-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 2 Jun 2025 15:22:25 CEST Source: asterisk Architecture: source Version: 1:16.28.0~dfsg-0+deb11u7 Distribution: bullseye-security Urgency: high Maintainer: Debian VoIP Team <[email protected]> Changed-By: Markus Koschany <[email protected]> Checksums-Sha1: 2e12f436c9caf511ea863872d865cdb55b8ca51a 4359 asterisk_16.28.0~dfsg-0+deb11u7.dsc 4de5ec1adb3e43c77bb048911b1476675367a43f 6875260 asterisk_16.28.0~dfsg-0+deb11u7.debian.tar.xz 899ba2a751038459f1a04becb1376edaa316624f 29438 asterisk_16.28.0~dfsg-0+deb11u7_amd64.buildinfo Checksums-Sha256: 1c9cb334313b2806f108fcce8853f0ec165e95a5a2adff965c56d5bd76555892 4359 asterisk_16.28.0~dfsg-0+deb11u7.dsc 0f036b7c931a12dc5dc01005af6f938f6eecc1099de3f407a9fbc6e167d05f00 6875260 asterisk_16.28.0~dfsg-0+deb11u7.debian.tar.xz fb897a4ebe95e14e767b17fe26df8455b200d500e763a5402d7c65c759917567 29438 asterisk_16.28.0~dfsg-0+deb11u7_amd64.buildinfo Changes: asterisk (1:16.28.0~dfsg-0+deb11u7) bullseye-security; urgency=high . * Non-maintainer upload by the LTS team. * Fix CVE-2025-47779: SIP requests of the type MESSAGE (RFC 3428) authentication do not get proper alignment. An authenticated attacker can spoof any user identity to send spam messages to the user with their authorization token. Abuse of this security issue allows authenticated attackers to send fake chat messages can be spoofed to appear to come from trusted entities. * Fix CVE-2025-47780: Trying to disallow shell commands to be run via the Asterisk CLI by configuring cli_permissions.conf (e.g. with the config line deny=!*) does not work which could lead to a security risk. A new asterisk.conf option 'disable_remote_console_shell' has been added that, when set, will prevent remote consoles from executing shell commands using the '!' prefix. Files: 527028a8f05c0ef66075a9bb5547072b 4359 comm optional asterisk_16.28.0~dfsg-0+deb11u7.dsc 75c8b6f9492a03ac09a18775add46a23 6875260 comm optional asterisk_16.28.0~dfsg-0+deb11u7.debian.tar.xz 3396dc0b755853791363e01c84a26419 29438 comm optional asterisk_16.28.0~dfsg-0+deb11u7_amd64.buildinfo
-----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmg9pd5fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HksOkP/2SLOBOaOU8IxbUYJ8Bt7TPZGdmOqc4RPB2S Dej/+SdtlfnlQLe/40DfjZ3DCZo33KGaIv73ti8r//rfuRbgPltnCfeVHZSBpDcA ANOCqYnVyZz6IOpIGpLuG0Z4qbmiJqhdNxzoQb72i/BHX5mtGPoO9bDg5M7tkaBo ro93bL9ELAvJhPkGcP+cuwXwMGdhwI7//Z4aYWba12+lar7RDAaw3ReplN/3sUP6 K7irSPIQE77gf9fx6NJft84O7CS6mIEUsGgbFdBQasSS4slG00nCTmnNDZ6vdvYl fd2nt6D4ER7c00JE6NtP8k6+1GPSf08WYYsShzUStk8ab0YvkomJ9XKE6cjSTKOe tMKQpYPfkMuU+LweUyTVEfL5tyaUqb08aDDk3m0vi6puu5331URRXtv8Z1El6ZHL XLWnyZpg4hzwx9o8Qjj5oKV5acgTnF75R8N3nZUfPCwk74NpqX1JJqViSzj7lBk1 ITNiabKcSU80ffIIcZ6nMlivC84ilaKbUfBOyZ9IXmo+Zuu1saX9g6SblSweCsmz 6afq//KB00FTJROH22LovXBFF0cW5XWGWnPrrsXeSoVHXhCX2ctkwDHpz+VlQAv+ L0FEyfoBvmm66yGFsKCa2aq+UepJIQsIYiBKXoGkILXXaXLwXXTwf4bA6kdFGKmx jhWSoutm =OOWb -----END PGP SIGNATURE-----
pgpGBRrapITnT.pgp
Description: PGP signature
