CVSROOT: /cvs Module name: ports Changes by: st...@cvs.openbsd.org 2017/04/05 04:27:36
Modified files: telephony/asterisk: Makefile distinfo Log message: update to asterisk-13.14.1 http://downloads.digium.com/pub/security/AST-2017-001.html CDR: Protect from data overflow in ast_cdr_setuserfield. ast_cdr_setuserfield wrote to a fixed length field using strcpy. This could result in a buffer overrun when called from chan_sip or func_cdr. This patch adds a maximum bytes written to the field by using ast_copy_string instead.