From 4e4b2817944ec2c03a78b6ab2e7823a86f713d59 Mon Sep 17 00:00:00 2001 From: Sebastian Kemper Date: Fri, 29 Dec 2023 09:03:00 +0100 Subject: [PATCH] asterisk: bump to 20.5.2 - Resolves GHSA-98rc-4j27-74hh, GHSA-hxj9-xwr8-w8pq, GHSA-5743-x3p5-3rg7 and GHSA-8857-hfmw-vg8f - patches refreshed - patch 180-app_queue_time_t.patch added to fix new warnings, sent upstream (see [1]) - 180-res_crypto.c-Avoid-using-the-non-portable-ALLPERMS-m.patch and 190-chan_iax2.c-Avoid-crash-with-IAX2-switch-support.patch removed as they're included in upstream release tar ball. [1] https://github.com/asterisk/asterisk/pull/516 Signed-off-by: Sebastian Kemper --- net/asterisk/Makefile | 6 ++-- net/asterisk/patches/130-eventfd.patch | 2 +- .../patches/140-use-default-lua.patch | 2 +- .../patches/180-app_queue_time_t.patch | 17 ++++++++++ ...id-using-the-non-portable-ALLPERMS-m.patch | 33 ------------------- ...Avoid-crash-with-IAX2-switch-support.patch | 25 -------------- 6 files changed, 22 insertions(+), 63 deletions(-) create mode 100644 net/asterisk/patches/180-app_queue_time_t.patch delete mode 100644 net/asterisk/patches/180-res_crypto.c-Avoid-using-the-non-portable-ALLPERMS-m.patch delete mode 100644 net/asterisk/patches/190-chan_iax2.c-Avoid-crash-with-IAX2-switch-support.patch diff --git a/net/asterisk/Makefile b/net/asterisk/Makefile index 361928c..e5075ca 100644 --- a/net/asterisk/Makefile +++ b/net/asterisk/Makefile @@ -8,13 +8,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=asterisk -PKG_VERSION:=20.3.0 -PKG_RELEASE:=2 +PKG_VERSION:=20.5.2 +PKG_RELEASE:=1 PKG_CPE_ID:=cpe:/a:digium:asterisk PKG_SOURCE:=asterisk-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://downloads.asterisk.org/pub/telephony/asterisk/releases -PKG_HASH:=2e70b4bb40114966c6572eae38b5106b588a7a759d41f1c90a6032407dd60463 +PKG_HASH:=8f68e1789dfb8aa04b0eba87ea1d599a62e088ddd20926afc997f36b455e1859 PKG_BUILD_DEPENDS:=libxml2/host diff --git a/net/asterisk/patches/130-eventfd.patch b/net/asterisk/patches/130-eventfd.patch index ba54c74..60e7d26 100644 --- a/net/asterisk/patches/130-eventfd.patch +++ b/net/asterisk/patches/130-eventfd.patch @@ -1,6 +1,6 @@ --- a/configure.ac +++ b/configure.ac -@@ -1256,7 +1256,7 @@ if test "${ac_cv_have_variable_fdset}x" +@@ -1257,7 +1257,7 @@ if test "${ac_cv_have_variable_fdset}x" fi AC_MSG_CHECKING([if we have usable eventfd support]) diff --git a/net/asterisk/patches/140-use-default-lua.patch b/net/asterisk/patches/140-use-default-lua.patch index 6d38d18..006a07f 100644 --- a/net/asterisk/patches/140-use-default-lua.patch +++ b/net/asterisk/patches/140-use-default-lua.patch @@ -1,6 +1,6 @@ --- a/configure.ac +++ b/configure.ac -@@ -2616,7 +2616,7 @@ if test -z "$__opus_include" -o x"$__opu +@@ -2608,7 +2608,7 @@ if test -z "$__opus_include" -o x"$__opu fi AST_EXT_LIB_CHECK([OPUSFILE], [opusfile], [op_open_callbacks], [opus/opusfile.h], [], [$__opus_include]) diff --git a/net/asterisk/patches/180-app_queue_time_t.patch b/net/asterisk/patches/180-app_queue_time_t.patch new file mode 100644 index 0000000..d582a39 --- /dev/null +++ b/net/asterisk/patches/180-app_queue_time_t.patch @@ -0,0 +1,17 @@ +--- a/apps/app_queue.c ++++ b/apps/app_queue.c +@@ -4614,8 +4614,12 @@ static int is_longest_waiting_caller(str + * will be unused until the first caller is picked up. + */ + if (ch->start < caller->start && !ch->pending) { +- ast_debug(1, "Queue %s has a call at position %i that's been waiting longer (%li vs %li)\n", +- q->name, ch->pos, ch->start, caller->start); ++ char time1[AST_TIME_T_LEN]; ++ char time2[AST_TIME_T_LEN]; ++ ast_time_t_to_string(ch->start, time1, sizeof(time1)); ++ ast_time_t_to_string(caller->start, time2, sizeof(time2)); ++ ast_debug(1, "Queue %s has a call at position %i that's been waiting longer (%s vs %s)\n", ++ q->name, ch->pos, time1, time2); + is_longest_waiting = 0; + break; + } diff --git a/net/asterisk/patches/180-res_crypto.c-Avoid-using-the-non-portable-ALLPERMS-m.patch b/net/asterisk/patches/180-res_crypto.c-Avoid-using-the-non-portable-ALLPERMS-m.patch deleted file mode 100644 index ff801c6..0000000 --- a/net/asterisk/patches/180-res_crypto.c-Avoid-using-the-non-portable-ALLPERMS-m.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 94c884d5b8afca96164852cfb29fc496bc5b9e0a Mon Sep 17 00:00:00 2001 -From: Sean Bright -Date: Mon, 5 Jun 2023 18:17:47 -0400 -Subject: [PATCH] res_crypto.c: Avoid using the non-portable ALLPERMS macro. - -ALLPERMS is not POSIX and it's trivial enough to not jump through -autoconf hoops to check for it. - -Fixes #149. ---- - res/res_crypto.c | 9 +++++++-- - 1 file changed, 7 insertions(+), 2 deletions(-) - ---- a/res/res_crypto.c -+++ b/res/res_crypto.c -@@ -217,10 +217,15 @@ static struct ast_key *try_load_key(cons - return NULL; - } - -+ /* PERM_MASK is a bitwise OR of all possible file mode bits encoded in the -+ * `st_mode` member of `struct stat`. For POSIX compatible systems this -+ * will be 07777. */ -+#define PERM_MASK (S_ISUID|S_ISGID|S_ISVTX|S_IRWXU|S_IRWXG|S_IRWXO) -+ - /* only user read or read/write modes allowed */ - if (ktype == AST_KEY_PRIVATE && -- ((st.st_mode & ALLPERMS) & ~(S_IRUSR | S_IWUSR)) != 0) { -- ast_log(LOG_ERROR, "Private key file has bad permissions: %s: %#4o\n", ffname, st.st_mode & ALLPERMS); -+ ((st.st_mode & PERM_MASK) & ~(S_IRUSR | S_IWUSR)) != 0) { -+ ast_log(LOG_ERROR, "Private key file has bad permissions: %s: %#4o\n", ffname, st.st_mode & PERM_MASK); - fclose(f); - return NULL; - } diff --git a/net/asterisk/patches/190-chan_iax2.c-Avoid-crash-with-IAX2-switch-support.patch b/net/asterisk/patches/190-chan_iax2.c-Avoid-crash-with-IAX2-switch-support.patch deleted file mode 100644 index dc8e180..0000000 --- a/net/asterisk/patches/190-chan_iax2.c-Avoid-crash-with-IAX2-switch-support.patch +++ /dev/null @@ -1,25 +0,0 @@ -From d26a00ef3484f7fa602044e73e31bcefc8ca1917 Mon Sep 17 00:00:00 2001 -From: Sean Bright -Date: Fri, 7 Jul 2023 15:57:39 -0400 -Subject: [PATCH] chan_iax2.c: Avoid crash with IAX2 switch support. - -A change made in 82cebaa0 did not properly handle the case when a -channel was not provided, triggering a crash. ast_check_hangup(...) -does not protect against NULL pointers. - -Fixes #180 ---- - channels/chan_iax2.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - ---- a/channels/chan_iax2.c -+++ b/channels/chan_iax2.c -@@ -14323,7 +14323,7 @@ static struct iax2_dpcache *find_cache(s - ast_log(LOG_WARNING, "Timeout waiting for %s exten %s\n", data, exten); - } - -- if (ast_check_hangup(chan)) { -+ if (chan && ast_check_hangup(chan)) { - doabort = 1; - } - -- 2.30.2