[Bug 1048093] Re: Outstanding security fixes in asterisk
Allison Randal
allison at lohutok.net
Sun Sep 9 15:28:27 UTC 2012
** Description changed:
(Tracking some collaborative work with persia)
A review of RC bugs from Debian shows 4 CVEs fixed in the latest Debian
release. This includes 2 CVEs fixed in an upstream (bug-fix level)
- release, and 2 fixed in Debian. Currently verifying that a merge is
- clean and minimal, for a possible FFe.
+ release, and 2 fixed in Debian. Update: this Debian release has now been
+ merged to quantal, see LP: #1022360
Applying these fixes to Precise SRU would require cherrypicking.
- Unknown if these CVEs affect earlier Ubuntu releases also.
+ All CVEs affect only 1.8.x series of asterisk, so no work is needed for
+ releases earlier than precise.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to asterisk in Ubuntu.
https://bugs.launchpad.net/bugs/1048093
Title:
Outstanding security fixes in asterisk
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/asterisk/+bug/1048093/+subscriptions
More information about the Ubuntu-server-bugs
mailing list