Bug#721220: asterisk: CVE-2013-5641 CVE-2013-5642
Tzafrir Cohen
tzafrir.cohen at xorcom.com
Thu Aug 29 16:30:06 UTC 2013
On Thu, Aug 29, 2013 at 10:20:53AM +0200, Moritz Muehlenhoff wrote:
> Package: asterisk
> Severity: grave
> Tags: security
> Justification: user security hole
>
> Please see http://downloads.asterisk.org/pub/security/AST-2013-004.html and
> http://downloads.asterisk.org/pub/security/AST-2013-005.html
>
> These affect oldstable and stable. Can you please prepare updates for
> stable-security?
I've uploaded the fixes to the new git repo, branches wheezy and
squeeze. See http://anonscm.debian.org/gitweb/?p=pkg-voip/asterisk.git
which right now gives me "503 - The load average on the server is too
high".
Attached debdiffs of both versions. Upload?
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.cohen at xorcom.com
+972-50-7952406 mailto:tzafrir.cohen at xorcom.com
http://www.xorcom.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: asterisk_1.8.13.1~dfsg-3wheezy1.debdiff.diff
Type: text/x-diff
Size: 8759 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-voip-maintainers/attachments/20130829/9f134af4/attachment-0002.diff>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: asterisk_1.6.2.9-2+squeeze11.debdiff.diff
Type: text/x-diff
Size: 21179 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-voip-maintainers/attachments/20130829/9f134af4/attachment-0003.diff>
More information about the Pkg-voip-maintainers
mailing list