Your message dated Wed, 25 Apr 2012 20:47:43 +0000
with message-id <e1sn97n-00023s...@franck.debian.org>
and subject line Bug#670180: fixed in asterisk 1:1.8.11.1~dfsg-1
has caused the Debian Bug report #670180,
regarding CVE-2012-2414 CVE-2012-2415 CVE-2012-2416
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
670180: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=670180
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: asterisk
Severity: grave
Tags: security
CVE-2012-2414 http://downloads.asterisk.org/pub/security/AST-2012-004.html
CVE-2012-2415 http://downloads.asterisk.org/pub/security/AST-2012-005.html
CVE-2012-2416 http://downloads.asterisk.org/pub/security/AST-2012-006.html
Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: asterisk
Source-Version: 1:1.8.11.1~dfsg-1
We believe that the bug you reported is fixed in the latest version of
asterisk, which is due to be installed in the Debian FTP archive:
asterisk-config_1.8.11.1~dfsg-1_all.deb
to main/a/asterisk/asterisk-config_1.8.11.1~dfsg-1_all.deb
asterisk-dahdi_1.8.11.1~dfsg-1_amd64.deb
to main/a/asterisk/asterisk-dahdi_1.8.11.1~dfsg-1_amd64.deb
asterisk-dbg_1.8.11.1~dfsg-1_amd64.deb
to main/a/asterisk/asterisk-dbg_1.8.11.1~dfsg-1_amd64.deb
asterisk-dev_1.8.11.1~dfsg-1_all.deb
to main/a/asterisk/asterisk-dev_1.8.11.1~dfsg-1_all.deb
asterisk-doc_1.8.11.1~dfsg-1_all.deb
to main/a/asterisk/asterisk-doc_1.8.11.1~dfsg-1_all.deb
asterisk-mobile_1.8.11.1~dfsg-1_amd64.deb
to main/a/asterisk/asterisk-mobile_1.8.11.1~dfsg-1_amd64.deb
asterisk-modules_1.8.11.1~dfsg-1_amd64.deb
to main/a/asterisk/asterisk-modules_1.8.11.1~dfsg-1_amd64.deb
asterisk-mp3_1.8.11.1~dfsg-1_amd64.deb
to main/a/asterisk/asterisk-mp3_1.8.11.1~dfsg-1_amd64.deb
asterisk-mysql_1.8.11.1~dfsg-1_amd64.deb
to main/a/asterisk/asterisk-mysql_1.8.11.1~dfsg-1_amd64.deb
asterisk-ooh323_1.8.11.1~dfsg-1_amd64.deb
to main/a/asterisk/asterisk-ooh323_1.8.11.1~dfsg-1_amd64.deb
asterisk-voicemail-imapstorage_1.8.11.1~dfsg-1_amd64.deb
to main/a/asterisk/asterisk-voicemail-imapstorage_1.8.11.1~dfsg-1_amd64.deb
asterisk-voicemail-odbcstorage_1.8.11.1~dfsg-1_amd64.deb
to main/a/asterisk/asterisk-voicemail-odbcstorage_1.8.11.1~dfsg-1_amd64.deb
asterisk-voicemail_1.8.11.1~dfsg-1_amd64.deb
to main/a/asterisk/asterisk-voicemail_1.8.11.1~dfsg-1_amd64.deb
asterisk_1.8.11.1~dfsg-1.debian.tar.gz
to main/a/asterisk/asterisk_1.8.11.1~dfsg-1.debian.tar.gz
asterisk_1.8.11.1~dfsg-1.dsc
to main/a/asterisk/asterisk_1.8.11.1~dfsg-1.dsc
asterisk_1.8.11.1~dfsg-1_amd64.deb
to main/a/asterisk/asterisk_1.8.11.1~dfsg-1_amd64.deb
asterisk_1.8.11.1~dfsg.orig.tar.gz
to main/a/asterisk/asterisk_1.8.11.1~dfsg.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 670...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Tzafrir Cohen <tzaf...@debian.org> (supplier of updated asterisk package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Wed, 25 Apr 2012 12:19:06 +0300
Source: asterisk
Binary: asterisk asterisk-modules asterisk-dahdi asterisk-voicemail
asterisk-voicemail-imapstorage asterisk-voicemail-odbcstorage asterisk-ooh323
asterisk-mp3 asterisk-mysql asterisk-mobile asterisk-doc asterisk-dev
asterisk-dbg asterisk-config
Architecture: source all amd64
Version: 1:1.8.11.1~dfsg-1
Distribution: unstable
Urgency: high
Maintainer: Debian VoIP Team <pkg-voip-maintain...@lists.alioth.debian.org>
Changed-By: Tzafrir Cohen <tzaf...@debian.org>
Description:
asterisk - Open Source Private Branch Exchange (PBX)
asterisk-config - Configuration files for Asterisk
asterisk-dahdi - DAHDI devices support for the Asterisk PBX
asterisk-dbg - Debugging symbols for Asterisk
asterisk-dev - Development files for Asterisk
asterisk-doc - Source code documentation for Asterisk
asterisk-mobile - Bluetooth phone support for the Asterisk PBX
asterisk-modules - loadable modules for the Asterisk PBX
asterisk-mp3 - MP3 playback support for the Asterisk PBX
asterisk-mysql - MySQL database protocol support for the Asterisk PBX
asterisk-ooh323 - H.323 protocol support for the Asterisk PBX - ooH323c
asterisk-voicemail - simple voicemail support for the Asterisk PBX
asterisk-voicemail-imapstorage - IMAP voicemail storage support for the
Asterisk PBX
asterisk-voicemail-odbcstorage - ODBC voicemail storage support for the
Asterisk PBX
Closes: 664086 669378 670180
Changes:
asterisk (1:1.8.11.1~dfsg-1) unstable; urgency=high
.
* New upstream release, Closes: #670180:
- AST-2012-004 - further Manager permission fixes (CVE-2012-2414).
- AST-2012-005 - Heap overflow in chan_skinny (CVE-2012-2415).
- AST-2012-006 - Remote crash on SIP "UPDATE" method (CVE-2012-2416).
* Fix daemon status check in init.d script (Closes: #669378).
* Patch menuselect_cflags: allow passing our flags to menuselect's build.
- Use it t opass our CFLAGS to menuselect (Closes: #664086).
Checksums-Sha1:
644c4485e338d4fb6eb818fd727b4022578bab71 2997 asterisk_1.8.11.1~dfsg-1.dsc
20da46b544021b28d182298ce3953d432d49454a 7698387
asterisk_1.8.11.1~dfsg.orig.tar.gz
d3a6223375843bac09a2dba868a17053bf49b920 349980
asterisk_1.8.11.1~dfsg-1.debian.tar.gz
0a43941921e201436925af4487ef7b166e7dbfac 1965070
asterisk-doc_1.8.11.1~dfsg-1_all.deb
21eca9eac97e3574a4aee96a81c18a93935367e3 931124
asterisk-dev_1.8.11.1~dfsg-1_all.deb
26ef9f3e06f75ad20a67d905c6130203715b6c66 980840
asterisk-config_1.8.11.1~dfsg-1_all.deb
95ee946417bd31d312288dafa978d2f416b9f21b 1728496
asterisk_1.8.11.1~dfsg-1_amd64.deb
abd09f3d8da73f504708f4a447cac4e371bca5bb 2799498
asterisk-modules_1.8.11.1~dfsg-1_amd64.deb
5b7fe0f13863230f7a7a8ee4ec5725def19f7496 890480
asterisk-dahdi_1.8.11.1~dfsg-1_amd64.deb
34003eabe807563ca328b4daca23594e94c0f88d 664814
asterisk-voicemail_1.8.11.1~dfsg-1_amd64.deb
aac94eb4e4f945142014f9f1faa1c71c5a06e31f 679190
asterisk-voicemail-imapstorage_1.8.11.1~dfsg-1_amd64.deb
37a45b796ab5c3af607665e351483eb357faecaf 670814
asterisk-voicemail-odbcstorage_1.8.11.1~dfsg-1_amd64.deb
ca2d7e7073d57a8b0fb16eccbdcc3c2c61e870b5 1009808
asterisk-ooh323_1.8.11.1~dfsg-1_amd64.deb
d4182c208265ffb7b47a7820d2d8eb8e4def1521 605974
asterisk-mp3_1.8.11.1~dfsg-1_amd64.deb
8f0b8b5789afd657eada7dd4c91f952e1a47dfb3 629726
asterisk-mysql_1.8.11.1~dfsg-1_amd64.deb
9a77c4048169a652abbb225a349a891ef8289069 619948
asterisk-mobile_1.8.11.1~dfsg-1_amd64.deb
6bbbca352a41598425e23cb1cb3678c6c91704e9 29496696
asterisk-dbg_1.8.11.1~dfsg-1_amd64.deb
Checksums-Sha256:
07a8d429df3742e934893cd9126cf1b44a39b79ae2f6705a236971c2e2e78ec2 2997
asterisk_1.8.11.1~dfsg-1.dsc
cb9c7866ce19c2e1cd39026d73d014017a2b368942f5542fff768568c501fc16 7698387
asterisk_1.8.11.1~dfsg.orig.tar.gz
45b458c337498872f3eb2ff609795f1ed08654e5e9d876b32e009417dfa207d8 349980
asterisk_1.8.11.1~dfsg-1.debian.tar.gz
a58692cbd69344565283227cdceea9696e9f8f3e803b62613a5f9c8adeaa9309 1965070
asterisk-doc_1.8.11.1~dfsg-1_all.deb
4af50a31f146ac7d97ff7e1392bfdec2ee4147473d940f887f0776e88635e797 931124
asterisk-dev_1.8.11.1~dfsg-1_all.deb
996f19282fa54994f7632e3b7856f466379447313486981b5024c31110a400a7 980840
asterisk-config_1.8.11.1~dfsg-1_all.deb
1214e9a2ab4b1ba3be6a09d077b64a239b55f375c666850daaccfa26ecd0413b 1728496
asterisk_1.8.11.1~dfsg-1_amd64.deb
d4a8b7c0a9b5b1cd01642f9bcc5be73ad0e06c8ccc75d851d9da6050c889ee83 2799498
asterisk-modules_1.8.11.1~dfsg-1_amd64.deb
7f7b0761ba78f893e455f34c58c8021f7859dc961cae4cb78bc7e4b727bdcbce 890480
asterisk-dahdi_1.8.11.1~dfsg-1_amd64.deb
2a52040db52d745acf52278ea827f78db641dced35360dd4703b91cf439052d0 664814
asterisk-voicemail_1.8.11.1~dfsg-1_amd64.deb
ee54e0e4e08e6f609abd08574514a9e3c711c0deebeb8a3eac4813c531924205 679190
asterisk-voicemail-imapstorage_1.8.11.1~dfsg-1_amd64.deb
22485fd0e7c140faca948688036c81bf16d5538b6bf7c7e450adf5aec65c335f 670814
asterisk-voicemail-odbcstorage_1.8.11.1~dfsg-1_amd64.deb
327dcf5d0960c7d537350d0847c6298a3092ac026e054ccc54387360bf7c7d5c 1009808
asterisk-ooh323_1.8.11.1~dfsg-1_amd64.deb
4710b80d53cf92048083fe9c7c7cde42c11b1512abf67ba3ad8c6ad9cfeed509 605974
asterisk-mp3_1.8.11.1~dfsg-1_amd64.deb
0bd968e7efe28ab25143016cc018a19eb916ae62aa33d1a09db25141fc8a4df6 629726
asterisk-mysql_1.8.11.1~dfsg-1_amd64.deb
a5555c5429da4a61d150e0c239bce2d9a008e76d9411d19160d4ccef86cda8f0 619948
asterisk-mobile_1.8.11.1~dfsg-1_amd64.deb
be3294704414e8ad4975aca9d7a44db4ec07c0943c28bffd4b008eb1dc81e2ff 29496696
asterisk-dbg_1.8.11.1~dfsg-1_amd64.deb
Files:
3c884d378ec80102ecb895961038e871 2997 comm optional
asterisk_1.8.11.1~dfsg-1.dsc
cb6db28c1da63e0b6a64a50295998389 7698387 comm optional
asterisk_1.8.11.1~dfsg.orig.tar.gz
92eae215ad506d08437b4edb62e88f7c 349980 comm optional
asterisk_1.8.11.1~dfsg-1.debian.tar.gz
6e20adae7ef78ab4a5313bbfa2d274ef 1965070 doc extra
asterisk-doc_1.8.11.1~dfsg-1_all.deb
ea282cf4bd2b84fcd5cb241593c77da0 931124 devel extra
asterisk-dev_1.8.11.1~dfsg-1_all.deb
67c3759fcb9c35ecaced1ec4368c5740 980840 comm optional
asterisk-config_1.8.11.1~dfsg-1_all.deb
6881505538c03d0c12fdfe2398e31020 1728496 comm optional
asterisk_1.8.11.1~dfsg-1_amd64.deb
b2033357fdd3f513e0622f7bf1f8dd89 2799498 libs optional
asterisk-modules_1.8.11.1~dfsg-1_amd64.deb
ab786d60f4f32dfa93ac778b1b8395ac 890480 comm optional
asterisk-dahdi_1.8.11.1~dfsg-1_amd64.deb
ce360609f4dcde8f92132e87a369db9d 664814 comm optional
asterisk-voicemail_1.8.11.1~dfsg-1_amd64.deb
a2287f462f0edd97df20bcdba1546c02 679190 comm optional
asterisk-voicemail-imapstorage_1.8.11.1~dfsg-1_amd64.deb
06594242b749429e884d84568e9137df 670814 comm optional
asterisk-voicemail-odbcstorage_1.8.11.1~dfsg-1_amd64.deb
7f713a49abdab33a38e33f1136b854d9 1009808 comm optional
asterisk-ooh323_1.8.11.1~dfsg-1_amd64.deb
b00d98fd3f2ab4cda8ffc6e57a09a6eb 605974 comm optional
asterisk-mp3_1.8.11.1~dfsg-1_amd64.deb
3d9a7e86df1f2e47eddff7e48b4a2fd3 629726 comm optional
asterisk-mysql_1.8.11.1~dfsg-1_amd64.deb
170e34006f616f4ce6e7bd7ad114e48c 619948 comm optional
asterisk-mobile_1.8.11.1~dfsg-1_amd64.deb
4b18190995ac6feaad265550affd0582 29496696 debug extra
asterisk-dbg_1.8.11.1~dfsg-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAk+YXwkACgkQxArWdkN9MotYiwCfbq7Vr8ilkl7VN74bidd7jslc
4YUAoL+0sY6kcA6sCGHmnHb1Ie2frZSW
=OQx9
-----END PGP SIGNATURE-----
--- End Message ---
