Public bug reported: asterisk (1:1.8.13.1~dfsg-3) unstable; urgency=high
* Rewrtote sip.conf parts of AST-2012-014: dropped patches fix-sip-tcp-no-FILE and fix-sip-tls-leak. * Reverting other changes rejected by the release team: README.Debian, powerpcspe and fix_xmpp_19532 dropped (#545272 and #701505 reopened). -- Tzafrir Cohen <tzaf...@debian.org> Tue, 09 Apr 2013 13:23:07 +0300 asterisk (1:1.8.13.1~dfsg-2) unstable; urgency=high * Patches backported from Asterisk 1.8.19.1 (Closes: #697230): - Patch AST-2012-014 (CVE-2012-5976) - fixes Crashes due to large stack allocations when using TCP. The following two fixes were also pulled in order to easily apply it: - Patch fix-sip-tcp-no-FILE - Switch to reading with a recv loop - Patch fix-sip-tls-leak - Memory leak in the SIP TLS code - Patch AST-2012-015 (CVE-2012-5977) - Denial of Service Through Exploitation of Device State Caching * Patch powerpcspe: Fix OSARCH for powerpcspe (Closes: #701505). * README.Debian: document running the testsuite. * Patch fix_xmpp_19532: fix a crash of the XMPP code (Closes: #545272). * Patches backported from Asterisk 1.8.20.2 (Closes: #704114): - Patch AST-2013-002 (CVE-2013-2686): Prevent DoS in HTTP server with a large POST. - Patch AST-2013-003 (CVE-2013-2264): Prevent username disclosure in SIP channel driver. * Patch bluetooth_bind - fix breakage of chan_mobile (Closes: #614786). -- Tzafrir Cohen <tzaf...@debian.org> Sat, 06 Apr 2013 14:15:41 +0300 ** Affects: asterisk (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to asterisk in Ubuntu. https://bugs.launchpad.net/bugs/1205644 Title: Merge asterisk 1:1.8.13.1~dfsg-3 (universe) from Debian unstable (main) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/asterisk/+bug/1205644/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs