[Pkg-voip-commits] r8833 - in /asterisk/branches/lenny-security/debian: changelog patches/AST-2011-003 patches/series
tzafrir at alioth.debian.org
tzafrir at alioth.debian.org
Thu Mar 17 11:11:35 UTC 2011
Author: tzafrir
Date: Thu Mar 17 11:11:32 2011
New Revision: 8833
URL: http://svn.debian.org/wsvn/pkg-voip/?sc=1&rev=8833
Log:
Patch AST-2011-003: Potential DoS attac on the manager interface.
Added:
asterisk/branches/lenny-security/debian/patches/AST-2011-003
Modified:
asterisk/branches/lenny-security/debian/changelog
asterisk/branches/lenny-security/debian/patches/series
Modified: asterisk/branches/lenny-security/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-voip/asterisk/branches/lenny-security/debian/changelog?rev=8833&op=diff
==============================================================================
--- asterisk/branches/lenny-security/debian/changelog (original)
+++ asterisk/branches/lenny-security/debian/changelog Thu Mar 17 11:11:32 2011
@@ -1,9 +1,10 @@
asterisk (1:1.4.21.2~dfsg-3+lenny2.1) oldstable-security; urgency=low
- * Patch AST-2011-002: Multiple crash vulnerabilities in UDPTL code.
+ * Patch AST-2011-002: Multiple crash vulnerabilities in UDPTL code.
+ * Patch AST-2011-003: Potential DoS attac on the manager interface.
* My new @debian.org address
- -- Tzafrir Cohen <tzafrir at debian.org> Tue, 22 Feb 2011 14:23:45 +0200
+ -- Tzafrir Cohen <tzafrir at debian.org> Thu, 17 Mar 2011 12:21:06 +0200
asterisk (1:1.4.21.2~dfsg-3+lenny2) oldstable-security; urgency=high
Added: asterisk/branches/lenny-security/debian/patches/AST-2011-003
URL: http://svn.debian.org/wsvn/pkg-voip/asterisk/branches/lenny-security/debian/patches/AST-2011-003?rev=8833&op=file
==============================================================================
--- asterisk/branches/lenny-security/debian/patches/AST-2011-003 (added)
+++ asterisk/branches/lenny-security/debian/patches/AST-2011-003 Thu Mar 17 11:11:32 2011
@@ -1,0 +1,52 @@
+Description: Resource exhaustion in Asterisk Manager Interface
+Origin: http://downloads.asterisk.org/pub/security/AST-2011-003-1.6.1.diff
+
+Rapidly opening manager connections, sending invalid data, and closing the
+connection can cause Asterisk to exhaust available CPU and memory resources.
+
+The manager interface is disabled by default in upstream, but enabled
+by default (listening on localhost only) in the version in Debian 5.0 (Lenny)
+and 6.0 (Squeeze).
+
+Backported from the upstream patch for 1.6.1.
+See also http://downloads.asterisk.org/pub/security/AST-2011-003.html
+
+diff --git a/main/manager.c b/main/manager.c
+index 2dc7664..f89a84d 100644
+--- a/main/manager.c
++++ b/main/manager.c
+@@ -180,6 +180,7 @@ struct mansession {
+ int writetimeout;
+ int pending_event; /*!< Pending events indicator in case when waiting_thread is NULL */
+ AST_LIST_ENTRY(mansession) list;
++ int write_error:1;
+ };
+
+ static AST_LIST_HEAD_STATIC(sessions, mansession);
+@@ -494,9 +495,14 @@ void astman_append(struct mansession *s, const char *fmt, ...)
+ ast_dynamic_str_thread_set_va(&buf, 0, &astman_append_buf, fmt, ap);
+ va_end(ap);
+
+- if (s->fd > -1)
+- ast_carefulwrite(s->fd, buf->str, strlen(buf->str), s->writetimeout);
+- else {
++ if (s->fd > -1) {
++ int res;
++
++ res = ast_carefulwrite(s->fd, buf->str, strlen(buf->str), s->writetimeout);
++ if (res) {
++ s->write_error = 1;
++ }
++ } else {
+ if (!s->outputstr && !(s->outputstr = ast_calloc(1, sizeof(*s->outputstr)))) {
+ ast_mutex_unlock(&s->__lock);
+ return;
+@@ -2314,7 +2320,7 @@ static void *session_do(void *data)
+
+ astman_append(s, "Asterisk Call Manager/1.0\r\n");
+ for (;;) {
+- if ((res = do_message(s)) < 0)
++ if ((res = do_message(s)) < 0 || s->write_error)
+ break;
+ }
+ if (s->authenticated) {
Modified: asterisk/branches/lenny-security/debian/patches/series
URL: http://svn.debian.org/wsvn/pkg-voip/asterisk/branches/lenny-security/debian/patches/series?rev=8833&op=diff
==============================================================================
--- asterisk/branches/lenny-security/debian/patches/series (original)
+++ asterisk/branches/lenny-security/debian/patches/series Thu Mar 17 11:11:32 2011
@@ -103,3 +103,4 @@
ast_uri_validhex
AST-2011-001
AST-2011-002
+AST-2011-003
More information about the Pkg-voip-commits
mailing list