[asterisk-commits] lmadsen: tag 1.4.41 r315204 - /tags/1.4.41/
SVN commits to the Asterisk project
asterisk-commits at lists.digium.com
Mon Apr 25 12:33:45 CDT 2011
Author: lmadsen
Date: Mon Apr 25 12:33:41 2011
New Revision: 315204
URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=315204
Log:
Merge changes for AST-2011-005 and AST-2011-006, update .version and ChangeLog
Removed:
tags/1.4.41/asterisk-1.4.41-rc1-summary.html
tags/1.4.41/asterisk-1.4.41-rc1-summary.txt
Modified:
tags/1.4.41/.version
tags/1.4.41/ChangeLog
Modified: tags/1.4.41/.version
URL: http://svnview.digium.com/svn/asterisk/tags/1.4.41/.version?view=diff&rev=315204&r1=315203&r2=315204
==============================================================================
--- tags/1.4.41/.version (original)
+++ tags/1.4.41/.version Mon Apr 25 12:33:41 2011
@@ -1,1 +1,1 @@
-1.4.41-rc1
+1.4.41
Modified: tags/1.4.41/ChangeLog
URL: http://svnview.digium.com/svn/asterisk/tags/1.4.41/ChangeLog?view=diff&rev=315204&r1=315203&r2=315204
==============================================================================
--- tags/1.4.41/ChangeLog (original)
+++ tags/1.4.41/ChangeLog Mon Apr 25 12:33:41 2011
@@ -1,3 +1,17 @@
+2011-04-25 Leif Madsen <lmadsen at digium.com>
+
+ * Asterisk 1.4.41 Released.
+
+ * AST-2011-005, AST-2011-006
+
+ * Reverted part of r314607, as it can introduce a regression.
+ Specifically, the security check for the "system" privilege was
+ removed. If a user had the "call" privilege but not the "system" privilege,
+ they would lose the ability to execute the system app and dialplan functions
+ that run commands in a shell. This branch never used the "system" privilege
+ for that purpose and did not need to be patched.
+ (AST-2011-006)
+
2011-02-23 Leif Madsen <lmadsen at digium.com>
* Asterisk 1.4.41-rc1 Released.
More information about the asterisk-commits
mailing list