[Pkg-voip-commits] r9601 - in /asterisk/branches/squeeze/debian: changelog patches/AST-2012-002 patches/series

tzafrir at alioth.debian.org tzafrir at alioth.debian.org
Wed Mar 21 18:40:52 UTC 2012 

Author: tzafrir
Date: Wed Mar 21 18:40:51 2012
New Revision: 9601

URL: http://svn.debian.org/wsvn/pkg-voip/?sc=1&rev=9601
Log:
Patch AST-2012-002 (CVE-2012-1183): Closes: #664411.

Added:
    asterisk/branches/squeeze/debian/patches/AST-2012-002
Modified:
    asterisk/branches/squeeze/debian/changelog
    asterisk/branches/squeeze/debian/patches/series

Modified: asterisk/branches/squeeze/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-voip/asterisk/branches/squeeze/debian/changelog?rev=9601&op=diff
==============================================================================
--- asterisk/branches/squeeze/debian/changelog (original)
+++ asterisk/branches/squeeze/debian/changelog Wed Mar 21 18:40:51 2012
@@ -2,8 +2,9 @@
 
   * UNRELEASED.
   * Quote pathes in postinst script: Closes: #656208 (Pocos).
-
- -- Tzafrir Cohen <tzafrir at debian.org>  Wed, 18 Jan 2012 15:34:19 +0200
+  * Patch AST-2012-002 (CVE-2012-1183): Closes: #664411.
+
+ -- Tzafrir Cohen <tzafrir at debian.org>  Wed, 21 Mar 2012 19:42:00 +0200
 
 asterisk (1:1.6.2.9-2+squeeze4) stable-security; urgency=high
 

Added: asterisk/branches/squeeze/debian/patches/AST-2012-002
URL: http://svn.debian.org/wsvn/pkg-voip/asterisk/branches/squeeze/debian/patches/AST-2012-002?rev=9601&op=file
==============================================================================
--- asterisk/branches/squeeze/debian/patches/AST-2012-002 (added)
+++ asterisk/branches/squeeze/debian/patches/AST-2012-002 Wed Mar 21 18:40:51 2012
@@ -1,0 +1,13 @@
+Origin: http://downloads.asterisk.org/pub/security/AST-2012-002-1.6.2.diff
+
+--- a/apps/app_milliwatt.c
++++ b/apps/app_milliwatt.c
+@@ -74,7 +74,7 @@ static void milliwatt_release(struct ast
+ static int milliwatt_generate(struct ast_channel *chan, void *data, int len, int samples)
+ {
+ 	unsigned char buf[AST_FRIENDLY_OFFSET + 640];
+-	const int maxsamples = ARRAY_LEN(buf);
++	const int maxsamples = ARRAY_LEN(buf) - (AST_FRIENDLY_OFFSET / sizeof(buf[0]));
+ 	int i, *indexp = (int *) data;
+ 	struct ast_frame wf = {
+ 		.frametype = AST_FRAME_VOICE,

Modified: asterisk/branches/squeeze/debian/patches/series
URL: http://svn.debian.org/wsvn/pkg-voip/asterisk/branches/squeeze/debian/patches/series?rev=9601&op=diff
==============================================================================
--- asterisk/branches/squeeze/debian/patches/series (original)
+++ asterisk/branches/squeeze/debian/patches/series Wed Mar 21 18:40:51 2012
@@ -45,3 +45,5 @@
 
 # Also used directly in debian/rules:
 AST-2011-013
+
+AST-2012-002

More information about the Pkg-voip-commits mailing list