Your message dated Sat, 15 Jan 2005 08:17:07 -0500
with message-id <[EMAIL PROTECTED]>
and subject line Bug#287851: fixed in asterisk 1:1.0.3-1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 30 Dec 2004 14:21:26 +0000
>From [EMAIL PROTECTED] Thu Dec 30 06:21:26 2004
Return-path: <[EMAIL PROTECTED]>
Received: from mail.gondor.com (moria.gondor.com) [212.117.64.182]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1Ck1B6-0006fe-00; Thu, 30 Dec 2004 06:21:24 -0800
Received: from sirith.gondor.com (sirith.gondor.com [10.1.0.2])
by moria.gondor.com (8.12.3/8.12.3/Debian-7.1) with ESMTP id
iBUELMN7003786;
Thu, 30 Dec 2004 15:21:22 +0100
Received: from jan by sirith.gondor.com with local (Exim 4.34)
id 1Ck1AS-00082V-4H; Thu, 30 Dec 2004 15:20:44 +0100
Date: Thu, 30 Dec 2004 15:20:44 +0100
From: Jan Niehusmann <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: asterisk: format string vulnerabilities
Message-ID: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="huq684BweRXVnRxX"
Content-Disposition: inline
X-Reportbug-Version: 3.2
X-Request-PGP: http://gondor.com/key.asc
User-Agent: Mutt/1.5.6+20040907i
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level:
--huq684BweRXVnRxX
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Package: asterisk
Severity: critical
Tags: security
Justification: possible remote security hole
As reported in http://www.sineapps.com/news.php?rssid=3D430, asterisk
contains code like=20
ast_log(LOG_VERBOSE, stuff);
This is prone to format string vulnerabilities. I did not check under
which conditions remote users are able to control the contents of the
logged strings, and therefore don't know if or how this is exploitable.
A quick grep through the sources revealed at least one very suspicious
code path (srv.c indirectly calls the code mentioned above with results
=66rom a name server quers)
This looks likely to be a serious security hole, and is easy enough to
fix. I set the severity to critical under the assumption that remote
exploits are possible.
Jan
--huq684BweRXVnRxX
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFB1A67nIUccvEtoGURAiamAJwPW22/mo72kKx5NijesZWfgwNHwACffX+x
htPik5pSk9Q/JU/3+7YogSg=
=s4sF
-----END PGP SIGNATURE-----
--huq684BweRXVnRxX--
---------------------------------------
Received: (at 287851-close) by bugs.debian.org; 15 Jan 2005 13:23:12 +0000
>From [EMAIL PROTECTED] Sat Jan 15 05:23:12 2005
Return-path: <[EMAIL PROTECTED]>
Received: from newraff.debian.org [208.185.25.31] (mail)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CpntY-0001sa-00; Sat, 15 Jan 2005 05:23:12 -0800
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1Cpnnf-0007cG-00; Sat, 15 Jan 2005 08:17:07 -0500
From: Jose Carlos Garcia Sogo <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.55 $
Subject: Bug#287851: fixed in asterisk 1:1.0.3-1
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Sat, 15 Jan 2005 08:17:07 -0500
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
X-CrossAssassin-Score: 4
Source: asterisk
Source-Version: 1:1.0.3-1
We believe that the bug you reported is fixed in the latest version of
asterisk, which is due to be installed in the Debian FTP archive:
asterisk-config_1.0.3-1_all.deb
to pool/main/a/asterisk/asterisk-config_1.0.3-1_all.deb
asterisk-dev_1.0.3-1_all.deb
to pool/main/a/asterisk/asterisk-dev_1.0.3-1_all.deb
asterisk-doc_1.0.3-1_all.deb
to pool/main/a/asterisk/asterisk-doc_1.0.3-1_all.deb
asterisk-gtk-console_1.0.3-1_i386.deb
to pool/main/a/asterisk/asterisk-gtk-console_1.0.3-1_i386.deb
asterisk-h323_1.0.3-1_i386.deb
to pool/main/a/asterisk/asterisk-h323_1.0.3-1_i386.deb
asterisk-sounds-main_1.0.3-1_all.deb
to pool/main/a/asterisk/asterisk-sounds-main_1.0.3-1_all.deb
asterisk-web-vmail_1.0.3-1_all.deb
to pool/main/a/asterisk/asterisk-web-vmail_1.0.3-1_all.deb
asterisk_1.0.3-1.diff.gz
to pool/main/a/asterisk/asterisk_1.0.3-1.diff.gz
asterisk_1.0.3-1.dsc
to pool/main/a/asterisk/asterisk_1.0.3-1.dsc
asterisk_1.0.3-1_i386.deb
to pool/main/a/asterisk/asterisk_1.0.3-1_i386.deb
asterisk_1.0.3.orig.tar.gz
to pool/main/a/asterisk/asterisk_1.0.3.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Jose Carlos Garcia Sogo <[EMAIL PROTECTED]> (supplier of updated asterisk
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sat, 15 Jan 2005 13:11:49 +0100
Source: asterisk
Binary: asterisk-sounds-main asterisk-h323 asterisk-web-vmail
asterisk-gtk-console asterisk asterisk-config asterisk-dev asterisk-doc
Architecture: source all i386
Version: 1:1.0.3-1
Distribution: unstable
Urgency: high
Maintainer: Debian VoIP Team <[EMAIL PROTECTED]>
Changed-By: Jose Carlos Garcia Sogo <[EMAIL PROTECTED]>
Description:
asterisk - open source Private Branch Exchange (PBX)
asterisk-config - config files for asterisk
asterisk-dev - development files for asterisk
asterisk-doc - documentation for asterisk
asterisk-gtk-console - gtk based console for asterisk
asterisk-h323 - asterisk H.323 VoIP channel
asterisk-sounds-main - sound files for asterisk
asterisk-web-vmail - web based (GCI) voice mail interface for asterisk
Closes: 284889 287025 287456 287851 288429 288831
Changes:
asterisk (1:1.0.3-1) unstable; urgency=high
.
* Debian VoIP Team upload.
* New upstream version. (Closes: #284889)
.
* Kilian Krause:
- ACK NMU. (Thanks Steve!):
+ debian/patches/01_security_hotfix_287851.dpatch: Patched to
fix logging strings vulnerability. (Closes: #287851)
.
* Jose Carlos Garcia Sogo
- Using again dpatch.
- debian/patches: populated with different patches.
- 08_debian-zaptel: Using zaptel.h file from version 1:1.0.0-2 of
zaptel-source package.
- removed sounds licensed from FreePlayMusic from source,
as the license for them is not DFSG compliant (Closes: #288429)
- applied patch to make asterisk compile on amd64 with
gcc-4.0 (Closes: #288831)
- debian/asterisk.init:
+ Changed how daemon is restarted in init file. (Closes: #287025)
+ Using -r in checks in init file. (Closes: #287456)
- debian/asterisk-config.default
+ Run by default as group asterisk.
- Fix some lintian warnings and errors:
+ Description: should start with lowercase letter.
+ Bumped Standars-Version to 3.6.1. No changes needed.
+ Removed duplicate dependencies.
+ Recompress asterisk.8 manpage with max level (--best option)
Files:
05cc90208ee7e0ed22e00e738868054c 1174 comm optional asterisk_1.0.3-1.dsc
d1d27199371d50996cf645c00da59a07 2904591 comm optional
asterisk_1.0.3.orig.tar.gz
219b689a6597c92ea14cbff8382b9bcb 68712 comm optional asterisk_1.0.3-1.diff.gz
d01e34f5bf260f1f4fce45b4297cd0c5 1524400 doc optional
asterisk-doc_1.0.3-1_all.deb
c98ffbe45a3ce7faeb58e7e2ef81ddf0 78516 devel optional
asterisk-dev_1.0.3-1_all.deb
1cb344226f5a22c334888ed545ed923f 1160792 comm optional
asterisk-sounds-main_1.0.3-1_all.deb
4548fccd32f76445190dafe12f4e1d51 23762 comm optional
asterisk-web-vmail_1.0.3-1_all.deb
4ad6a24cf24e65d770b8459cfa97ca69 58184 comm optional
asterisk-config_1.0.3-1_all.deb
6c09704fd4dc63f66c22ba9e034cad9c 1091316 comm optional
asterisk_1.0.3-1_i386.deb
6c32475d228c54c521bfcfd20e6709e9 68888 comm optional
asterisk-h323_1.0.3-1_i386.deb
06f53f65de361b31e960f5f660661fa5 25358 comm optional
asterisk-gtk-console_1.0.3-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFB6Q64S+BYJZB4jhERAhahAKCAbBA2rk35FEM2glkITCSYSf0OAACfSSyn
OhAy+36rfRzUy7DlVf0Reew=
=yDaE
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
