About the security issues affecting asterisk in Wheezy

Ola Lundqvist ola at inguza.com
Mon Nov 13 19:40:35 UTC 2017


Hi

Salvatore has updated this for you. No need to make an action on your part.

// Ola

On 12 November 2017 at 10:14, Tzafrir Cohen <tzafrir at cohens.org.il> wrote:
> Thanks for the note,
>
> On Sat, Nov 11, 2017 at 07:17:04PM +0100, Ola Lundqvist wrote:
>> Dear maintainers,
>>
>> The Debian LTS team recently reviewed the security issue(s) affecting your
>> package in Wheezy:
>> https://security-tracker.debian.org/tracker/CVE-2017-16672
>
> The issue is about handling of a SIP INVITE message in Asterisk code
> that is related to the external pjsip library.
>
> Pjsip was not linked at all with Asterisk in 1.8 (Wheezy) and was not
> used for SIP in Asterisk 11 (Jessie).
>
> How should I mark it so? Mark versions 1:11.13.1~dfsg-2+deb8u2 and
> 1:1.8.13.1~dfsg1-3+deb7u3 as fixed?
>
> --
> Tzafrir Cohen         | tzafrir at jabber.org | VIM is
> http://tzafrir.org.il |                    | a Mutt's
> tzafrir at cohens.org.il |                    |  best
> tzafrir at debian.org    |                    | friend



-- 
 --- Inguza Technology AB --- MSc in Information Technology ----
/  ola at inguza.com                    Folkebogatan 26            \
|  opal at debian.org                   654 68 KARLSTAD            |
|  http://inguza.com/                Mobile: +46 (0)70-332 1551 |
\  gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9  /
 ---------------------------------------------------------------



More information about the Pkg-voip-maintainers mailing list