Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: lists.debian.org > debian-changes > 07 > 080195.html (Request Expert lists.debian.org Support)

Accepted asterisk 1:1.0.7.dfsg.1-2sarge5 (source all i386)

From: Faidon Liambotis <paravoid(at)debian.org>
Date: Mon Aug 27 2007 - 15:56:27 EDT


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Thu, 23 Aug 2007 03:48:56 +0300
Source: asterisk
Binary: asterisk-sounds-main asterisk-h323 asterisk-web-vmail asterisk-gtk-console asterisk asterisk-config asterisk-dev asterisk-doc Architecture: source all i386
Version: 1:1.0.7.dfsg.1-2sarge5
Distribution: oldstable-security
Urgency: high
Maintainer: Debian VoIP Team <pkg-voip-maintainers@lists.alioth.debian.org> Changed-By: Faidon Liambotis <paravoid@debian.org> Description:
 asterisk - open source Private Branch Exchange (PBX) 

 asterisk-config - config files for asterisk
 asterisk-dev - development files for asterisk
 asterisk-doc - documentation for asterisk
 asterisk-gtk-console - gtk based console for asterisk
 asterisk-h323 - asterisk H.323 VoIP channel
 asterisk-sounds-main - sound files for asterisk
 asterisk-web-vmail - web based (GCI) voice mail interface for asterisk
Changes:
 asterisk (1:1.0.7.dfsg.1-2sarge5) oldstable-security; urgency=high  .
  • Add myself to Uploaders to mark this as a maintainer upload.
  • Multiple upstream security fixes:
    • channels/chan_sip.c: Only try to handle a response if it has a response code. (ASA-2007-011, CVE-2007-1594, CVE-2007-2297)
    • manager.c: Don't crash if a manager connection provides a username that exists in manager.conf but does not have a password, and also requests MD5 authentication. (ASA-2007-012, CVE-2007-2294)
    • channels/iax2-parser.h, channels/chan_iax2.c, channels/iax2-parser.c: Ensure that when encoding the contents of an ast_frame into an iax_frame, that the size of the destination buffer is known in the iax_frame so that code won't write past the end of the allocated buffer when sending outgoing frames. (ASA-2007-014, CVE-2007-3762)
    • channels/chan_iax2.c: if a text frame is sent with no terminating NULL through a bridged IAX connection, the remote end will receive garbage characters tacked onto the end. (CVE-2007-2488)
    • channels/chan_iax2.c: After parsing information elements in IAX frames, set the data length to zero, so that code later on does not think it has data to copy. (ASA-2007-015, CVE-2007-3763) Files: 9990edac549f774358a79d593ff43a2d 1299 comm optional asterisk_1.0.7.dfsg.1-2sarge5.dsc a792656a9b891c48038f16ed102da075 72628 comm optional asterisk_1.0.7.dfsg.1-2sarge5.diff.gz 3bc955e7f50c8ee2ab0877c9bf6d7e27 1578092 doc optional asterisk-doc_1.0.7.dfsg.1-2sarge5_all.deb 01ec5e039b1f34c512a3816d0ff14290 83904 devel optional asterisk-dev_1.0.7.dfsg.1-2sarge5_all.deb 9b2af441ef41584b0ab64ed253400ed2 1180686 comm optional asterisk-sounds-main_1.0.7.dfsg.1-2sarge5_all.deb f487ba4ae90a38dac7d7892994977e78 28906 comm optional asterisk-web-vmail_1.0.7.dfsg.1-2sarge5_all.deb 4488dbad49606db2bb69979c6de5d9a1 62122 comm optional asterisk-config_1.0.7.dfsg.1-2sarge5_all.deb 332441ac023e066bfad2e4df2ee35b82 1175672 comm optional asterisk_1.0.7.dfsg.1-2sarge5_i386.deb d1ee35f3e22dcd4a5319ae5b15817d0b 21968 comm optional asterisk-h323_1.0.7.dfsg.1-2sarge5_i386.deb 714976ea15e1c161c77dff509d08af96 30384 comm optional asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGzTaDVty5d8XpUzMRAqDjAJ9sA7L8Ss8pYfOsth55sqYZd6DCbwCfXrm/ lAEKQTq0oLKgrQhFQVX7468=
=V4vW
-----END PGP SIGNATURE----- Accepted:
asterisk-config_1.0.7.dfsg.1-2sarge5_all.deb   to pool/main/a/asterisk/asterisk-config_1.0.7.dfsg.1-2sarge5_all.deb asterisk-dev_1.0.7.dfsg.1-2sarge5_all.deb   to pool/main/a/asterisk/asterisk-dev_1.0.7.dfsg.1-2sarge5_all.deb asterisk-doc_1.0.7.dfsg.1-2sarge5_all.deb   to pool/main/a/asterisk/asterisk-doc_1.0.7.dfsg.1-2sarge5_all.deb asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_i386.deb   to pool/main/a/asterisk/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_i386.deb asterisk-h323_1.0.7.dfsg.1-2sarge5_i386.deb   to pool/main/a/asterisk/asterisk-h323_1.0.7.dfsg.1-2sarge5_i386.deb asterisk-sounds-main_1.0.7.dfsg.1-2sarge5_all.deb   to pool/main/a/asterisk/asterisk-sounds-main_1.0.7.dfsg.1-2sarge5_all.deb asterisk-web-vmail_1.0.7.dfsg.1-2sarge5_all.deb   to pool/main/a/asterisk/asterisk-web-vmail_1.0.7.dfsg.1-2sarge5_all.deb asterisk_1.0.7.dfsg.1-2sarge5.diff.gz
  to pool/main/a/asterisk/asterisk_1.0.7.dfsg.1-2sarge5.diff.gz asterisk_1.0.7.dfsg.1-2sarge5.dsc
  to pool/main/a/asterisk/asterisk_1.0.7.dfsg.1-2sarge5.dsc asterisk_1.0.7.dfsg.1-2sarge5_i386.deb
  to pool/main/a/asterisk/asterisk_1.0.7.dfsg.1-2sarge5_i386.deb 

-- 
To UNSUBSCRIBE, email to debian-changes-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Received on Mon Aug 27 16:03:19 2007

This archive was generated by hypermail 2.1.8 : Sun Oct 07 2007 - 07:58:42 EDT

Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library