---
- branch: MAIN
  date: Sat Sep 20 19:12:16 UTC 2014
  files:
  - new: '1.111'
    old: '1.110'
    path: pkgsrc/comms/asterisk/Makefile
    pathrev: pkgsrc/comms/asterisk/Makefile@1.111
    type: modified
  - new: '1.66'
    old: '1.65'
    path: pkgsrc/comms/asterisk/distinfo
    pathrev: pkgsrc/comms/asterisk/distinfo@1.66
    type: modified
  id: 20140920T191216Z.a87057c6bf0bfcb5ce83ee2a9c697325cab12501
  log: |
    Update to Asterisk 11.12.1: this is mainly a security fix for AST-2014-010.

    The Asterisk Development Team has announced security releases for Certified
    Asterisk 11.6 and Asterisk 11 and 12. The available security releases are
    released as versions 11.6-cert6, 11.12.1, and 12.5.1.

    Please note that the release of these versions resolves the following security
    vulnerability:

    * AST-2014-010: Remote Crash when Handling Out of Call Message in Certain
                    Dialplan Configurations

    Note that the crash described in AST-2014-010 can be worked around through
    dialplan configuration. Given the likelihood of the issue, an advisory was
    deemed to be warranted.

    For more information about the details of these vulnerabilities, please read
    security advisories AST-2014-009 and AST-2014-010, which were released at the
    same time as this announcement.

    For a full list of changes in the current releases, please see the ChangeLogs:

    http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.12.1

    The security advisories are available at:

     * http://downloads.asterisk.org/pub/security/AST-2014-010.pdf

    Thank you for your continued support of Asterisk!
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/comms/asterisk'
  unixtime: '1411240336'
  user: jnemeth