Hi,
On Mon, May 27, 2024 at 10:26:45AM +0200, Diederik de Haas via
Pkg-voip-maintainers wrote:
> Control: tag -1 upstream fixed-upstream patch
Thanks for that. Just one note regarding the word "upstream". The
current upstream of the package is the osmo fork. At the time when
uploading previous
Hi,
Thanks. Those modules were removed. I noticed that and fixed it locally
(also added two extra modules zaphfc and icE1usb).
Trying to figure out the cause for the other error
https://ci.debian.net/data/autopkgtest/testing/amd64/d/dahdi-linux/36220583/log.gz
177s MODPOST
There are tons of warnings
The actual error is:
On Fri, Jun 03, 2022 at 10:23:00PM +0200, Andreas Beckmann wrote:
> /var/lib/dkms/dahdi/2.11.1.0.20170917~dfsg-7.5/build/drivers/dahdi/xpp/xbus-core.c:
> In function 'xbus_read_proc_open':
>
On Mon, Apr 18, 2022 at 06:32:07PM +0200, Thomas Lange wrote:
> > On Mon, 18 Apr 2022 16:16:18 +0300, Peter Pentchev
> > said:
>
>
> > If you run sudo without the "set_home" option, thus making it preserve
> > the HOME environment variable, rpm run as root with HOME set to
>
See patch in https://issues.asterisk.org/jira/browse/DAHLIN-397
--
mail / xmpp / matrix: tzaf...@cohens.org.il
This script is part of the separate non-free dahdi-firmware
package. It should not be part of DAHDI-linux and can be removed
if it is. If dahdi-dkms is not co-installable with dahdi-firmware,
it is probably a bug.
-- Tzafrir
Hi,
On abel in a armel chroot the issue is
reproduced by running:
man -Thtml
even on an empty man page.
Right now you can try:
$ schroot -r -c session:tzafrir-dahdi-tools -- man -Thtml
On 19/08/2020 12:31, Bernhard Schmidt wrote:
Hi Tzafrir,
could you have a look at Bug#957117 and #957470? They are causing
Asterisk to be removed from testing.
Uploaded a fix for dahdi-tools. As for libpri: this is basically using
index from data[0] that is the end of the header.
My "fix"
Control: tag -1 pending
Hello,
Bug #952061 in ibsim reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
Hi,
I had little time to work on this, but as it happened, I submitted a
pull request with deb packaging (internal) to the Github project and
tested its building.
It builds indeed fine with rdma-core, it seems.
-- Tzafrir
ibsim moved to Github. The specific error seems to have been fixed by
https://github.com/linux-rdma/ibsim/commit/7bf171bab9c8bf3cc6c8f822bfcbd85570ca9abc
The warning: likely fixed by
https://github.com/linux-rdma/ibsim/commit/8625a69de7a319a0a1f3e4c86a0f14eda7e1612c
Latest version there is 0.9 .
On 10/08/2019 17:46, Niko Tyni wrote:
> Source: libvma
> Version: 8.8.1.really.8.7.7-1
> Severity: serious
> Tags: ftbfs
>
> This package fails to build on current sid/amd64.
>
>>From my build log:
>
> dpkg-gensymbols: warning: some new symbols appeared in the symbols file:
> see diff output
-team
--
Tzafrir Cohen | Diasp: tzaf...@wk3.org | VIM is
http://tzafrir.org.il | Matrix: t...@matrix.org | a Mutt's
tzaf...@cohens.org.il | Mast: tzaf...@tooot.im | best
tzaf...@debian.org|| friend
On Sat, Dec 30, 2017 at 11:47:21PM +0100, Bernhard Schmidt wrote:
> On Wed, Oct 18, 2017 at 08:19:26PM +0300, Tzafrir Cohen wrote:
>
> Hi Tzafrir,
>
> > Version: 1:2.11.1.0.20170917~dfsg-1
> > Flags: patch upstream
> > Forwarded: https://issues.asterisk.org/jira/
control: found -1 1:13.14.1~dfsg-2+deb9u2
Thanks.
This applies only to Asterisk >= 13. It does apply to the version in
Stable, though not to the version in oldstable.
--
Tzafrir Cohen | tzaf...@jabber.org | VIM is
http://tzafrir.org.il || a Mutt's
t
alizer
.dev_attrs = dahdi_device_attrs,
^
/usr/src/modules/dahdi/drivers/dahdi/dahdi-sysfs.c:711:15: error:
initialization from incompatible pointer type
[-Werror=incompatible-pointer-types]
.dev_attrs = dahdi_device_attrs,
^~
--
Tzafrir Cohen
+
checksum changed to
avoid including some irrelevant functions, and thus the checksum is
different from the Stable version.
> The tight dependency is build-time only: Generally a BinNMU is adequate.
Right.
--
Tzafrir Cohen
+972-50-7952406 mailto:tzafrir.co...@xorcom.com
http://www.xorcom.com
On Fri, Jan 06, 2017 at 01:37:58PM +, Holger Levsen wrote:
> Hi Tzafrir,
>
> On Fri, Jan 06, 2017 at 12:25:07AM +0100, Tzafrir Cohen wrote:
> > The version in Jessie-backports seems to be the only one affected by it.
>
> will you upload a fixed version to jessie-
was fixed upstream just before 1.2.22, and that fix is
included in the current version (1.3.2). In 1.1.33 the parsing seems to
be done before after temporarily dropping super-user privileges at
startup.
--
Tzafrir Cohen | tzaf...@jabber.org | VIM is
http://tzafrir.org.il
d maybe also
amr.patch . vp8.patch looks more self-contained). The relevant upstream
code must have had some extra checks at this point.
Could someone else please double-check before closing this one?
(But yes, there's still AST-2016-009 in another open bug)
--
Tzafrir Cohe
the configure
script output.
Thanks for your report.
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972-50-7952406 mailto:tzafrir.co...@xorcom.com
http://www.xorcom.com
s for the report.
So at first glance: it builds fine but the C++ ABI has changed (most of
the pjproject libraries are C, with a single C++ library).
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972-50-7952406 mailto:tzafrir.co...@xorcom.com
http://www.xorcom.com
n soon.
Thanks for the reminder.
I pushed some changes to the git repo. I hope to upload a package this
weekend.
pjproject is largely a C library with a single C++ library (libsua2 -
the binary package libsua2-2). I decided to bump the soname of that
lirary alone (libpjsua2-2v5).
--
Tzafrir Cohen
libv4l-dev
> > and the ffmpeg bits seem to have been reorganized as well.
>
> I suspect ig might be pjsip growing dependencies on those libraries and
> injecting linkage flags into Asterisk, but instead of actively avoiding
> those it seems more sensible to me to consider solving bug#531728.
You are right. The git version of pjsip should look better.
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972-50-7952406 mailto:tzafrir.co...@xorcom.com
http://www.xorcom.com
built successfully.
Those dependencies should be set by libpjproject-dev.
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972-50-7952406 mailto:tzafrir.co...@xorcom.com
http://www.xorcom.com
On Mon, Aug 03, 2015 at 07:52:36AM +0200, Tzafrir Cohen wrote:
Thanks for your report,
On Tue, Jul 21, 2015 at 11:23:33AM +0200, Jakub Wilk wrote:
Source: pjproject
Version: 2.4~dfsg-1
Severity: serious
Justification: fails to build from source
pjproject FTBFS on 32-bit
or dahdi-source.
Alternatively, if you still use such driver but are not able to test it,
contact me so I'll know that there is some demand for those drivers.
[1] The general public, not just the submitter of this bug.
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co
?pkg=pjprojectarch=powerpcver=2.4%7Edfsg-1stamp=1437435603
https://buildd.debian.org/status/fetch.php?pkg=pjprojectarch=sparcver=2.4%7Edfsg-1stamp=1437452748
Note that the first issue also appeared in most (all?) the successful
builds.
--
Tzafrir Cohen | tzaf...@jabber.org | VIM is
http
.
Patching.
--
Tzafrir Cohen | tzaf...@jabber.org | VIM is
http://tzafrir.org.il || a Mutt's
tzaf...@cohens.org.il || best
tzaf...@debian.org|| friend
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
On Wed, Apr 01, 2015 at 11:08:48AM +0100, Jaap Eldering wrote:
Since upgrading to Jessie,
I have the same problem. I'm not sure exactly when it started.
I run plain openbox
as window manager, but the same problem also appears when I use Xfce or
failsafe-xterm.
icewm here.
--
Tzafrir
fixes. Sadly I didn't have
the time to properly document them.
Feel free to upload it.
For Unstable, I guess a new upstream release is needed (due to the same
security issues. And even more: many issues in chan_pjsip).
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co
Hi Jonas,
On Wed, Nov 14, 2012 at 12:33:26PM +0100, Jonas Smedegaard wrote:
Quoting Tzafrir Cohen (2012-11-13 18:00:30)
Indeed this is fixable through a binNMU.
Yes, but release managers disapprove of simple binNMUs covering over the
underlying problem, as I wrote earlier:
http
with Asterisk 13.
--
Tzafrir Cohen | tzaf...@jabber.org | VIM is
http://tzafrir.org.il || a Mutt's
tzaf...@cohens.org.il || best
tzaf...@debian.org|| friend
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ
.
--
Tzafrir Cohen | tzaf...@jabber.org | VIM is
http://tzafrir.org.il || a Mutt's
tzaf...@cohens.org.il || best
tzaf...@debian.org|| friend
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
instead?
The program should start
Thanks for your report
According to Upstream, this issue has been fixed in version 1.4.0.
Version 1.4.1 should be released in a few days and it makes sense to
wait for it.
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972
On Mon, Apr 28, 2014 at 09:46:22AM +0200, Tzafrir Cohen wrote:
Hi,
It seems that libuser has not recieved any decent maintinance in recent
years. As its removal will remove my package (mock), I tried fixing this
bug.
It turned out to be more complicated than I thought, and I ended up
:
http://anonscm.debian.org/gitweb/?p=collab-maint/libuser.git
--
Tzafrir Cohen | tzaf...@jabber.org | VIM is
http://tzafrir.org.il || a Mutt's
tzaf...@cohens.org.il || best
tzaf...@debian.org|| friend
--
To UNSUBSCRIBE, email
On Tue, Dec 17, 2013 at 06:17:09PM +0100, Moritz Muehlenhoff wrote:
On Tue, Dec 17, 2013 at 05:55:14PM +0200, Tzafrir Cohen wrote:
On Tue, Dec 17, 2013 at 07:33:53AM +0100, Moritz Muehlenhoff wrote:
Package: asterisk
Severity: grave
Tags: security
Hi,
please see
http
glance: both of them also affect 1.6.2 from
old-stable. AST-2013-007 introduces a new configuration item and we have
to see what the sane default for it should be.
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972-50-7952406 mailto:tzafrir.co
On Thu, Aug 29, 2013 at 07:30:06PM +0300, Tzafrir Cohen wrote:
On Thu, Aug 29, 2013 at 10:20:53AM +0200, Moritz Muehlenhoff wrote:
Package: asterisk
Severity: grave
Tags: security
Justification: user security hole
Please see http://downloads.asterisk.org/pub/security/AST-2013-004
.
Attached debdiffs of both versions. Upload?
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972-50-7952406 mailto:tzafrir.co...@xorcom.com
http://www.xorcom.com
diff -Nru asterisk-1.8.13.1~dfsg/debian/changelog asterisk-1.8.13.1~dfsg/debian
before it was possible to build
it. Now my box is up and running with 1:1.8.13.1~dfsg-3 and
asterisk-chan-capi.
One test if you don't mind: merely rebuilding it vs. Asterisk -3 does
not fix the issue, right?
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co
is the client-side component
whereas reviewboard-tools is the server-side component. Thus they belong
in separate binary packages. Does the code of reviewboard-tools rely on
the code of rbtools?
--
Tzafrir Cohen | tzaf...@jabber.org | VIM is
http://tzafrir.org.il || a Mutt's
On Fri, Apr 05, 2013 at 03:24:29PM +0200, Salvatore Bonaccorso wrote:
Hi Tzafrir
On Fri, Mar 29, 2013 at 06:53:31AM +0100, Salvatore Bonaccorso wrote:
Hi Tzafrir
On Thu, Mar 28, 2013 at 09:37:30AM +0200, Tzafrir Cohen wrote:
On Thu, Mar 28, 2013 at 06:23:32AM +0100, Salvatore
?
To disable it, add the line 'noload = chan_capi.so' to the section
'[modules]' in /etc/asterisk/modules.conf .
cfg = 0x7fafc1db4b70
res = 0
__PRETTY_FUNCTION__ = load_module
__FUNCTION__ = load_module
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972-50
://downloads.asterisk.org/pub/security/AST-2013-003.html
[3] https://issues.asterisk.org/jira/browse/ASTERISK-20901
Please adjust the affected versions in the BTS as needed.
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972-50-7952406
On Mon, Jan 28, 2013 at 04:44:07PM +0200, Tzafrir Cohen wrote:
On Sun, Jan 27, 2013 at 04:23:05PM +, Ben Hutchings wrote:
I've uploaded the attached changes to DELAYED/5, and will follow this
with an upload of dahdi-firmware.
Thanks for your fixes. Applied them in SVN. I don't have
.
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972-50-7952406 mailto:tzafrir.co...@xorcom.com
http://www.xorcom.com iax:gu...@local.xorcom.com/tzafrir
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject
and reproduce the issue
Then run:
gdb -c core /usr/sbin/asterisk
and in the prompt of gdb run:
bt
bt full
and provide the output here.
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972-50-7952406 mailto:tzafrir.co...@xorcom.com
http
test packages to
http://people.debian.org/~tzafrir/ast_squeeze10/
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972-50-7952406 mailto:tzafrir.co...@xorcom.com
http://www.xorcom.com iax:gu...@local.xorcom.com/tzafrir
--
To UNSUBSCRIBE, email
On Fri, Jan 11, 2013 at 11:00:30PM +, Tzafrir Cohen wrote:
On Tue, Jan 08, 2013 at 06:49:56PM +0100, Moritz Mühlenhoff wrote:
On Tue, Jan 08, 2013 at 02:45:59AM +0200, Tzafrir Cohen wrote:
Hi,
On Wed, Jan 02, 2013 at 10:56:43PM +0100, Salvatore Bonaccorso wrote:
Package
!authenticated )
{
if ((timeout =
sip_check_authtimeout(start)) 0) {
goto cleanup;
Are you sure? That size hint condition should be ANDed.
You're right.
--
Tzafrir Cohen
icq#16849755
On Tue, Jan 08, 2013 at 06:49:56PM +0100, Moritz Mühlenhoff wrote:
On Tue, Jan 08, 2013 at 02:45:59AM +0200, Tzafrir Cohen wrote:
Hi,
On Wed, Jan 02, 2013 at 10:56:43PM +0100, Salvatore Bonaccorso wrote:
Package: asterisk
Severity: grave
Tags: security
Justification: user
]:
Crashes due to large stack allocations when using TCP
CVE-2012-5977[1]:
Denial of Service Through Exploitation of Device State Caching
Both apply to th stable vrsion as well. I commited fixes to th SVN.
Working on building them.
--
Tzafrir Cohen
icq#16849755
package.
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972-50-7952406 mailto:tzafrir.co...@xorcom.com
http://www.xorcom.com iax:gu...@local.xorcom.com/tzafrir
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
them to firmware-nonfree, but
you'll need to change the related drivers to use request_firmware().
They could be added to dahdi-firmware-nonfree onc this is done. I'll try
to look into that. Thanks for th note.
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co
asterisk -rnx 'core show application eSpeak'
# Should give a help text and not an error
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972-50-7952406 mailto:tzafrir.co...@xorcom.com
http://www.xorcom.com iax:gu...@local.xorcom.com/tzafrir
may have exported modules
(some other modules also have public symbols as well, but this shouldn't
have happened).
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972-50-7952406 mailto:tzafrir.co...@xorcom.com
http://www.xorcom.com iax:gu
of the Subversion
repository listed in the package:
http://anonscm.debian.org/viewvc/pkg-voip/asterisk/branches/squeeze/
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972-50-7952406 mailto:tzafrir.co...@xorcom.com
http://www.xorcom.com iax:gu
Dear Release Team,
On Wed, Sep 26, 2012 at 01:43:32AM +0200, Tzafrir Cohen wrote:
On Tue, Sep 25, 2012 at 03:36:47PM +0200, Helmut Grohne wrote:
Source: libpri
Version: 1.4.12-2
Severity: serious
Justification: fails to build from source
The upstream Makefile creates a version.c
number
as the broken one (can't see a squeeze8 in the repo)?
The fix I uploaded (and which is now up for testing) is squeeze8.
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972-50-7952406 mailto:tzafrir.co...@xorcom.com
http
fails with a message from dpkg-source saying that local changes
(to version.c) were detected and the build is aborted. Since the
package uses dh, the fix is as simple as:
echo version.c debian/clean
Applied, thanks for the report.
--
Tzafrir Cohen
icq#16849755
which for some reason have made their
way in to the proposed updates repo.
btw thanks to the reference on how to rollback much appreciated.
I fixed the respective patch and uploaded a fixed package.
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972
On Wed, Sep 19, 2012 at 10:53:29AM +0200, Victor Seva wrote:
The AST-2012-010 patch is using the non defined function
sip_pvt_lock_full on 1.6.2.9
Working on fixing the patch.
Thanks. I hopefully have it properly backported now.
--
Tzafrir Cohen
icq#16849755
On Fri, Aug 31, 2012 at 12:14:05PM +0200, Moritz Muehlenhoff wrote:
On Thu, Aug 30, 2012 at 07:43:21PM +0300, Tzafrir Cohen wrote:
On Thu, Aug 30, 2012 at 05:51:46PM +0200, Moritz Muehlenhoff wrote:
On Fri, Jul 06, 2012 at 08:06:56AM +0200, Moritz Muehlenhoff wrote:
Package: asterisk
/viewvc/pkg-voip/asterisk/branches/squeeze/debian/patches/AST-2012-004-MixMonitor?revision=9938view=markup
I added it in as well.
I have packages ready for Unstable (1.8.13.1 + patches) and Squeeze
(1.6.2.9-2+squeeze7).
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co
=371998
So this is juas a good a timing as any for a new package.
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972-50-7952406 mailto:tzafrir.co...@xorcom.com
http://www.xorcom.com iax:gu...@local.xorcom.com/tzafrir
--
To UNSUBSCRIBE, email
excuse for that :-)
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972-50-7952406 mailto:tzafrir.co...@xorcom.com
http://www.xorcom.com iax:gu...@local.xorcom.com/tzafrir
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
Source: spandsp
Version: 0.0.6~pre20-1
Severity: serious
Justification: fails to build from source (but built successfully in the past)
The package spandsp has failed to build on some architectures. This is due
to the test suite not intended to build in parallel.
As Upstream does not consider
of the format packages to be installed).
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972-50-7952406 mailto:tzafrir.co...@xorcom.com
http://www.xorcom.com iax:gu...@local.xorcom.com/tzafrir
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ
Package: asterisk
Version: 1:1.8.11.1~dfsg-1
Severity: grave
Tags: upstream patch security
Justification: user security hole
A remotely exploitable crash vulnerability exists in the IAX2 channel
driver if an established call is placed on hold without a suggested
music class. For this to occur,
Package: asterisk
Version: 1:1.8.11.1~dfsg-1
Severity: grave
Tags: upstream patch security
Justification: user security hole
When a skinny session is unregistered, the corresponding device pointer
is set to NULL in the channel private data. If the client was not in
the on-hook state at the time
in the asterisk code.
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972-50-7952406 mailto:tzafrir.co...@xorcom.com
http://www.xorcom.com iax:gu...@local.xorcom.com/tzafrir
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
to only require the remote attacker to be able to establish a
SIP call to Asterisk. Either being authenticated or as a guest if guests
are allowed.
Only applies to Wheezy/Sid: the code in Squeeze does not seem to support
UPDATE.
--
Tzafrir Cohen
icq#16849755
, unless there is
a good reason not to fix this now for 2.5.0.1.
Upstream has tagged 2.6.1-rc2 (but no tarball released). I was hoping
there would be a release by now, but as there's none so far, I'll create
one from that tag.
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co
://downloads.asterisk.org/pub/security/AST-2012-003.txt
Currently it is. I have suggested to the release team that they age the
version in sid to get the fix into testing.
Not applicable to Squeeze: the code in question is new to 1.8 (and not
backported in any patch we carry).
--
Tzafrir
.
Keeping the bug open as the iLBC code is a private library.
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972-50-7952406 mailto:tzafrir.co...@xorcom.com
http://www.xorcom.com iax:gu...@local.xorcom.com/tzafrir
--
To UNSUBSCRIBE, email
.
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972-50-7952406 mailto:tzafrir.co...@xorcom.com
http://www.xorcom.com iax:gu...@local.xorcom.com/tzafrir
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe
Just a minor correction: the required workaround for installing
drbd8-utils in debirf is not exactly installing drbd8-utils. Rather,
it's creating /dev/drbd{0..15}
for i in `seq 0 15`; do mknod /dev/drbd$i b 147 $i; done
This needs to be done once per boot.
--
Tzafrir Cohen | tzaf
not have SRTP
support before 1.8 and Squeeze uses 1.6.2 .
--
Tzafrir Cohen | tzaf...@jabber.org | VIM is
http://tzafrir.org.il || a Mutt's
tzaf...@cohens.org.il || best
tzaf...@debian.org|| friend
--
To UNSUBSCRIBE, email
configuration.
Asterisk's logrotate configuration already has missingok. I'd like to
close this issue.
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972-50-7952406 mailto:tzafrir.co...@xorcom.com
http://www.xorcom.com iax:gu...@local.xorcom.com
Package: drbd8-utils
Version: 2:8.3.9-1
Severity: serious
Justification: Policy 10.6
Dear Maintainer,
Policy 10.6 states If a package needs any special device files that are
not included in the base system, it must call MAKEDEV in the postinst
script, after notifying the user.
This package
On Mon, Oct 03, 2011 at 07:27:16PM +0200, Tzafrir Cohen wrote:
A short update:
The same sha1 code is indeed present in current Upstream code (including
version 1.8.x currently in Testing/Ustable and also the Upstream trunk).
Ron Lee pointed out, though, that RFC3174 has been obsoleted
Hi
I've updated the packaging for asterisk-espeak 2.5, that works with
newer Asterisk. Only tested to build and load. Didn't test it to work.
http://anonscm.debian.org/gitweb/?p=users/tzafrir/asterisk-espeak.git;a=summary
--
Tzafrir Cohen
icq#16849755
On Thu, Dec 22, 2011 at 07:29:58PM +0200, Lefteris Zafiris wrote:
On Thu, 22 Dec 2011 16:54:20 +0200
Tzafrir Cohen tzafrir.co...@xorcom.com wrote:
Hi
I've updated the packaging for asterisk-espeak 2.5, that works with
newer Asterisk. Only tested to build and load. Didn't test
.
* The warning about having differing 'nat' settings confusingly
referred to both peers and users.
That said, I hope that what I wrote on README.Debian was clear enough,
regardless of the slightly confusing config file. Their warning was
completly reworded.
--
Tzafrir Cohen
icq
On Sun, Dec 11, 2011 at 05:09:21PM +0200, Tzafrir Cohen wrote:
On Fri, Dec 09, 2011 at 09:47:04PM +0100, Moritz Muehlenhoff wrote:
Source: asterisk
Severity: grave
Tags: security
Please see http://downloads.asterisk.org/pub/security/AST-2011-014.html
This has been assigned CVE-2011
of the
configugration and also adds a nasty warning if global value does not
match the peer/user entry.
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972-50-7952406 mailto:tzafrir.co...@xorcom.com
http://www.xorcom.com iax:gu...@local.xorcom.com
On Sun, Nov 27, 2011 at 10:56:17PM -0800, Andrew Pollock wrote:
Package: python-asterisk
Version: 0.1a3+r160-4.1
Severity: grave
Justification: renders package unusable
I figure that 0.2 from http://code.google.com/p/py-asterisk/ is likely
to fix it.
--
Tzafrir Cohen
icq
/oldstable is not affected, please but double-check.
Asterisk maintainers, did you get confirmation from upstream?
Yes, as per the advisory. 1.6.2 is still supported for security issues
by upstream.
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972-50
!s390x]
Which of those would be preffered?
As a side note, vpb-driver has: Architecture: any for all of its
packages, even though it is linux-specific, AFAIK (and fails to build on
hurd and kfreebsd[1])
[1] https://buildd.debian.org/status/package.php?p=vpb-driver
--
Tzafrir Cohen
for the included
code.
So looks like some work is needed, but the replacement code is obvious.
Thanks for the report.
[1] http://www.rfc-editor.org/rfc/rfc6234.txt
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972-50-7952406 mailto:tzafrir.co...@xorcom.com
) and it worked just fine. Please provide the minimal
combination that does not work.
Also demoting as this is certainly not a major breakage.
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972-50-7952406 mailto:tzafrir.co...@xorcom.com
http
.
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972-50-7952406 mailto:tzafrir.co...@xorcom.com
http://www.xorcom.com iax:gu...@local.xorcom.com/tzafrir
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe
-parameter
to avoid build failures, but this patch will be reverted with the
GCC 4.6.1 release, and the severity of the report will be raised.
A simple patch is attached in https://issues.asterisk.org/jira/browse/SS7-54 .
Looks safe at first glance.
--
Tzafrir Cohen
icq#16849755
with patch AST-2011-008. Now fixed in SVN. In 1.4
there's no need for ast_str_strlen (which does not work with plain
null-termilated strings anyway).
As a temporary workaround, in case you can't downgrade or (soon)
upgrade: disable chan_sip.so in modules.conf.
--
Tzafrir Cohen
icq
Package: asterisk
Version: 1:1.8.4.2-1.8979
Severity: grave
Tags: security upstream patch
Justification: user security hole
Asterisk may respond differently to SIP requests from an invalid SIP
user than it does to a user configured on the system, even when the
alwaysauthreject option is set in
Package: asterisk
Version: 1:1.8.4.2-1
Severity: grave
Tags: security upstream patch
Justification: user security hole
A remote user sending a SIP packet containing a Contact header with a
missing left angle bracket () causes Asterisk to access a null pointer.
This applies only to Asterisk 1.8
Package: asterisk
Version: 1:1.8.4.2-1
Severity: grave
Tags: security upstream patch
Justification: user security hole
If a remote user sends a SIP packet containing a null, Asterisk assumes
available data extends past the null to the end of the packet when the
buffer is actually truncated when
Package: asterisk
Version: 1:1.8.4.2-1
Severity: grave
Tags: security upstream patch
Justification: user security hole
A memory address was inadvertently transmitted over the network via IAX2
via an option control frame and the remote party would try to access it.
This applies only to version
1 - 100 of 180 matches
Mail list logo