From 9d426cf7a7701ee6707224d3e9f6d07553a56de1 Mon Sep 17 00:00:00 2001
From: Leo <thinkabit.ukim@gmail.com>
Date: Wed, 24 Feb 2021 17:10:49 -0300
Subject: [PATCH] main/asterisk: security upgrade to 18.2.1
fixes:
- CVE-2021-26717
- CVE-2021-26713
- CVE-2021-26712
- CVE-2021-26906
adds missing secfixes for:
- CVE-2020-35776
- CVE-2020-35652
- CVE-2020-28327
See: #12469
---
main/asterisk/APKBUILD | 14 ++++++++++++--
1 file changed, 12 insertions(+), 2 deletions(-)
diff --git a/main/asterisk/APKBUILD b/main/asterisk/APKBUILD
index 9672c447caa4..5d9d7a718cda 100644
--- a/main/asterisk/APKBUILD
+++ b/main/asterisk/APKBUILD
@@ -3,7 +3,7 @@
# Contributor: Timo Teras <timo.teras@iki.fi>
# Maintainer: Timo Teras <timo.teras@iki.fi>
pkgname=asterisk
-pkgver=18.1.1
+pkgver=18.2.1
pkgrel=0
pkgdesc="Modular Open Source PBX System"
pkgusers="asterisk"
@@ -38,6 +38,16 @@ source="$_download/asterisk-$pkgver.tar.gz
asterisk.logrotate"
# secfixes:
+# 18.2.1-r0:
+# - CVE-2021-26712
+# - CVE-2021-26713
+# - CVE-2021-26717
+# - CVE-2021-26906
+# 18.1.1-r0:
+# - CVE-2020-35652
+# - CVE-2020-35776
+# 18.0.1-r0:
+# - CVE-2020-28327
# 16.6.2-r0:
# - CVE-2019-18610
# - CVE-2019-18790
@@ -175,7 +185,7 @@ sound_en() {
chown -R asterisk:asterisk "$subpkgdir"/var/*/asterisk
}
-sha512sums="e3cf0c41584ccdb573038ee47669dda85560ab9ceb2ca2b39abcd994d9f9cc7d2ef9d6d69747a5e866474ea8bedbe413b5221b3801f4dba552ce848e4904f4dd asterisk-18.1.1.tar.gz
+sha512sums="9d7ab83059509dacfab85fdecbdecdb9a90d5da5e3e7f2dce3b49edbbcf5198e19afe8c23b6c4fa480285f00406e74e29bf16bb40cb90a96d03b3e6b315191f9 asterisk-18.2.1.tar.gz
aacef3f4796fb1abd33266998b53909cb4b36e7cc5ad2f7bac68bdc43e9a9072d9a4e2e7e681bddfa31f3d04575eb248afe6ea95da780c67e4829c1e22adfe1b asterisk-addon-mp3-r201.patch.gz
771237ba6d42ab62d914f2702234b23fd0bc8c22f2aa33b0e745c9170163c8046f6d48ecb299faab3d6fb397f1aa046421083c3cc88510c9779861c522f357dd 10-musl-mutex-init.patch
0fae11b42894ab3d405bc50e9275b9084712b482fbf9b4259ea938667fc5cbe413655f3ff83da0f607151bb2b6e49c2f741b5ada6944dbb478f076ef8d86380a 20-musl-astmm-fix.patch
--
GitLab