[Pkg-voip-commits] r7849 - in /asterisk/branches/lenny/debian: changelog patches/AST-2009-010 patches/series

tzafrir-guest at alioth.debian.org tzafrir-guest at alioth.debian.org
Wed Dec 2 11:18:30 UTC 2009 

Author: tzafrir-guest
Date: Wed Dec  2 11:18:29 2009
New Revision: 7849

URL: http://svn.debian.org/wsvn/pkg-voip/?sc=1&rev=7849
Log:
Fix for AST-2009-010 (CVE-2009-4055) - Long RTP comfort noise bug
(Closes: #559103).

Added:
    asterisk/branches/lenny/debian/patches/AST-2009-010
Modified:
    asterisk/branches/lenny/debian/changelog
    asterisk/branches/lenny/debian/patches/series

Modified: asterisk/branches/lenny/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-voip/asterisk/branches/lenny/debian/changelog?rev=7849&op=diff
==============================================================================
--- asterisk/branches/lenny/debian/changelog (original)
+++ asterisk/branches/lenny/debian/changelog Wed Dec  2 11:18:29 2009
@@ -23,6 +23,8 @@
   * Create the /usr/share/asterisk/agi-bin directory. (Closes: #463983)
   * Use a disabled [directories] in asterisk.conf rather than an invalid
     [globals] (Closes: #532313).
+  * Fix for AST-2009-010 (CVE-2009-4055) - Long RTP comfort noise bug
+    (Closes: #559103).
 
  -- Faidon Liambotis <paravoid at debian.org>  Mon, 30 Nov 2009 05:26:29 +0200
 

Added: asterisk/branches/lenny/debian/patches/AST-2009-010
URL: http://svn.debian.org/wsvn/pkg-voip/asterisk/branches/lenny/debian/patches/AST-2009-010?rev=7849&op=file
==============================================================================
--- asterisk/branches/lenny/debian/patches/AST-2009-010 (added)
+++ asterisk/branches/lenny/debian/patches/AST-2009-010 Wed Dec  2 11:18:29 2009
@@ -1,0 +1,20 @@
+Source: http://svn.digium.com/svn/asterisk/branches/1.4@231441
+Debian Issue: #559103
+CVE: CVE-2009-4055
+Date: Mon Nov 30 17:14:08 2009 +0000
+Upstream Issue: https://issues.asterisk.org/view.php?id=16242
+
+fixes crash caused by RTP comfort noise payload greater than 24 bytes
+
+diff --git a/main/rtp.c b/main/rtp.c
+index 12e3638..a124bb7 100644
+--- a/main/rtp.c
++++ b/main/rtp.c
+@@ -848,7 +848,6 @@ static struct ast_frame *process_rfc3389(struct ast_rtp *rtp, unsigned char *dat
+ 	}
+ 	rtp->f.frametype = AST_FRAME_CNG;
+ 	rtp->f.subclass = data[0] & 0x7f;
+-	rtp->f.datalen = len - 1;
+ 	rtp->f.samples = 0;
+ 	rtp->f.delivery.tv_usec = rtp->f.delivery.tv_sec = 0;
+ 	f = &rtp->f;

Modified: asterisk/branches/lenny/debian/patches/series
URL: http://svn.debian.org/wsvn/pkg-voip/asterisk/branches/lenny/debian/patches/series?rev=7849&op=diff
==============================================================================
--- asterisk/branches/lenny/debian/patches/series (original)
+++ asterisk/branches/lenny/debian/patches/series Wed Dec  2 11:18:29 2009
@@ -104,3 +104,5 @@
 #AST-2009-006
 
 AST-2009-008
+
+AST-2009-010

More information about the Pkg-voip-commits mailing list