On Sat, Nov 29, 2014 at 10:33:31PM +0100, Moritz Muehlenhoff wrote:
> Source: asterisk
> Severity: grave
> Tags: security
>
> Please see
> http://downloads.digium.com/pub/security/AST-2014-018.html
> http://downloads.digium.com/pub/security/AST-2014-017.html
> http://downloads.digium.com/pub/security/AST-2014-014.html
> http://downloads.digium.com/pub/security/AST-2014-012.html
012 was already "fixed" (in a version uploaded to Unstable, but didn't
stay there long enough). Sadly Unstable has Asterisk 13, and thus those
need to be pushed directly to Jessie.
I created a Jessie branch in git with those fixes. Sadly I didn't have
the time to properly document them.
Feel free to upload it.
For Unstable, I guess a new upstream release is needed (due to the same
security issues. And even more: many issues in chan_pjsip).
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972-50-7952406 mailto:tzafrir.co...@xorcom.com
http://www.xorcom.com
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
