Your message dated Tue, 20 Dec 2016 22:33:39 +0000 with message-id <e1cjsyz-000htu...@fasolo.debian.org> and subject line Bug#847666: fixed in asterisk 1:13.13.1~dfsg-1 has caused the Debian Bug report #847666, regarding asterisk: AST-2016-008: Crash on SDP offer or answer from endpoint using Opus to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 847666: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847666 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: asterisk Version: 1:13.12.2~dfsg-1 Severity: grave Tags: security upstream patch Forwarded: https://issues.asterisk.org/jira/browse/ASTERISK-26579 Hi AST-2016-008 was announced at http://downloads.asterisk.org/pub/security/AST-2016-008.html referencing patches as well for the 13.x release series. https://issues.asterisk.org/jira/browse/ASTERISK-26579 No CVE is assigned yet for this issue. Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: asterisk Source-Version: 1:13.13.1~dfsg-1 We believe that the bug you reported is fixed in the latest version of asterisk, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 847...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bernhard Schmidt <be...@debian.org> (supplier of updated asterisk package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 18 Dec 2016 14:48:07 +0100 Source: asterisk Binary: asterisk asterisk-modules asterisk-dahdi asterisk-vpb asterisk-voicemail asterisk-voicemail-imapstorage asterisk-voicemail-odbcstorage asterisk-ooh323 asterisk-mp3 asterisk-mysql asterisk-mobile asterisk-doc asterisk-dev asterisk-config Architecture: source Version: 1:13.13.1~dfsg-1 Distribution: unstable Urgency: medium Maintainer: Debian VoIP Team <pkg-voip-maintain...@lists.alioth.debian.org> Changed-By: Bernhard Schmidt <be...@debian.org> Description: asterisk - Open Source Private Branch Exchange (PBX) asterisk-config - Configuration files for Asterisk asterisk-dahdi - DAHDI devices support for the Asterisk PBX asterisk-dev - Development files for Asterisk asterisk-doc - Source code documentation for Asterisk asterisk-mobile - Bluetooth phone support for the Asterisk PBX asterisk-modules - loadable modules for the Asterisk PBX asterisk-mp3 - MP3 playback support for the Asterisk PBX asterisk-mysql - MySQL database protocol support for the Asterisk PBX asterisk-ooh323 - H.323 protocol support for the Asterisk PBX - ooH323c asterisk-voicemail - simple voicemail support for the Asterisk PBX asterisk-voicemail-imapstorage - IMAP voicemail storage support for the Asterisk PBX asterisk-voicemail-odbcstorage - ODBC voicemail storage support for the Asterisk PBX asterisk-vpb - VoiceTronix devices support for the Asterisk PBX Closes: 847666 847668 Changes: asterisk (1:13.13.1~dfsg-1) unstable; urgency=medium . [ Bernhard Schmidt ] * New upstream version 13.13.1~dfsg - Fix AST-2016-008 (Closes: #847666, but the Debian package was most likely not vulnerable due to a patched Opus implementation) - Fix AST-2016-009 / CVE-2016-9938 (Closes: #847668) * Drop fix_libedit_unicode.patch, applied upstream * Drop HURD patches, applied upstream * Drop changes to res/res_format_attr_opus.c from opus.patch * Add pjsip_unresolved_symbol.patch to fix unresolved symbol in chan_pjsip Checksums-Sha1: 88bf860ab8ba59e6bb04ce526807e9e619e4f1ed 4118 asterisk_13.13.1~dfsg-1.dsc 62f32faaa226b545758a84a5d4bc26921d4ced9b 6119588 asterisk_13.13.1~dfsg.orig.tar.xz 39345648acf581c695d58a9ce70b4634798e0567 127348 asterisk_13.13.1~dfsg-1.debian.tar.xz Checksums-Sha256: 11002a3a5197424854193a8d91e902d9e2d17d6a73aa544f26128d133e78c99d 4118 asterisk_13.13.1~dfsg-1.dsc 9d5ba8e4356b6b16cd022fa587a4500464c45168f8f50292cef15c0777ea2a10 6119588 asterisk_13.13.1~dfsg.orig.tar.xz 1ca53e2f9abf23ff37d35a2083d89146df9ec4bd424d8c06eedabe5d843419e7 127348 asterisk_13.13.1~dfsg-1.debian.tar.xz Files: 18f2292f2db2dfedb21f518b63245746 4118 comm optional asterisk_13.13.1~dfsg-1.dsc 5b6a3a90b9763e0d6700e09a607ed77c 6119588 comm optional asterisk_13.13.1~dfsg.orig.tar.xz 52aa52de5ab1beb6f904cb19aea5c419 127348 comm optional asterisk_13.13.1~dfsg-1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQJFBAEBCAAvFiEE1uAexRal3873GVbTd1B55bhQvJMFAlhZrk0RHGJlcm5pQGRl Ymlhbi5vcmcACgkQd1B55bhQvJNEzRAAozxf6xQiNBleQqEaNvTNbMWblpQXImja vLEla3HMHelYWaE/UB7N/FXHanp8+lbsI/FMy+q2+fPdvBHEybeRgYmkZ4VDfw+v wMyfBykLhk+bJCBAS4BMYNLBCdyBkJDjJtxjoeeGm1EzATJJdAljYLeZafqJHOLP qhXDWJxyCVW67PNCmfyO2PjXhv6sEAgRYpXbKVvFnz9rj4zHL4SCLyvlk/E7iVAf 2gD4CHyKRE0yEXcdn9Ha/lsdCEMaOtqz0TL0SCdeFPf4KRqMkmdQgTaBtdMvrVX1 GlvaLOJGrcQtD7rfZeEMrA5km8egMNb43Tp9rksy5vxdnow0f10hl7s2IgqXdnN7 sK/WO88VU9t4kRwVUycJwf2jJGO5SVSbv5MP4vWX61sSBacLQvUYbkEoOBvaPj5w KDxjoD+4udlSZSRg1dnNF2+IMDu9xgmvRC3Qjd0f3JSNDLsjuSVWyaxjekyfJ2sm pWlfNKtobXrsvEnGrG8x/Pv4EwVlgwo/j3VfurLt5EPKqSqPbirzpmKDJla68245 hZrTO2cHIjmJffiYRA6tS/bttDA7erDnvHyrLwYYTgvfSUCDeDhPjfYJ9Z0N7yM+ +oZod7dM89jl1rqVopgOt6UNYuKul6Mz1zSUsW2G9xBVwmwnffDQbwPhxMleqLCR kV+Gr7bNaQE= =tJzI -----END PGP SIGNATURE-----
--- End Message ---
