From 1b98907582b3a3025ac58e9cfe47c467259f98bb Mon Sep 17 00:00:00 2001 From: Sebastian Kemper Date: Wed, 10 Jan 2018 22:18:46 +0100 Subject: [PATCH] asterisk-13.x: bump to 13.18.5 The currently used version 13.8.0 has the following open CVEs: CVE-2016-7551 CVE-2016-9938 CVE-2017-14099 CVE-2017-14100 CVE-2017-14603 CVE-2017-16671 CVE-2017-16672 CVE-2017-17090 CVE-2017-17664 CVE-2017-17850 CVE-2017-7617 CVE-2017-9358 CVE-2017-17850 Upstream provided patches for these but used 13.13.0 or later versions as baseline. Multiple of these patches fail to apply to 13.8.0. So upgrade to the current version instead. Signed-off-by: Sebastian Kemper --- net/asterisk-13.x/Makefile | 9 ++++----- .../patches/004-ifdef-missing-execinfo.patch | 2 +- .../patches/040-fix-config-options.patch | 13 ------------- 3 files changed, 5 insertions(+), 19 deletions(-) delete mode 100644 net/asterisk-13.x/patches/040-fix-config-options.patch diff --git a/net/asterisk-13.x/Makefile b/net/asterisk-13.x/Makefile index 5ec4d1c..1d71454 100644 --- a/net/asterisk-13.x/Makefile +++ b/net/asterisk-13.x/Makefile @@ -9,12 +9,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=asterisk13 -PKG_VERSION:=13.8.0 +PKG_VERSION:=13.18.5 PKG_RELEASE:=1 PKG_SOURCE:=asterisk-$(PKG_VERSION).tar.gz -PKG_SOURCE_URL:=http://downloads.asterisk.org/pub/telephony/asterisk/releases/ -PKG_MD5SUM:=ad48eb4a01df72c8e30d3aec524b1a02 +PKG_SOURCE_URL:=https://downloads.asterisk.org/pub/telephony/asterisk/releases/ +PKG_MD5SUM:=4ad2a5ab1dd12cba5f37fca52961aa2a PKG_BUILD_DIR:=$(BUILD_DIR)/asterisk-$(PKG_VERSION) PKG_BUILD_DEPENDS:=libxml2/host @@ -94,7 +94,7 @@ define Package/asterisk13 $(call Package/asterisk13/Default) TITLE:=Complete open source PBX, v$(PKG_VERSION) MENU:=1 - DEPENDS:=+jansson +libncurses +libopenssl +libpopt +libsqlite3 +libstdcpp +libuuid +libxml2 +libxslt +zlib + DEPENDS:=+jansson +libncurses +libopenssl +libpopt +librt +libsqlite3 +libstdcpp +libuuid +libxml2 +libxslt +zlib endef define Package/asterisk13/description @@ -218,7 +218,6 @@ CONFIGURE_ARGS+= \ --without-tds \ --without-termcap \ --without-tinfo \ - --with-uuid="$(STAGING_DIR)/usr" \ --without-vorbis \ --without-vpb \ --with-z="$(STAGING_DIR)/usr" \ diff --git a/net/asterisk-13.x/patches/004-ifdef-missing-execinfo.patch b/net/asterisk-13.x/patches/004-ifdef-missing-execinfo.patch index 264eb41..0a03b38 100644 --- a/net/asterisk-13.x/patches/004-ifdef-missing-execinfo.patch +++ b/net/asterisk-13.x/patches/004-ifdef-missing-execinfo.patch @@ -31,7 +31,7 @@ @@ -114,9 +120,11 @@ struct ast_lock_track { int reentrancy; const char *func[AST_MAX_REENTRANCY]; - pthread_t thread[AST_MAX_REENTRANCY]; + pthread_t thread_id[AST_MAX_REENTRANCY]; +#ifndef __UCLIBC__ #ifdef HAVE_BKTR struct ast_bt backtrace[AST_MAX_REENTRANCY]; diff --git a/net/asterisk-13.x/patches/040-fix-config-options.patch b/net/asterisk-13.x/patches/040-fix-config-options.patch deleted file mode 100644 index 33233bd..0000000 --- a/net/asterisk-13.x/patches/040-fix-config-options.patch +++ /dev/null @@ -1,13 +0,0 @@ ---- a/main/config_options.c -+++ b/main/config_options.c -@@ -198,8 +198,8 @@ static int link_option_to_types(struct a - #ifdef AST_DEVMODE - opt->doc_unavailable = 1; - #endif --#endif - } -+#endif - } - /* The container(s) should hold the only ref to opt */ - ao2_ref(opt, -1); -