[Bug 1205644] [NEW] Merge asterisk 1:1.8.13.1~dfsg-3 (universe) from Debian unstable (main)

Sat, 27 Jul 2013 06:52:23 -0700 

Public bug reported:

asterisk (1:1.8.13.1~dfsg-3) unstable; urgency=high

  * Rewrtote sip.conf parts of AST-2012-014: dropped patches
    fix-sip-tcp-no-FILE and fix-sip-tls-leak.
  * Reverting other changes rejected by the release team: README.Debian,
    powerpcspe and fix_xmpp_19532 dropped (#545272 and #701505 reopened).

 -- Tzafrir Cohen <tzaf...@debian.org>  Tue, 09 Apr 2013 13:23:07 +0300

asterisk (1:1.8.13.1~dfsg-2) unstable; urgency=high

  * Patches backported from Asterisk 1.8.19.1 (Closes: #697230):
    - Patch AST-2012-014 (CVE-2012-5976) - fixes Crashes due to large stack
      allocations when using TCP.
      The following two fixes were also pulled in order to easily apply it:
      - Patch fix-sip-tcp-no-FILE - Switch to reading with a recv loop
      - Patch fix-sip-tls-leak - Memory leak in the SIP TLS code
    - Patch AST-2012-015 (CVE-2012-5977) - Denial of Service Through
      Exploitation of Device State Caching
  * Patch powerpcspe: Fix OSARCH for powerpcspe (Closes: #701505).
  * README.Debian: document running the testsuite. 
  * Patch fix_xmpp_19532: fix a crash of the XMPP code (Closes: #545272).
  * Patches backported from Asterisk 1.8.20.2 (Closes: #704114):
    - Patch AST-2013-002 (CVE-2013-2686): Prevent DoS in HTTP server with
      a large POST.
    - Patch AST-2013-003 (CVE-2013-2264): Prevent username disclosure in
      SIP channel driver.
  * Patch bluetooth_bind - fix breakage of chan_mobile (Closes: #614786).

 -- Tzafrir Cohen <tzaf...@debian.org>  Sat, 06 Apr 2013 14:15:41 +0300

** Affects: asterisk (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to asterisk in Ubuntu.
https://bugs.launchpad.net/bugs/1205644

Title:
  Merge asterisk 1:1.8.13.1~dfsg-3 (universe) from Debian unstable
  (main)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/asterisk/+bug/1205644/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

Reply via email to