit declaration of function 'irc2pc_' synths.c:402: warning: implicit declaration of function 'bsynz_'
voip, any news on the sparc build issues?
(In reply to comment #24) > voip, any news on the sparc build issues? > *ping*
Ok, let's release a GLSA saying that there are no fixed version for sparc for now. GLSA request filed.
Sparc any news on this one?
(In reply to comment #27) > Sparc any news on this one? > Both 17-r1 and 21.1-r1 stable on sparc, and closing.
please don't close security bugs...
jaervosz, for the record, we never got any reply from voip about the compilation errors with USE="h323".
Until voip responds what about disabling h323 for sparc?
armin76 has package.use.mask'ed it for now.
Seems like I forgot to add amd64 in the first round of stable marking :(
(In reply to comment #33) > Seems like I forgot to add amd64 in the first round of stable marking :( > @amd64: could you please take care of this one ASAP? The draft has been waiting for a long time.
do you still want to send out a glsa for this? there are new, open security bugs in asterisk which have yet to be fixed in our tree. eg bugs #200792 #202733.
I don't see any reason to wait for ebuilds on the other bugs before we release this one.
amd64 done.
This one is ready for GLSA. GLSAmaker NOT updated.
GLSA 200802-11, sorry for the long delay.