[ubuntu/saucy-proposed] asterisk 1:1.8.13.1~dfsg-3ubuntu1 (Accepted)

Artur Rona ari-tczew at tlen.pl
Tue Jul 30 12:21:14 UTC 2013 

asterisk (1:1.8.13.1~dfsg-3ubuntu1) saucy; urgency=low

  * Merge from Debian unstable. (LP: #1205644) Remaining changes:
    - debian/asterisk.init:
      + chown /dev/dahdi
    - debian/control, debian/rules:
      + Enable Hardening Wrapper (PIE and BIND_NOW).
      + Build against libical 1.0.
    - debian/patches/armhf-fixes:
      + Fix FTBFS on armhf.
  * Fixed security issues:
    - CVE-2012-5976 (LP: #1097687)
    - CVE-2012-5977 (LP: #1097691)
    - CVE-2013-2686
    - CVE-2013-2264

asterisk (1:1.8.13.1~dfsg-3) unstable; urgency=high

  * Rewrtote sip.conf parts of AST-2012-014: dropped patches
    fix-sip-tcp-no-FILE and fix-sip-tls-leak.
  * Reverting other changes rejected by the release team: README.Debian,
    powerpcspe and fix_xmpp_19532 dropped (#545272 and #701505 reopened).

asterisk (1:1.8.13.1~dfsg-2) unstable; urgency=high

  * Patches backported from Asterisk 1.8.19.1 (Closes: #697230):
    - Patch AST-2012-014 (CVE-2012-5976) - fixes Crashes due to large stack
      allocations when using TCP.
      The following two fixes were also pulled in order to easily apply it:
      - Patch fix-sip-tcp-no-FILE - Switch to reading with a recv loop
      - Patch fix-sip-tls-leak - Memory leak in the SIP TLS code
    - Patch AST-2012-015 (CVE-2012-5977) - Denial of Service Through
      Exploitation of Device State Caching
  * Patch powerpcspe: Fix OSARCH for powerpcspe (Closes: #701505).
  * README.Debian: document running the testsuite.
  * Patch fix_xmpp_19532: fix a crash of the XMPP code (Closes: #545272).
  * Patches backported from Asterisk 1.8.20.2 (Closes: #704114):
    - Patch AST-2013-002 (CVE-2013-2686): Prevent DoS in HTTP server with
      a large POST.
    - Patch AST-2013-003 (CVE-2013-2264): Prevent username disclosure in
      SIP channel driver.
  * Patch bluetooth_bind - fix breakage of chan_mobile (Closes: #614786).

Date: Sat, 27 Jul 2013 14:56:17 +0200
Changed-By: Artur Rona <ari-tczew at tlen.pl>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Daniel Holbach <daniel.holbach at ubuntu.com>
https://launchpad.net/ubuntu/saucy/+source/asterisk/1:1.8.13.1~dfsg-3ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sat, 27 Jul 2013 14:56:17 +0200
Source: asterisk
Binary: asterisk asterisk-modules asterisk-dahdi asterisk-voicemail asterisk-voicemail-imapstorage asterisk-voicemail-odbcstorage asterisk-ooh323 asterisk-mp3 asterisk-mysql asterisk-mobile asterisk-doc asterisk-dev asterisk-dbg asterisk-config
Architecture: source
Version: 1:1.8.13.1~dfsg-3ubuntu1
Distribution: saucy
Urgency: high
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Artur Rona <ari-tczew at tlen.pl>
Description: 
 asterisk   - Open Source Private Branch Exchange (PBX)
 asterisk-config - Configuration files for Asterisk
 asterisk-dahdi - DAHDI devices support for the Asterisk PBX
 asterisk-dbg - Debugging symbols for Asterisk
 asterisk-dev - Development files for Asterisk
 asterisk-doc - Source code documentation for Asterisk
 asterisk-mobile - Bluetooth phone support for the Asterisk PBX
 asterisk-modules - loadable modules for the Asterisk PBX
 asterisk-mp3 - MP3 playback support for the Asterisk PBX
 asterisk-mysql - MySQL database protocol support for the Asterisk PBX
 asterisk-ooh323 - H.323 protocol support for the Asterisk PBX - ooH323c
 asterisk-voicemail - simple voicemail support for the Asterisk PBX
 asterisk-voicemail-imapstorage - IMAP voicemail storage support for the Asterisk PBX
 asterisk-voicemail-odbcstorage - ODBC voicemail storage support for the Asterisk PBX
Closes: 545272 614786 697230 701505 704114
Launchpad-Bugs-Fixed: 1097687 1097691 1205644
Changes: 
 asterisk (1:1.8.13.1~dfsg-3ubuntu1) saucy; urgency=low
 .
   * Merge from Debian unstable. (LP: #1205644) Remaining changes:
     - debian/asterisk.init:
       + chown /dev/dahdi
     - debian/control, debian/rules:
       + Enable Hardening Wrapper (PIE and BIND_NOW).
       + Build against libical 1.0.
     - debian/patches/armhf-fixes:
       + Fix FTBFS on armhf.
   * Fixed security issues:
     - CVE-2012-5976 (LP: #1097687)
     - CVE-2012-5977 (LP: #1097691)
     - CVE-2013-2686
     - CVE-2013-2264
 .
 asterisk (1:1.8.13.1~dfsg-3) unstable; urgency=high
 .
   * Rewrtote sip.conf parts of AST-2012-014: dropped patches
     fix-sip-tcp-no-FILE and fix-sip-tls-leak.
   * Reverting other changes rejected by the release team: README.Debian,
     powerpcspe and fix_xmpp_19532 dropped (#545272 and #701505 reopened).
 .
 asterisk (1:1.8.13.1~dfsg-2) unstable; urgency=high
 .
   * Patches backported from Asterisk 1.8.19.1 (Closes: #697230):
     - Patch AST-2012-014 (CVE-2012-5976) - fixes Crashes due to large stack
       allocations when using TCP.
       The following two fixes were also pulled in order to easily apply it:
       - Patch fix-sip-tcp-no-FILE - Switch to reading with a recv loop
       - Patch fix-sip-tls-leak - Memory leak in the SIP TLS code
     - Patch AST-2012-015 (CVE-2012-5977) - Denial of Service Through
       Exploitation of Device State Caching
   * Patch powerpcspe: Fix OSARCH for powerpcspe (Closes: #701505).
   * README.Debian: document running the testsuite.
   * Patch fix_xmpp_19532: fix a crash of the XMPP code (Closes: #545272).
   * Patches backported from Asterisk 1.8.20.2 (Closes: #704114):
     - Patch AST-2013-002 (CVE-2013-2686): Prevent DoS in HTTP server with
       a large POST.
     - Patch AST-2013-003 (CVE-2013-2264): Prevent username disclosure in
       SIP channel driver.
   * Patch bluetooth_bind - fix breakage of chan_mobile (Closes: #614786).
Checksums-Sha1: 
 8f8d9093a3960a5b73e102f78d4bc175dbe401fe 3132 asterisk_1.8.13.1~dfsg-3ubuntu1.dsc
 8accfd9b27ee361755e58d7d93e74b3d1277480d 375838 asterisk_1.8.13.1~dfsg-3ubuntu1.debian.tar.gz
Checksums-Sha256: 
 4ca276aa64498c01c0054e1d5af3bbe723726832a87649a1c050c89389b7e547 3132 asterisk_1.8.13.1~dfsg-3ubuntu1.dsc
 e69864d5fc1af0e3348a86de9aa6eb633bda4a66992f536ad52476461afcc87f 375838 asterisk_1.8.13.1~dfsg-3ubuntu1.debian.tar.gz
Files: 
 349b46402dccb7b6effed8bf5061172b 3132 comm optional asterisk_1.8.13.1~dfsg-3ubuntu1.dsc
 a84a60deea59e49010e6672242e9db60 375838 comm optional asterisk_1.8.13.1~dfsg-3ubuntu1.debian.tar.gz
Original-Maintainer: Debian VoIP Team <pkg-voip-maintainers at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlH3r4QACgkQRjrlnQWd1evbvQCdGEGfQaTmz2JDpbpkQZtvoY+V
1ngAn3bmEzhw0ogVqXbfI3nleI/DJ9EQ
=YWX8
-----END PGP SIGNATURE-----

More information about the Saucy-changes mailing list