Bug#876328 Proposed diffs for asterisk CVE-2017-14603

Bernhard Schmidt berni at debian.org
Sat Sep 23 20:27:36 UTC 2017


Hi,

please find attached the proposed debdiffs for CVE-2017-14603 for both
Jessie and Stretch.

Unfortunately I'm going on vacation tomorrow and I did not have much
time to test the resulting packages yet. They have been loaded onto my
employers PBX and I hope it won't explode.

For jessie two small context fixups in the patch provided upstream were
necessary, but they were quite straight forward. This is a seperate
commit in git

https://anonscm.debian.org/cgit/pkg-voip/asterisk.git/commit/?h=jessie&id=a0ab9219574dffe30961656127efdaf60ed23e69

For stretch I'd like to include a small non-security fix for one-way
audio with chan_sip. This has been acked by the SRM in Bug#875604

Both versions are ready to be uploaded in the git repository. I can
either take care of this next weekend or someone else does the upload.

Best Regards,
Bernhard
-------------- next part --------------
A non-text attachment was scrubbed...
Name: asterisk-11.diff
Type: text/x-diff
Size: 31265 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-voip-maintainers/attachments/20170923/8bd78a56/attachment-0002.diff>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: asterisk-13.diff
Type: text/x-diff
Size: 32879 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-voip-maintainers/attachments/20170923/8bd78a56/attachment-0003.diff>


More information about the Pkg-voip-maintainers mailing list