asterisk: 18.16.0 -> 18.17.1, 20.1.0 -> 20.2.1

pjsip 2.13.0 and related security patches have been added
This commit is contained in:
Yorick van Pelt 2023-04-19 12:02:06 +02:00
parent 24d6aa1a90
commit f51c667a29
No known key found for this signature in database
GPG key ID: A36E70F9DC014A15
2 changed files with 38 additions and 32 deletions

View file

@ -37,24 +37,20 @@
let let
# remove when upgrading to pjsip >2.13 # remove when upgrading to pjsip >2.13
pjsip_patches = [ pjsip_2_13_patches = [
(fetchpatch { (fetchpatch {
name = "0152-CVE-2022-39269.patch"; name = "CVE-2022-23537.patch";
url = "https://github.com/pjsip/pjproject/commit/d2acb9af4e27b5ba75d658690406cec9c274c5cc.patch"; url = "https://github.com/pjsip/pjproject/commit/d8440f4d711a654b511f50f79c0445b26f9dd1e1.patch";
sha256 = "sha256-bKE/MrRAqN1FqD2ubhxIOOf5MgvZluHHeVXPjbR12iQ="; sha256 = "sha256-7ueQCHIiJ7MLaWtR4+GmBc/oKaP+jmEajVnEYqiwLRA=";
}) })
(fetchpatch { (fetchpatch {
name = "pjsip-2.12.1-CVE-2022-23537.patch"; name = "CVE-2022-23547.patch";
url = "https://raw.githubusercontent.com/NixOS/nixpkgs/ca2b44568eb0ffbd0b5a22eb70feb6dbdcda8e9c/pkgs/applications/networking/pjsip/1.12.1-CVE-2022-23537.patch"; url = "https://github.com/pjsip/pjproject/commit/bc4812d31a67d5e2f973fbfaf950d6118226cf36.patch";
sha256 = "sha256-KNSnHt0/o1qJk4r2z5bxbYxKAa7WBtzGOhRXkru3VK4="; sha256 = "sha256-bpc8e8VAQpfyl5PX96G++6fzkFpw3Or1PJKNPKl7N5k=";
})
(fetchpatch {
name = "pjsip-2.12.1-CVE-2022-23547.patch";
url = "https://raw.githubusercontent.com/NixOS/nixpkgs/ca2b44568eb0ffbd0b5a22eb70feb6dbdcda8e9c/pkgs/applications/networking/pjsip/1.12.1-CVE-2022-23547.patch";
sha256 = "sha256-0iEr/Z4UQpWsTXYWVYzWWk7MQDOFnTQ1BBYpynGLTVQ=";
}) })
]; ];
common = { version, sha256, externals }: stdenv.mkDerivation {
common = { version, sha256, externals, pjsip_patches ? [ ] }: stdenv.mkDerivation {
inherit version; inherit version;
pname = "asterisk" pname = "asterisk"
+ lib.optionalString ldapSupport "-ldap"; + lib.optionalString ldapSupport "-ldap";
@ -159,9 +155,12 @@ let
}; };
}; };
pjproject_2_12_1 = fetchurl { pjproject_2_13 = fetchurl
url = "https://raw.githubusercontent.com/asterisk/third-party/master/pjproject/2.12.1/pjproject-2.12.1.tar.bz2"; {
hash = "sha256-DiNH1hB5ZheYzyUjFyk1EtlsMJlgjf+QRVKjEk+hNjc="; url = "https://raw.githubusercontent.com/asterisk/third-party/master/pjproject/2.13/pjproject-2.13.tar.bz2";
hash = "sha256-Zj93PUAct13KVR5taOWEbQdKq76wicaBTNHpHC0rICY=";
} // {
pjsip_patches = pjsip_2_13_patches;
}; };
mp3-202 = fetchsvn { mp3-202 = fetchsvn {
@ -180,13 +179,18 @@ let
# auto-generated by update.py # auto-generated by update.py
versions = lib.mapAttrs versions = lib.mapAttrs
(_: { version, sha256 }: common { (_: { version, sha256 }:
inherit version sha256; let
externals = { pjsip = pjproject_2_13;
"externals_cache/pjproject-2.12.1.tar.bz2" = pjproject_2_12_1; in
"addons/mp3" = mp3-202; common {
}; inherit version sha256;
}) inherit (pjsip) pjsip_patches;
externals = {
"externals_cache/${pjsip.name}" = pjsip;
"addons/mp3" = mp3-202;
};
})
(lib.importJSON ./versions.json); (lib.importJSON ./versions.json);
updateScript_python = python39.withPackages (p: with p; [ packaging beautifulsoup4 requests ]); updateScript_python = python39.withPackages (p: with p; [ packaging beautifulsoup4 requests ]);
@ -197,18 +201,20 @@ let
in in
{ {
# Supported releases (as of 2022-04-05). # Supported releases (as of 2023-04-19).
# v16 and v19 have been dropped because they go EOL before the NixOS 23.11 release.
# Source: https://wiki.asterisk.org/wiki/display/AST/Asterisk+Versions # Source: https://wiki.asterisk.org/wiki/display/AST/Asterisk+Versions
# Exact version can be found at https://www.asterisk.org/downloads/asterisk/all-asterisk-versions/ # Exact version can be found at https://www.asterisk.org/downloads/asterisk/all-asterisk-versions/
# #
# Series Type Rel. Date Sec. Fixes EOL # Series Type Rel. Date Sec. Fixes EOL
# 16.x LTS 2018-10-09 2022-10-09 2023-10-09 # 16.x LTS 2018-10-09 2022-10-09 2023-10-09 (dropped)
# 18.x LTS 2020-10-20 2024-10-20 2025-10-20 # 18.x LTS 2020-10-20 2024-10-20 2025-10-20
# 19.x Standard 2021-11-02 2022-11-02 2023-11-02 # 19.x Standard 2021-11-02 2022-11-02 2023-11-02 (dropped)
# 20.x LTS 2022-11-02 2026-10-19 2027-10-19 # 20.x LTS 2022-11-02 2026-10-19 2027-10-19
# 21.x Standard 2023-10-18 2025-10-18 2026-10-18 (unreleased)
asterisk-lts = versions.asterisk_18; asterisk-lts = versions.asterisk_18;
asterisk-stable = versions.asterisk_19; asterisk-stable = versions.asterisk_20;
asterisk = versions.asterisk_19.overrideAttrs (o: { asterisk = versions.asterisk_20.overrideAttrs (o: {
passthru = (o.passthru or { }) // { inherit updateScript; }; passthru = (o.passthru or { }) // { inherit updateScript; };
}); });

View file

@ -4,15 +4,15 @@
"version": "16.30.0" "version": "16.30.0"
}, },
"asterisk_18": { "asterisk_18": {
"sha256": "2d280794ae7505ed3dfc58b3190774cb491aa74c339fbde1a11740e6be79b466", "sha256": "66f0e55d84f9e5bf4e79a56255d35a034448acce00d219c3bf4930b1ebb0e88e",
"version": "18.16.0" "version": "18.17.1"
}, },
"asterisk_19": { "asterisk_19": {
"sha256": "f0c56d1f8e39e0427455edfe25d24ff088c756bdc32dd1278c9f7a320815cbaa", "sha256": "f0c56d1f8e39e0427455edfe25d24ff088c756bdc32dd1278c9f7a320815cbaa",
"version": "19.8.0" "version": "19.8.0"
}, },
"asterisk_20": { "asterisk_20": {
"sha256": "4364dc762652e2fd4d3e7dc8428c83550ebae090b8a0e9d4820583e081778883", "sha256": "df12e47000fbac42bb780bb06172aa8bb8ac26faf77cc9f95184695b0cec69c3",
"version": "20.1.0" "version": "20.2.1"
} }
} }