place asterisk read-only data files under /usr/share

Forwarded: no
Last-Update: 2016-03-19

On Debian read-only resources belong under /usr. The space taken from
the writable /var should be minimized.

Upstream prefers defaults to have those files under /var/lib, though
supports a separate datadir.

Gbp-Pq: Name astdatadir

disable building codec_ilbc

Bug-Debian: https://bugs.debian.org/665938
Bug-Debian: https://bugs.debian.org/665937
Forwarded-Upstream: no
Last-Update: 2016-03-19

As we have to strip the ilbc code from asterisk, we need to disable
building codec_ilbc and cleaning the ilbc/ directory.

Patch needs to be cleaned-up to be uploaded upstream.

FIXME: module now seems to potentially use libilbc. If it can be
packaged into Debian, no reason to remove it.

Gbp-Pq: Name ilbc_disable

enable modules formly from asterisk-addons

Applied-Upsteam: no
Last-Update: 2016-03-19

The modules under addons/ are originally from the separate
asterisk-addons package. As of asterisk 1.8 they are included in the
main Asterisk distribution but not enabled by default. this patch
enables them, as it seems valid in Debian.

format_mp3.c is not enabled, yet, though: the complete source is not
included. See contrib/scripts/get_mp3_source.sh in the source tree.

Gbp-Pq: Name enable_addons

mpglib code originally in asterisk-addons

Origin:  http://svn.digium.com/svn/thirdparty/mp3/trunk
Last-Update: 2018-11-17

The package asterisk-addons originally included mpglib. After the merge
with asterisk, that code is no longer included and needs to be fetched
(contrib/scripts/get_mpg_source.sh). This patch includes that fetched
source (rev. 202).

TODO: get rid of this code and use libmpg123 or whatever.

Gbp-Pq: Name mpglib

Avoid downloading extra sound files

Forwarded: no
Last-Update: 2016-04-02

Asterisk configures several sound files to be installed that are not
included in the distribution tarball. Those files are downloaded by the
'install' target.

The exact files to be downloaded is configurable. Here we change the
default to avoid downloading any. We believe those should be part of a
separate source package (as they rarely change, and have their own
versioning).

Gbp-Pq: Name sound_files

astgenkey should generate a private key that is not world-readable

Bug: http://issues.asterisk.org/view.php?id=12373
Last-Update: 2016-03-19

Upstream has not accepted this patch and chose instead to document this
as a known minor issue.

Gbp-Pq: Name astgenkey-security

build multiple versions of app_voicemail.so

Bug: http://issues.asterisk.org/view.php?id=13822
Last-Update: 2016-03-19

This is a very ugly hack on upstream's Makefiles to allow building
multiple variants of app_voicemail. Three variants are created:
 * app_voicemail.so: plain old filesystem storage that doesn't break
   existing setups
 * app_voicemail_imapstorage.so: IMAP storage
 * app_voicemail_odbcstorage.so: ODBC storage
All these conflict with each other and Asterisk will refuse to load
them concurrently. They are thus included in three separate and
complicting packages.

Patch suggested to upstream but rejected for being "hackish". Though
upstream RPM packages include packages that are only somewhat cleaner.

Gbp-Pq: Name hack-multiple-app-voicemail

asterisk (1:16.2.1~dfsg-1+deb10u1) buster; urgency=medium

  * AST-2019-002 / CVE-2019-12827
    Buffer overflow in res_pjsip_messaging (Closes: #931980)
  * AST-2019-003 / CVE-2019-13161
    Remote Crash Vulnerability in chan_sip (Closes: #931981)
  * d/gbp.conf: Update for Buster branch

[dgit import unpatched asterisk 1:16.2.1~dfsg-1+deb10u1]

Import asterisk_16.2.1~dfsg-1+deb10u1.debian.tar.xz

[dgit import tarball asterisk 1:16.2.1~dfsg-1+deb10u1 asterisk_16.2.1~dfsg-1+deb10u1.debian.tar.xz]

Import asterisk_16.2.1~dfsg.orig.tar.xz

[dgit import orig asterisk_16.2.1~dfsg.orig.tar.xz]