Bug#923690: marked as done (asterisk: CVE-2019-7251: Remote crash vulnerability with SDP protocol violation)

Thu, 07 Mar 2019 14:39:20 -0800 

Your message dated Thu, 07 Mar 2019 22:34:21 +0000
with message-id <[email protected]>
and subject line Bug#923690: fixed in asterisk 1:16.2.1~dfsg-1
has caused the Debian Bug report #923690,
regarding asterisk: CVE-2019-7251: Remote crash vulnerability with SDP protocol 
violation
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
923690: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923690
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Source: asterisk
Version: 1:16.2.0~dfsg-1
Severity: important
Tags: security upstream

Hi,

The following vulnerability was published for asterisk.

CVE-2019-7251[0]:
Remote crash vulnerability with SDP protocol violation

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2019-7251
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7251
[1] https://downloads.asterisk.org/pub/security/AST-2019-001.html

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

--- End Message ---
--- Begin Message --- 
Source: asterisk
Source-Version: 1:16.2.1~dfsg-1

We believe that the bug you reported is fixed in the latest version of
asterisk, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bernhard Schmidt <[email protected]> (supplier of updated asterisk package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 07 Mar 2019 23:13:24 +0100
Source: asterisk
Architecture: source
Version: 1:16.2.1~dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Debian VoIP Team <[email protected]>
Changed-By: Bernhard Schmidt <[email protected]>
Closes: 923690
Changes:
 asterisk (1:16.2.1~dfsg-1) unstable; urgency=medium
 .
   * New upstream version 16.2.1~dfsg
     - CVE-2019-7251 / AST-2019-001 (Closes: #923690)
       Remote crash vulnerability with SDP protocol violation
   * Bump dependency on libjansson-dev to >= 2.11 (required by upstream)
Checksums-Sha1:
 ea15fe1c239600bc82ef5e6b0e453d8417a2959e 4232 asterisk_16.2.1~dfsg-1.dsc
 682ddb01a7c6fc8d828ce95114c5fd2c0cb56332 6848356 
asterisk_16.2.1~dfsg.orig.tar.xz
 7fec3378c6e34eff35b06b20cdbe8b05ba461e9a 3763436 
asterisk_16.2.1~dfsg-1.debian.tar.xz
 e3bcb2d0a8cd4bac7fa0e709380e900c560a2b87 26517 
asterisk_16.2.1~dfsg-1_amd64.buildinfo
Checksums-Sha256:
 3685a59825fe62079fa2c0b2cbd59a70023b354e9a7ddb5052e3a249db73e64e 4232 
asterisk_16.2.1~dfsg-1.dsc
 f8b1908897ad90d82d4aa125d13d866e3904ee43ade967b4028df626b6931185 6848356 
asterisk_16.2.1~dfsg.orig.tar.xz
 86abba5a26042bd1947c0c854e5234551210c6f77349bb150eef8a38dc134d9f 3763436 
asterisk_16.2.1~dfsg-1.debian.tar.xz
 42f3974c80c3aaaf59cafa124e70d6026987f85c131010d958cf7781e24e1f58 26517 
asterisk_16.2.1~dfsg-1_amd64.buildinfo
Files:
 73624d350d70fe07562e8e9703344c23 4232 comm optional asterisk_16.2.1~dfsg-1.dsc
 fdf80608760fc344c7afbcadf000508f 6848356 comm optional 
asterisk_16.2.1~dfsg.orig.tar.xz
 0932c52122a692d1e40426a89b6eead9 3763436 comm optional 
asterisk_16.2.1~dfsg-1.debian.tar.xz
 600b907eb0aed253a2f59fb53b13bc25 26517 comm optional 
asterisk_16.2.1~dfsg-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJFBAEBCgAvFiEE1uAexRal3873GVbTd1B55bhQvJMFAlyBmhMRHGJlcm5pQGRl
Ymlhbi5vcmcACgkQd1B55bhQvJOnlg//RsJB3WV3HOlJanZyxZMRlF5CPLmmU5ur
RPJsH1N+IGnZ8oumDwJfUCfpJ6R03SCrVV3MUYGeXQQJ+ZXgVwDVouYC3DVk06hV
fzXxsB+EZdmhmmjKSIjI1/TjzZI4teynifNyV/6rrtrGtZSMTPISBr0vVgqnih4Z
E79FJDPSRB6q4SDByMn/JWx/NIY3iteusv1YE0noiItvc58T33pyIVJOUc8R4cya
4CCvDBH9tuxwlyx7iDHOb0sSSMkTet1CC1Qb2BzhY8u2nCPbpn9x+SRqQantqM+A
2clzUDN8g14ktkc/FLLme9FjJm0a2bzrNPx84M+4O1FkgBGHqgLsdfOEqTO1TKk5
5Buib6Zxls2QnvM925z+ZYo7RcXDLCfMyxjc0nuyiYZofxRsjikb+WO7xr6QOu5h
l26izDu2bpeXBnC2MKZE7AITcujlpbJ8GzFElR5j1Rj5O0PEdMg4WKnkSJN/hsKC
zkf4XtBBy0J9Bt5cwYINEpwmc+576VNLntc5zC9sR6aT6Pg80pSUrkbfiQqAvJXv
9NgkEuu4GGF8y8MDOoJnoj14aXPs0PmQvOo4TOA6f2gUCpgev8H1eJ0/5ktq0hUQ
+Py5Kq1hF5n+NJL5GYwXzznxtXc1d8VLIL1eW1OkPAbxhbBHKBhAJXucd5cNqgYm
pof0dkylVt0=
=OHKj
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to