diff options
| author | Yorick van Pelt <yorick@yorickvanpelt.nl> | 2023-04-19 12:02:06 +0200 |
|---|---|---|
| committer | Yorick van Pelt <yorick@yorickvanpelt.nl> | 2023-04-23 15:55:53 +0200 |
| commit | f51c667a290311d9abdbb6be1e775ba9917971ec (patch) | |
| tree | 9698184260f79af4a52ff4e09b8a41c5f06a7e36 | |
| parent | 24d6aa1a9003225dfdbed496704f6d363e272a09 (diff) | |
| download | nixpkgs-f51c667a290311d9abdbb6be1e775ba9917971ec.tar nixpkgs-f51c667a290311d9abdbb6be1e775ba9917971ec.tar.gz nixpkgs-f51c667a290311d9abdbb6be1e775ba9917971ec.tar.bz2 nixpkgs-f51c667a290311d9abdbb6be1e775ba9917971ec.tar.lz nixpkgs-f51c667a290311d9abdbb6be1e775ba9917971ec.tar.xz nixpkgs-f51c667a290311d9abdbb6be1e775ba9917971ec.tar.zst nixpkgs-f51c667a290311d9abdbb6be1e775ba9917971ec.zip | |
asterisk: 18.16.0 -> 18.17.1, 20.1.0 -> 20.2.1
pjsip 2.13.0 and related security patches have been added
| -rw-r--r-- | pkgs/servers/asterisk/default.nix | 62 | ||||
| -rw-r--r-- | pkgs/servers/asterisk/versions.json | 8 |
2 files changed, 38 insertions, 32 deletions
diff --git a/pkgs/servers/asterisk/default.nix b/pkgs/servers/asterisk/default.nix index c80c747b50c..c49e5696a67 100644 --- a/pkgs/servers/asterisk/default.nix +++ b/pkgs/servers/asterisk/default.nix @@ -37,24 +37,20 @@ let # remove when upgrading to pjsip >2.13 - pjsip_patches = [ + pjsip_2_13_patches = [ (fetchpatch { - name = "0152-CVE-2022-39269.patch"; - url = "https://github.com/pjsip/pjproject/commit/d2acb9af4e27b5ba75d658690406cec9c274c5cc.patch"; - sha256 = "sha256-bKE/MrRAqN1FqD2ubhxIOOf5MgvZluHHeVXPjbR12iQ="; + name = "CVE-2022-23537.patch"; + url = "https://github.com/pjsip/pjproject/commit/d8440f4d711a654b511f50f79c0445b26f9dd1e1.patch"; + sha256 = "sha256-7ueQCHIiJ7MLaWtR4+GmBc/oKaP+jmEajVnEYqiwLRA="; }) (fetchpatch { - name = "pjsip-2.12.1-CVE-2022-23537.patch"; - url = "https://raw.githubusercontent.com/NixOS/nixpkgs/ca2b44568eb0ffbd0b5a22eb70feb6dbdcda8e9c/pkgs/applications/networking/pjsip/1.12.1-CVE-2022-23537.patch"; - sha256 = "sha256-KNSnHt0/o1qJk4r2z5bxbYxKAa7WBtzGOhRXkru3VK4="; - }) - (fetchpatch { - name = "pjsip-2.12.1-CVE-2022-23547.patch"; - url = "https://raw.githubusercontent.com/NixOS/nixpkgs/ca2b44568eb0ffbd0b5a22eb70feb6dbdcda8e9c/pkgs/applications/networking/pjsip/1.12.1-CVE-2022-23547.patch"; - sha256 = "sha256-0iEr/Z4UQpWsTXYWVYzWWk7MQDOFnTQ1BBYpynGLTVQ="; + name = "CVE-2022-23547.patch"; + url = "https://github.com/pjsip/pjproject/commit/bc4812d31a67d5e2f973fbfaf950d6118226cf36.patch"; + sha256 = "sha256-bpc8e8VAQpfyl5PX96G++6fzkFpw3Or1PJKNPKl7N5k="; }) ]; - common = { version, sha256, externals }: stdenv.mkDerivation { + + common = { version, sha256, externals, pjsip_patches ? [ ] }: stdenv.mkDerivation { inherit version; pname = "asterisk" + lib.optionalString ldapSupport "-ldap"; @@ -159,9 +155,12 @@ let }; }; - pjproject_2_12_1 = fetchurl { - url = "https://raw.githubusercontent.com/asterisk/third-party/master/pjproject/2.12.1/pjproject-2.12.1.tar.bz2"; - hash = "sha256-DiNH1hB5ZheYzyUjFyk1EtlsMJlgjf+QRVKjEk+hNjc="; + pjproject_2_13 = fetchurl + { + url = "https://raw.githubusercontent.com/asterisk/third-party/master/pjproject/2.13/pjproject-2.13.tar.bz2"; + hash = "sha256-Zj93PUAct13KVR5taOWEbQdKq76wicaBTNHpHC0rICY="; + } // { + pjsip_patches = pjsip_2_13_patches; }; mp3-202 = fetchsvn { @@ -180,13 +179,18 @@ let # auto-generated by update.py versions = lib.mapAttrs - (_: { version, sha256 }: common { - inherit version sha256; - externals = { - "externals_cache/pjproject-2.12.1.tar.bz2" = pjproject_2_12_1; - "addons/mp3" = mp3-202; - }; - }) + (_: { version, sha256 }: + let + pjsip = pjproject_2_13; + in + common { + inherit version sha256; + inherit (pjsip) pjsip_patches; + externals = { + "externals_cache/${pjsip.name}" = pjsip; + "addons/mp3" = mp3-202; + }; + }) (lib.importJSON ./versions.json); updateScript_python = python39.withPackages (p: with p; [ packaging beautifulsoup4 requests ]); @@ -197,18 +201,20 @@ let in { - # Supported releases (as of 2022-04-05). + # Supported releases (as of 2023-04-19). + # v16 and v19 have been dropped because they go EOL before the NixOS 23.11 release. # Source: https://wiki.asterisk.org/wiki/display/AST/Asterisk+Versions # Exact version can be found at https://www.asterisk.org/downloads/asterisk/all-asterisk-versions/ # # Series Type Rel. Date Sec. Fixes EOL - # 16.x LTS 2018-10-09 2022-10-09 2023-10-09 + # 16.x LTS 2018-10-09 2022-10-09 2023-10-09 (dropped) # 18.x LTS 2020-10-20 2024-10-20 2025-10-20 - # 19.x Standard 2021-11-02 2022-11-02 2023-11-02 + # 19.x Standard 2021-11-02 2022-11-02 2023-11-02 (dropped) # 20.x LTS 2022-11-02 2026-10-19 2027-10-19 + # 21.x Standard 2023-10-18 2025-10-18 2026-10-18 (unreleased) asterisk-lts = versions.asterisk_18; - asterisk-stable = versions.asterisk_19; - asterisk = versions.asterisk_19.overrideAttrs (o: { + asterisk-stable = versions.asterisk_20; + asterisk = versions.asterisk_20.overrideAttrs (o: { passthru = (o.passthru or { }) // { inherit updateScript; }; }); diff --git a/pkgs/servers/asterisk/versions.json b/pkgs/servers/asterisk/versions.json index b1a6319a51d..1e6e4e4417e 100644 --- a/pkgs/servers/asterisk/versions.json +++ b/pkgs/servers/asterisk/versions.json @@ -4,15 +4,15 @@ "version": "16.30.0" }, "asterisk_18": { - "sha256": "2d280794ae7505ed3dfc58b3190774cb491aa74c339fbde1a11740e6be79b466", - "version": "18.16.0" + "sha256": "66f0e55d84f9e5bf4e79a56255d35a034448acce00d219c3bf4930b1ebb0e88e", + "version": "18.17.1" }, "asterisk_19": { "sha256": "f0c56d1f8e39e0427455edfe25d24ff088c756bdc32dd1278c9f7a320815cbaa", "version": "19.8.0" }, "asterisk_20": { - "sha256": "4364dc762652e2fd4d3e7dc8428c83550ebae090b8a0e9d4820583e081778883", - "version": "20.1.0" + "sha256": "df12e47000fbac42bb780bb06172aa8bb8ac26faf77cc9f95184695b0cec69c3", + "version": "20.2.1" } } |