Accepted: asterisk 1:1.4.17~dfsg-2ubuntu1 (source)

William Grant william at qeuni.net
Sat Apr 12 07:44:49 BST 2008 

Accepted:
 OK: asterisk_1.4.17~dfsg.orig.tar.gz
 OK: asterisk_1.4.17~dfsg-2ubuntu1.diff.gz
 OK: asterisk_1.4.17~dfsg-2ubuntu1.dsc
     -> Component: universe Section: comm

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sat, 05 Apr 2008 11:32:12 +1100
Source: asterisk
Binary: asterisk asterisk-h323 asterisk-doc asterisk-dev asterisk-dbg asterisk-sounds-main asterisk-config
Architecture: source
Version: 1:1.4.17~dfsg-2ubuntu1
Distribution: hardy
Urgency: low
Maintainer: Ubuntu MOTU Developers <ubuntu-motu at lists.ubuntu.com>
Changed-By: William Grant <william at qeuni.net>
Description: 
 asterisk   - Open Source Private Branch Exchange (PBX)
 asterisk-config - Configuration files for Asterisk
 asterisk-dbg - Debugging symbols for Asterisk
 asterisk-dev - Development files for Asterisk
 asterisk-doc - Source code documentation for Asterisk
 asterisk-h323 - H.323 protocol support for Asterisk
 asterisk-sounds-main - Core Sound files for Asterisk (English)
Launchpad-Bugs-Fixed: 210124
Changes: 
 asterisk (1:1.4.17~dfsg-2ubuntu1) hardy; urgency=low
 .
   * SECURITY UPDATE: arbitrary code execution and authentication bypass.
     (LP: #210124)
     - debian/patches/CVE-2008-1289: Check that incoming RTP payloads are
       within buffer limits. Patch from Debian.
     - debian/patches/CVE-2008-1332: Ensure that allowguest has been enabled
       before deciding that authentication isn't required. Patch from Debian.
     - debian/patches/CVE-2008-1333: Interpret logging output as a character
       string, not a format string. Patch from Debian.
     - References:
       + CVE-2008-1289
       + CVE-2008-1332
       + CVE-2008-1333
       + AST-2008-002
       + AST-2008-003
       + AST-2008-004
   * Modify Maintainer value to match the DebianMaintainerField
     specification.
Files: 
 a1c864de4c8dcf914873efe67f6f3a59 1619 comm optional asterisk_1.4.17~dfsg-2ubuntu1.dsc
 7d3640f33c0e8f8c0b9e1a9d155dddca 178115 comm optional asterisk_1.4.17~dfsg-2ubuntu1.diff.gz
Original-Maintainer: Debian VoIP Team <pkg-voip-maintainers at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFH9sjmAc+S8KckfcURAidUAJ40gxXs3uPTOrwEzxopEretB5A9tQCeLiL+
Hi0weGuQnto34HAdlsSolpA=
=Anmi
-----END PGP SIGNATURE-----

More information about the Hardy-changes mailing list