Bug#633481: asterisk: Security upgrade for Lenny missing ast_str_strlen symbol
Tzafrir Cohen
tzafrir.cohen at xorcom.com
Sun Jul 10 19:08:40 UTC 2011
Hi,
On Sun, Jul 10, 2011 at 11:58:57AM -0500, Mike McCallister wrote:
> Package: asterisk
> Version: 1:1.4.21.2~dfsg-3+lenny3
> Severity: grave
> Justification: renders package unusable
>
>
> I installed the latest security patch for Asterisk on my Lenny system
> today. It starts successfully, but immediately exits. When I start it
> from the command line with the -v parameter, the last few lines of
> output are:
>
> app_mixmonitor.so => (Mixed Audio Monitoring Application)
> app_authenticate.so => (Authentication Application)
> func_groupcount.so => (Channel group dialplan functions)
> app_milliwatt.so => (Digital Milliwatt (mu-law) Test Application)
> app_image.so => (Image Transmission Application)
> app_adsiprog.so => (Asterisk ADSI Programming Application)
> Asterisk Ready.
> asterisk: symbol lookup error: /usr/lib/asterisk/modules/chan_sip.so: undefined symbol: ast_str_strlen
The issue is indeed with patch AST-2011-008. Now fixed in SVN. In 1.4
there's no need for ast_str_strlen (which does not work with plain
null-termilated strings anyway).
As a temporary workaround, in case you can't downgrade or (soon)
upgrade: disable chan_sip.so in modules.conf.
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.cohen at xorcom.com
+972-50-7952406 mailto:tzafrir.cohen at xorcom.com
http://www.xorcom.com iax:guest at local.xorcom.com/tzafrir
More information about the Pkg-voip-maintainers
mailing list