asterisk 1:13.1.0~dfsg-1 source package in Debian

Changelog

asterisk (1:13.1.0~dfsg-1) unstable; urgency=high


  [ Tzafrir Cohen ]
  * New upstream release, fixes various security holes (Closes: #771463):
    - AST-2014-012 (CVE-2014-8412): Mixed IP address families in ACLs
      may permit unwanted traffic
    - AST-2014-013 (CVE-2014-8413): PJSIP ACLs not loaded at startup
    - AST-2014-014 (CVE-2014-8414): High call load may result in hung
      channels in ConfBridge
    - AST-2014-015 (CVE-2014-8415): Remote Crash Vulnerability in PJSIP
      channel driver
    - AST-2014-016 (CVE-2014-8416): Remote Crash Vulnerability in PJSIP
      channel driver
    - AST-2014-017 (CVE-2014-8417): Mark CONFBRIDGE as a sensitive
      function for external APIs
    - AST-2014-018 (CVE-2014-8418): Mark DB as a sensitive function for
      external APIs
    - AST-2014-019.patch (CVE-2014-9374): Remote Crash Vulnerability in
    WebSocket Server (Closes: #773230). 
  * The key file better be ascii-armoured, indeed
  * init script: kill with PID (Closes: #742783)
  * Describe patch astdatadir

  [ Stappers Geert ]
  * new file: debian/README.source (Closes: #772469).
  * asterisk-config-custom (Closes: #760032)

 -- Tzafrir Cohen <email address hidden>  Wed, 31 Dec 2014 14:58:53 +0200

Upload details

Uploaded by:
Debian VoIP Team
Uploaded to:
Sid
Original maintainer:
Debian VoIP Team
Architectures:
any all
Section:
comm
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Downloads

File Size SHA-256 Checksum
asterisk_13.1.0~dfsg-1.dsc 3.8 KiB 556ae663b73aad52d0566f1865d4698be57df016f248091941092d6c7cebebc7
asterisk_13.1.0~dfsg.orig.tar.gz 7.6 MiB b6369313d180e4e358bede94f34fbb2dbe164d4e263fb76d920d636a4f6d5048
asterisk_13.1.0~dfsg-1.debian.tar.xz 98.5 KiB f3d431261109e4df82764dca61164dde20a0c6bba2d2eccc65ea4912b37b7f39

No changes file available.

Binary packages built by this source