[ubuntu/artful-proposed] asterisk 1:13.17.1~dfsg-1ubuntu1 (Accepted)

Gianfranco Costamagna locutusofborg at debian.org
Sun Sep 3 06:04:23 UTC 2017 

asterisk (1:13.17.1~dfsg-1ubuntu1) artful; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - debian/asterisk.init: chown /dev/dahdi.

asterisk (1:13.17.1~dfsg-1) unstable; urgency=high

  * New upstream version 13.17.1, fixing three CVEs
    - CVE-2017-14099 / AST-2017-005
      Media takeover in RTP stack ("RTP bleed") (Closes: #873907)
    - CVE-2017-14100 / AST-2017-006
      Shell access command injection in app_minivm (Closes: #873908)
    - CVE-2017-14098 / AST-2017-007
      Remote Crash Vulerability in res_pjsip (Closes: #873909)

Date: Sun, 03 Sep 2017 08:00:56 +0200
Changed-By: Gianfranco Costamagna <locutusofborg at debian.org>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/asterisk/1:13.17.1~dfsg-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 03 Sep 2017 08:00:56 +0200
Source: asterisk
Binary: asterisk asterisk-modules asterisk-dahdi asterisk-vpb asterisk-voicemail asterisk-voicemail-imapstorage asterisk-voicemail-odbcstorage asterisk-ooh323 asterisk-mp3 asterisk-mysql asterisk-mobile asterisk-tests asterisk-doc asterisk-dev asterisk-config
Architecture: source
Version: 1:13.17.1~dfsg-1ubuntu1
Distribution: artful
Urgency: high
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Gianfranco Costamagna <locutusofborg at debian.org>
Description:
 asterisk   - Open Source Private Branch Exchange (PBX)
 asterisk-config - Configuration files for Asterisk
 asterisk-dahdi - DAHDI devices support for the Asterisk PBX
 asterisk-dev - Development files for Asterisk
 asterisk-doc - Source code documentation for Asterisk
 asterisk-mobile - Bluetooth phone support for the Asterisk PBX
 asterisk-modules - loadable modules for the Asterisk PBX
 asterisk-mp3 - MP3 playback support for the Asterisk PBX
 asterisk-mysql - MySQL database protocol support for the Asterisk PBX
 asterisk-ooh323 - H.323 protocol support for the Asterisk PBX - ooH323c
 asterisk-tests - internal test modules of the Asterisk PBX
 asterisk-voicemail - simple voicemail support for the Asterisk PBX
 asterisk-voicemail-imapstorage - IMAP voicemail storage support for the Asterisk PBX
 asterisk-voicemail-odbcstorage - ODBC voicemail storage support for the Asterisk PBX
 asterisk-vpb - VoiceTronix devices support for the Asterisk PBX
Closes: 873907 873908 873909
Changes:
 asterisk (1:13.17.1~dfsg-1ubuntu1) artful; urgency=low
 .
   * Merge from Debian unstable.  Remaining changes:
     - debian/asterisk.init: chown /dev/dahdi.
 .
 asterisk (1:13.17.1~dfsg-1) unstable; urgency=high
 .
   * New upstream version 13.17.1, fixing three CVEs
     - CVE-2017-14099 / AST-2017-005
       Media takeover in RTP stack ("RTP bleed") (Closes: #873907)
     - CVE-2017-14100 / AST-2017-006
       Shell access command injection in app_minivm (Closes: #873908)
     - CVE-2017-14098 / AST-2017-007
       Remote Crash Vulerability in res_pjsip (Closes: #873909)
Checksums-Sha1:
 6566b7a87842ccedf47d6f4c5225bbfeab138cdf 4318 asterisk_13.17.1~dfsg-1ubuntu1.dsc
 adb89838e59308fe05bc60693bf01df6b8cfb2f4 6227588 asterisk_13.17.1~dfsg.orig.tar.xz
 b989b0e68886a42274ed9df9e49079f0b1d1105e 169528 asterisk_13.17.1~dfsg-1ubuntu1.debian.tar.xz
Checksums-Sha256:
 0b136e56e730d92e95c6492e90f5cd1115b265bba0d5d5b0751b0dfe12dff51e 4318 asterisk_13.17.1~dfsg-1ubuntu1.dsc
 c508880b2ee165016074d75347aa2df00fc88a730db7dc1a8cf1b895e9e8a3ad 6227588 asterisk_13.17.1~dfsg.orig.tar.xz
 655206b6ab77bd3b1b8178a78df139a5d48f602a4ca9525a6a6700394a7b2956 169528 asterisk_13.17.1~dfsg-1ubuntu1.debian.tar.xz
Files:
 bdbb54ba2b092f3ebbf0b24b54a52046 4318 comm optional asterisk_13.17.1~dfsg-1ubuntu1.dsc
 a1a52404f8938ede9204750c6f5b69db 6227588 comm optional asterisk_13.17.1~dfsg.orig.tar.xz
 61c9346dbe15626c51437b5c26142e52 169528 comm optional asterisk_13.17.1~dfsg-1ubuntu1.debian.tar.xz
Original-Maintainer: Debian VoIP Team <pkg-voip-maintainers at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCAAGBQJZq5q3AAoJEPNPCXROn13ZyzcQAKdQbBq59CjQxLzkMbY7tfpW
ic+E9L8EjdC5DruOVU8YOElRFdcGdIuVuDrJTyfdSsgTAL0xDXA0QrPPXagg4USj
xiM0SNn7TP1llZdtu/5QJJ/xaptNU3+5wN8Jrwa1r/QX3NKsOs+GRL4J/CxN5h1l
7+ZouzzvkTb5STA+b+Dd/tG6PmP0kET6wPFShcbSa20vreDDzDBfML8GAU04itWD
/kOzwNXDCMGOZqYhtCxNC/hwdHVeDi/aeSNl/rhLB9kE4/B8ZPCTawepxcqtG0R5
jXGnbNobYNjNhTYgok3vyB2P9j1yWKnKDKzKio5RwkvQ7as7YLbmTMP8RO/RoMLB
0wV9iLYhcooO2INuJotyu5R7QRt/4DPuLcJlvCQNyJXyyVJ75lv0pp7CWTpTsA04
EK+vNPd72XcMn4WYZoJqQjGM1BmrVJa7woyTWwvRk3qi9MQfnQEp32pcd/OxWWEN
+VDxMHF/Pw5DxvSeeEGA8HhLqm8HXlFv16Hx30cidlQHFbEc+934HvyXkZ3sPC7R
vxYVorVhve8FU/jW8OefTLQwo9/xxQNrB/Zk7zl1bL2pGQpdIfZdcUFqmv2Bbap+
2VHrkvBVX0h/HiLw2uc50Zna0uY4FE3theL3PfLyaGFU8rHPM+s9gUXrds4n7LtR
Z8xFpd4rLAwOwGJHutqG
=Xn13
-----END PGP SIGNATURE-----

More information about the Artful-changes mailing list