Hi Moritz, I have joined the pkg-voip-team and I am willing to backport/test security fixes across the three year lifecycle for asterisk.
Is there some action you need us to take to allow this bug to close? The tracker (https://tracker.debian.org/pkg/asterisk) states that there are three security issues in bookworm, but I have not been able to figure out how to address these. There is no asterisk package in bookworm, there is no branch in asterisk on salsa called bookworm or stable. Jonas Smedegaard (pkg-voip-team maintainer) has suggested this might be a problem in the tracker and that I should file a bug, but that is a side quest I'm not interested in. Maybe those CVEs can be marked resolved since asterisk will never be in bookworm, and we can focus on trixie/testing? Martin
