Your message dated Wed, 04 Sep 2013 22:02:33 +0000
with message-id <[email protected]>
and subject line Bug#721220: fixed in asterisk 1:1.6.2.9-2+squeeze11
has caused the Debian Bug report #721220,
regarding asterisk: CVE-2013-5641 CVE-2013-5642
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
721220: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=721220
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: asterisk
Severity: grave
Tags: security
Justification: user security hole
Please see http://downloads.asterisk.org/pub/security/AST-2013-004.html and
http://downloads.asterisk.org/pub/security/AST-2013-005.html
These affect oldstable and stable. Can you please prepare updates for
stable-security?
Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: asterisk
Source-Version: 1:1.6.2.9-2+squeeze11
We believe that the bug you reported is fixed in the latest version of
asterisk, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Tzafrir Cohen <[email protected]> (supplier of updated asterisk package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Thu, 29 Aug 2013 21:31:43 +0300
Source: asterisk
Binary: asterisk asterisk-h323 asterisk-doc asterisk-dev asterisk-dbg
asterisk-sounds-main asterisk-config
Architecture: source all amd64
Version: 1:1.6.2.9-2+squeeze11
Distribution: oldstable-security
Urgency: high
Maintainer: Debian VoIP Team <[email protected]>
Changed-By: Tzafrir Cohen <[email protected]>
Description:
asterisk - Open Source Private Branch Exchange (PBX)
asterisk-config - Configuration files for Asterisk
asterisk-dbg - Debugging symbols for Asterisk
asterisk-dev - Development files for Asterisk
asterisk-doc - Source code documentation for Asterisk
asterisk-h323 - H.323 protocol support for Asterisk
asterisk-sounds-main - Core Sound files for Asterisk (English)
Closes: 721220
Changes:
asterisk (1:1.6.2.9-2+squeeze11) oldstable-security; urgency=high
.
* Patch AST-2013-004 (CVE-2013-5641): chan_sip: crash in ACK to SDP
* Patch AST-2013-005 (CVE-2013-5642): Fix crash caused by invalid SDP
(Closes: #721220).
* Update VCS links.
Checksums-Sha1:
47bdcdea86622984443e1122935dc9447fcfa738 2232 asterisk_1.6.2.9-2+squeeze11.dsc
881cec423eac55db4f8de3bdbbcfbaff1e009aa4 117256
asterisk_1.6.2.9-2+squeeze11.debian.tar.gz
852054ba64980bbc6599f06dbefd162d8cf42e54 1709918
asterisk-doc_1.6.2.9-2+squeeze11_all.deb
84ef6195dd5f696dba74acc5896cb8f905232e82 635312
asterisk-dev_1.6.2.9-2+squeeze11_all.deb
c662bede9ef860148f4359dad3d835c07d7c432f 2186572
asterisk-sounds-main_1.6.2.9-2+squeeze11_all.deb
4259f4b266479ec0bb115ba44967532130c4ad7b 715820
asterisk-config_1.6.2.9-2+squeeze11_all.deb
c5c1894bf442bbeffb285a00f179ed7be309af56 3602576
asterisk_1.6.2.9-2+squeeze11_amd64.deb
d008997e8dcb57b55a4f6cdeec4a5d59f2b65dc4 534078
asterisk-h323_1.6.2.9-2+squeeze11_amd64.deb
95aa361cca5b44e042351e8d784aed985b035fbf 20347390
asterisk-dbg_1.6.2.9-2+squeeze11_amd64.deb
Checksums-Sha256:
dc40543c5e47fbda9984e775f1309f99065845fe10b9ed6c1b0db1a81a6e001d 2232
asterisk_1.6.2.9-2+squeeze11.dsc
b72f47d367d0d819d72aedff1f6450f14748c09fbd06eb2a9faa1504e40392fd 117256
asterisk_1.6.2.9-2+squeeze11.debian.tar.gz
04dc4244a41b5b564fb68e148cce06532cfd8a20ff03844bc5515c627eae85f4 1709918
asterisk-doc_1.6.2.9-2+squeeze11_all.deb
b8105cfc28b231c43b32d9a115ef033f19a02bf0d51eac8f9b811be3de1962cc 635312
asterisk-dev_1.6.2.9-2+squeeze11_all.deb
00ea1d434bbbc34a958fe99a04ebc907d928e8b5cca4cf73abc432b086717a41 2186572
asterisk-sounds-main_1.6.2.9-2+squeeze11_all.deb
340507f95f9479bcc96eafa751a9790a2b5dea3de3f1e4f30ccda2f0c50c1195 715820
asterisk-config_1.6.2.9-2+squeeze11_all.deb
ed7ba66a91975586785d22701702a44de94c6dc1ec65fd573df72f81dd22a467 3602576
asterisk_1.6.2.9-2+squeeze11_amd64.deb
21ac85b8e72438ccf1d7c6e53d8f42b877061fea582d0cc124b9300690b6e864 534078
asterisk-h323_1.6.2.9-2+squeeze11_amd64.deb
0e263880c5f42bad5f1cb532994c76c05a37ca80c663808ce8342161d52a1a5d 20347390
asterisk-dbg_1.6.2.9-2+squeeze11_amd64.deb
Files:
ffd08cdeacdb25c6a059fec368fd2b27 2232 comm optional
asterisk_1.6.2.9-2+squeeze11.dsc
6803cffac08ea3cadcfa8012f0c8bef3 117256 comm optional
asterisk_1.6.2.9-2+squeeze11.debian.tar.gz
0f760925d9c2b8f5c877efd44132bbad 1709918 doc extra
asterisk-doc_1.6.2.9-2+squeeze11_all.deb
4edf7fd93c2c431c78387efff88c5654 635312 devel extra
asterisk-dev_1.6.2.9-2+squeeze11_all.deb
9652ece3957b4324d809eccaf0410f26 2186572 comm optional
asterisk-sounds-main_1.6.2.9-2+squeeze11_all.deb
ac5331ead6d8c87fa9bc37b2444e28ab 715820 comm optional
asterisk-config_1.6.2.9-2+squeeze11_all.deb
bc030b6bef35357dcac61e155bfc1150 3602576 comm optional
asterisk_1.6.2.9-2+squeeze11_amd64.deb
3e9d941df847253cac505774ea0bb90e 534078 comm optional
asterisk-h323_1.6.2.9-2+squeeze11_amd64.deb
d79fac70fc5d0cc9147efe2e39c9efcb 20347390 debug extra
asterisk-dbg_1.6.2.9-2+squeeze11_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iEYEARECAAYFAlIkV9QACgkQxArWdkN9MourrgCfWLf8UZG9Eg8tsUejtTewdMN9
caYAn2kTpwVnYYXV7DYRfk7INQLEctqL
=dzti
-----END PGP SIGNATURE-----
--- End Message ---
