Debian testing watch <[EMAIL PROTECTED]> wrote: Hi,
Could someone explain why py-asterisk and libasterisk-agi-perl got pulled from testing due to security concerns in *asterisk* itself ? > Previous version: 0.1a3+r160-3 > Current version: (not in testing) > Hint: <http://ftp-master.debian.org/testing/hints/luk> > # 20071013 > # Severe security concerns by Testing Security Team > Bug #434886: Remote compromise [CVE-2007-3762] [CVE-2007-3763] > [CVE-2007-3764] [CVE-2007-3765] Both packages are libraries, for python and perl, to connect to the asterisk manager, which can be local or remote. So there's no dependency on asterisk itself whatsoever. Please put those two packages back into testing. Thanks, JB. -- Julien BLACHE - Debian & GNU/Linux Developer - <[EMAIL PROTECTED]> Public key available on <http://www.jblache.org> - KeyID: F5D6 5169 GPG Fingerprint : 935A 79F1 C8B3 3521 FD62 7CC7 CD61 4FD7 F5D6 5169 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
