main/asterisk: security fixes CVE-2014-2286 and CVE-2014-2287

cherry-pick the security fixes for:
AST-2014-001, CVE-2014-2286: Stack Overflow in HTTP/Cookie Headers handling
AST-2014-002, CVE-2014-2287: DoS FD Exhaustion with chan_sip Session-Timers

1 files changed, 11 insertions, 2 deletions

diff --git a/main/asterisk/APKBUILD b/main/asterisk/APKBUILD
index 4b0c090c6d..418a3ef178 100644
--- a/main/asterisk/APKBUILD
+++ b/main/asterisk/APKBUILD
@@ -2,7 +2,7 @@
 # Maintainer: Timo Teras <timo.teras@iki.fi>
 pkgname=asterisk
 pkgver=11.6.1
-pkgrel=0
+pkgrel=1
 pkgdesc="Asterisk: A Module Open Source PBX System"
 pkgusers="asterisk"
 pkggroups="asterisk"
@@ -32,6 +32,8 @@ done
 
 source="$_download/asterisk-$_xy.0.tar.gz
 	$_patches
+	http://downloads.asterisk.org/pub/security/AST-2014-001-11.diff
+	http://downloads.asterisk.org/pub/security/AST-2014-002-11.diff
 	100-uclibc-daemon.patch
 	101-caps-uclibc.patch
 	ASTERISK-18995.patch
@@ -52,7 +54,8 @@ prepare() {
 	cd "$_builddir"
 	for i in $source; do
 		case $i in
-		*.patch) msg "$i"; patch -p1 -i "$srcdir"/$i || return 1;;
+		*.diff) msg "$i"; patch -p0 -i "$srcdir"/${i##*/} || return 1;;
+		*.patch) msg "$i"; patch -p1 -i "$srcdir"/${i##*/} || return 1;;
 		*-patch.gz) msg "${i##*/}"; gunzip < "$srcdir"/${i##*/} | patch -p0 || return 1;;
 		esac
 	done
@@ -220,6 +223,8 @@ sound_en() {
 
 md5sums="698acb491e20990e87bbbcf1462c8538  asterisk-11.6.0.tar.gz
 23b7d9325fdd1827c2414f40e818087d  asterisk-11.6.1-patch.gz
+3e9a5e5968a633e58b709a146751fa90  AST-2014-001-11.diff
+78d3243be174884a294405e97daedd97  AST-2014-002-11.diff
 837fc3bc835699462a8d2a7a16b9b6a3  100-uclibc-daemon.patch
 6e1129e30c4fd2c25c86c81685a485a9  101-caps-uclibc.patch
 bc6713f5434e07b79d3afdd155461d72  ASTERISK-18995.patch
@@ -230,6 +235,8 @@ ed31d7ba37bcf8b0346dcf8593c395f0  asterisk.confd
 3e65172275684373e1a25c8a11224411  asterisk.logrotate"
 sha256sums="80aa523bdaab71ce419022d8c851aaeda718dc5bbf5fe8cb99786da546dd8cee  asterisk-11.6.0.tar.gz
 86e738f2f9cf9debe7c59feca44d99752627df789804678df84bd430c7b5cdca  asterisk-11.6.1-patch.gz
+bd469f665c1a4fb65811542170a91922e935faac4b816ef302f41ddafb7604fa  AST-2014-001-11.diff
+85d5345a3ed8f6e993e418bffe5d991d5d04c762156274e2c5924c3045037105  AST-2014-002-11.diff
 6f56ea997513c10fa39835e8dd11fbfb4ec0bb23f4b771963e56691b15a5c003  100-uclibc-daemon.patch
 c2ef786e9a8082fe8ba7b4eb2f130925cb823d100ec567909ad465c279e335bf  101-caps-uclibc.patch
 7a7140156ae7fc7e833035db1e428db8d90159579cd2678c4b5cc829ded47485  ASTERISK-18995.patch
@@ -240,6 +247,8 @@ d221148583b57f9c37d7160f2493f0d204ad11f7abb17e3a3534e108ad5452d7  asterisk.confd
 77b253b6db71460acf9a51e87ad4c8582027a46db01a4c50fb048bada58c19d1  asterisk.logrotate"
 sha512sums="8f7bc0428f45ab32ba03a3e047fa95da2ab04eb701b0262c393aef1ce618df45b360a59f5d84939309ab3f68284ceb8a59eef94901e897cd688d8a3296b27886  asterisk-11.6.0.tar.gz
 d52b20c3ac2959a84b1879c4a697c36b46982538126b3bff1efbb0986a6eba906bab66b1b72a48ab6d21238778e0369d49f923451e0f200455a0430acca867c0  asterisk-11.6.1-patch.gz
+f1e53346687fbb444fb4f532c43bd156161ba79b2461d040d19e78410e2d265e305365380b77523359fb1c559bd6851d725001fffe68596b732ba69f14b1b2e2  AST-2014-001-11.diff
+cdf711e1e6e663eed66560956f1d85b80035339ece24f4ecb165144f0e51f7979f551aeb10e60bb9f7350b055e66305d906f230ab36e82c7ba3f05f1c4ef5e96  AST-2014-002-11.diff
 24a0d3c0ae86117ead8d2e35fc9a5945e04b9f80f3baf122337c8361c015e5ad904c206579962aefe3eb35a1fbf269515228ae5f34a801d7725d73dc235cf831  100-uclibc-daemon.patch
 601681b9a33e77b33a0393a494c4140aa6c1f174c514093242a4081661bb7f78b6af867100996c97f3bf12e8dd10873dd3e116b61e2a0e04832f4ee470664368  101-caps-uclibc.patch
 42b2385d88e72473fe34c63e1be8cdf7f37688649fe5bf033b5ba17627008b771aec8f0a583e9ad483a20f9e1f7c33922cb42bf5b73adc68aa43fd46c5da1daa  ASTERISK-18995.patch