CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2011/04/21 16:28:40
Modified files:
telephony/asterisk: Makefile distinfo
Log message:
SECURITY update to 1.8.3.3
- AST-2011-006, shell access via remote authenticated manager
sessions (logged-in manager users can execute shell commands via
the manager interface without having the "system" privilege that
should be required)
- AST-2011-005, DoS with remote unauthenticated sessions (add limits
to prevent unauthenticated users from tying up all available FDs for
the manager interface, SIP-over-TCP, Skinny and the built in HTTP
server).
(updating by way of upstream patch file, the full tar.gz isn't
available yet).
