Your message dated Sun, 18 Dec 2011 21:17:44 +0000
with message-id <[email protected]>
and subject line Bug#651552: fixed in asterisk 1:1.8.8.0~dfsg-1
has caused the Debian Bug report #651552,
regarding CVE-2011-4598: DoS
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
651552: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=651552
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: asterisk
Severity: grave
Tags: security
Please see http://downloads.asterisk.org/pub/security/AST-2011-014.html
This has been assigned CVE-2011-4598.
There's also http://downloads.asterisk.org/pub/security/AST-2011-013.html,
(CVE-2011-4597), which seems rather esoteric and can likely be ignored
for stable.
Cheers,
Moritz
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.0.0-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
--- End Message ---
--- Begin Message ---
Source: asterisk
Source-Version: 1:1.8.8.0~dfsg-1
We believe that the bug you reported is fixed in the latest version of
asterisk, which is due to be installed in the Debian FTP archive:
asterisk-config_1.8.8.0~dfsg-1_all.deb
to main/a/asterisk/asterisk-config_1.8.8.0~dfsg-1_all.deb
asterisk-dahdi_1.8.8.0~dfsg-1_amd64.deb
to main/a/asterisk/asterisk-dahdi_1.8.8.0~dfsg-1_amd64.deb
asterisk-dbg_1.8.8.0~dfsg-1_amd64.deb
to main/a/asterisk/asterisk-dbg_1.8.8.0~dfsg-1_amd64.deb
asterisk-dev_1.8.8.0~dfsg-1_all.deb
to main/a/asterisk/asterisk-dev_1.8.8.0~dfsg-1_all.deb
asterisk-doc_1.8.8.0~dfsg-1_all.deb
to main/a/asterisk/asterisk-doc_1.8.8.0~dfsg-1_all.deb
asterisk-mobile_1.8.8.0~dfsg-1_amd64.deb
to main/a/asterisk/asterisk-mobile_1.8.8.0~dfsg-1_amd64.deb
asterisk-modules_1.8.8.0~dfsg-1_amd64.deb
to main/a/asterisk/asterisk-modules_1.8.8.0~dfsg-1_amd64.deb
asterisk-mp3_1.8.8.0~dfsg-1_amd64.deb
to main/a/asterisk/asterisk-mp3_1.8.8.0~dfsg-1_amd64.deb
asterisk-mysql_1.8.8.0~dfsg-1_amd64.deb
to main/a/asterisk/asterisk-mysql_1.8.8.0~dfsg-1_amd64.deb
asterisk-ooh323_1.8.8.0~dfsg-1_amd64.deb
to main/a/asterisk/asterisk-ooh323_1.8.8.0~dfsg-1_amd64.deb
asterisk-voicemail-imapstorage_1.8.8.0~dfsg-1_amd64.deb
to main/a/asterisk/asterisk-voicemail-imapstorage_1.8.8.0~dfsg-1_amd64.deb
asterisk-voicemail-odbcstorage_1.8.8.0~dfsg-1_amd64.deb
to main/a/asterisk/asterisk-voicemail-odbcstorage_1.8.8.0~dfsg-1_amd64.deb
asterisk-voicemail_1.8.8.0~dfsg-1_amd64.deb
to main/a/asterisk/asterisk-voicemail_1.8.8.0~dfsg-1_amd64.deb
asterisk_1.8.8.0~dfsg-1.debian.tar.gz
to main/a/asterisk/asterisk_1.8.8.0~dfsg-1.debian.tar.gz
asterisk_1.8.8.0~dfsg-1.dsc
to main/a/asterisk/asterisk_1.8.8.0~dfsg-1.dsc
asterisk_1.8.8.0~dfsg-1_amd64.deb
to main/a/asterisk/asterisk_1.8.8.0~dfsg-1_amd64.deb
asterisk_1.8.8.0~dfsg.orig.tar.gz
to main/a/asterisk/asterisk_1.8.8.0~dfsg.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Tzafrir Cohen <[email protected]> (supplier of updated asterisk package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sun, 18 Dec 2011 00:50:02 +0200
Source: asterisk
Binary: asterisk asterisk-modules asterisk-dahdi asterisk-voicemail
asterisk-voicemail-imapstorage asterisk-voicemail-odbcstorage asterisk-ooh323
asterisk-mp3 asterisk-mysql asterisk-mobile asterisk-doc asterisk-dev
asterisk-dbg asterisk-config
Architecture: source all amd64
Version: 1:1.8.8.0~dfsg-1
Distribution: unstable
Urgency: high
Maintainer: Debian VoIP Team <[email protected]>
Changed-By: Tzafrir Cohen <[email protected]>
Description:
asterisk - Open Source Private Branch Exchange (PBX)
asterisk-config - Configuration files for Asterisk
asterisk-dahdi - DAHDI devices support for the Asterisk PBX
asterisk-dbg - Debugging symbols for Asterisk
asterisk-dev - Development files for Asterisk
asterisk-doc - Source code documentation for Asterisk
asterisk-mobile - Bluetooth phone support for the Asterisk PBX
asterisk-modules - loadable modules for the Asterisk PBX
asterisk-mp3 - MP3 playback support for the Asterisk PBX
asterisk-mysql - MySQL database protocol support for the Asterisk PBX
asterisk-ooh323 - H.323 protocol support for the Asterisk PBX - ooH323c
asterisk-voicemail - simple voicemail support for the Asterisk PBX
asterisk-voicemail-imapstorage - IMAP voicemail storage support for the
Asterisk PBX
asterisk-voicemail-odbcstorage - ODBC voicemail storage support for the
Asterisk PBX
Closes: 651552
Changes:
asterisk (1:1.8.8.0~dfsg-1) unstable; urgency=high
.
[ Faidon Liambotis ]
* Fix Breaks/Conflicts to contain the epoch.
* Urgency high since this resulted in file conflicts when upgrading from
stable.
* Patch reenable-pri-optional: Backport a patch from upstream to fix
several PRI features being compiled-out and hence disabled.
* Bump libpri-dev dependency to 1.4.12; it is not strictly needed but extra
functionality is enabled at build-time.
.
[ Tzafrir Cohen ]
* New upstream release. Closes: #651552.
- Patch reenable-pri-optional dropped: included upstream.
* Officially remove asterisk-h323:
- Break older versions, as it did not have a versioned Depends before.
- Remove the package.
* Update watch file to only check for 1.8.x tarballs.
Checksums-Sha1:
7530e589a6abe16c8416adbec2c00e843753821d 2990 asterisk_1.8.8.0~dfsg-1.dsc
f9924b49a80106359673311f1cc9239d61ee2d56 7570306
asterisk_1.8.8.0~dfsg.orig.tar.gz
ef597cc35ff9e4584b7964725465d577ea359c4c 348078
asterisk_1.8.8.0~dfsg-1.debian.tar.gz
260528634f152bd8bfdce7cf7575a3fc4883f779 1911838
asterisk-doc_1.8.8.0~dfsg-1_all.deb
14a361ff5380226165e682399f223bd81a6e3114 875334
asterisk-dev_1.8.8.0~dfsg-1_all.deb
7d4d2866412602489ebb8474822cb2b4ca305ec6 926664
asterisk-config_1.8.8.0~dfsg-1_all.deb
ed521480010cd191227f13ec412a6a6219626d78 1660036
asterisk_1.8.8.0~dfsg-1_amd64.deb
e3af680d4c50f59f83009ae9a92e6d5a439bf3b7 2708132
asterisk-modules_1.8.8.0~dfsg-1_amd64.deb
e7c8c2b9bcb4ba1099b60b064b1deef42ff54f40 837726
asterisk-dahdi_1.8.8.0~dfsg-1_amd64.deb
75995ba741c1244acd4037fb7dece7fe193f099f 613882
asterisk-voicemail_1.8.8.0~dfsg-1_amd64.deb
1ab6d03fa549987c8dba9b7772134b3b7afb2787 628874
asterisk-voicemail-imapstorage_1.8.8.0~dfsg-1_amd64.deb
3fb9bb310b3a79076eb5b49eb1473e68c4f56689 620016
asterisk-voicemail-odbcstorage_1.8.8.0~dfsg-1_amd64.deb
2589f4d0cc7ee684e8e8c68ea72485f838924333 952234
asterisk-ooh323_1.8.8.0~dfsg-1_amd64.deb
2429e1ecb81c5096ad839e14f68e74cf2ea735b8 554812
asterisk-mp3_1.8.8.0~dfsg-1_amd64.deb
de5b88d8ea3e5bad84315b5b5789acb8b3ce7ca3 578360
asterisk-mysql_1.8.8.0~dfsg-1_amd64.deb
77539a82fba8f7c437324dda567907c72b302bb8 568064
asterisk-mobile_1.8.8.0~dfsg-1_amd64.deb
81b0f12ec0fcf0f0b32340da897d71c19191edff 28869826
asterisk-dbg_1.8.8.0~dfsg-1_amd64.deb
Checksums-Sha256:
c09c7608c4df52ee793b41b363b536b50d29e8117908250fb2bd293433e2a483 2990
asterisk_1.8.8.0~dfsg-1.dsc
570967003effe25c7362ad4d5558ac951f54993e19ca97347507eaf777e1139d 7570306
asterisk_1.8.8.0~dfsg.orig.tar.gz
9f73c4627a4257980c7cdb0231d743319bead6fb9cc6f82a922d7759c6c0e136 348078
asterisk_1.8.8.0~dfsg-1.debian.tar.gz
02209c9a0063781ce6073bda9bb9746c9a493e561421d7b26524a7098bcdfc3a 1911838
asterisk-doc_1.8.8.0~dfsg-1_all.deb
38499dac91bd24e990f9a8f154f92c1878da4312fc328ef6b90a711ab8aaeb38 875334
asterisk-dev_1.8.8.0~dfsg-1_all.deb
b2311b95f419baf9ecbe28851f1ba0f99d7c5ba8b3a20896016cfc04dad208c0 926664
asterisk-config_1.8.8.0~dfsg-1_all.deb
b23d0acf290ed281cf14132beaafd51976864ce93d2774b738cb1584ab567d36 1660036
asterisk_1.8.8.0~dfsg-1_amd64.deb
41bf3ec367636241b7a2cdd1a34c4379f90728b6110f0aa813afc73d4efa9246 2708132
asterisk-modules_1.8.8.0~dfsg-1_amd64.deb
4459e2224e192292d4f3a6b43929a68a5f44b335b102e9c5c2437bbc749f6a71 837726
asterisk-dahdi_1.8.8.0~dfsg-1_amd64.deb
9de7f5f8c19459bf045efbea79ee3112a7da10d6aa79f8f4f4593aca1e03c74e 613882
asterisk-voicemail_1.8.8.0~dfsg-1_amd64.deb
4b0efaf1efe6f0364fa5dbf05059d2704f473715aef5a83bef740a7824d3a251 628874
asterisk-voicemail-imapstorage_1.8.8.0~dfsg-1_amd64.deb
b295cee55ceeea9e592392b3dba443066e1b27c466c4688cad0057722bfbe7e8 620016
asterisk-voicemail-odbcstorage_1.8.8.0~dfsg-1_amd64.deb
f5a6a1e5fb17169531af0793e85ad77bfe44e507f9558b5627219bd93a3050c1 952234
asterisk-ooh323_1.8.8.0~dfsg-1_amd64.deb
b0ccdcfaef0f39b72570088a88fc752749c4e708f2953f66dbe52f3c6fd761e0 554812
asterisk-mp3_1.8.8.0~dfsg-1_amd64.deb
65f25434db4318d4e0ea6a9cf5aa58195e571b4de2906ac36e12541466dc2c2d 578360
asterisk-mysql_1.8.8.0~dfsg-1_amd64.deb
ee497ecba0be4a6851db3b3f6e3e32f446ff57717bae19bf447cec0696add645 568064
asterisk-mobile_1.8.8.0~dfsg-1_amd64.deb
0be77ab53e86e5e9c8f14c1c7bcd077c999ff17fbe65ed0814a8e3098e5f60cf 28869826
asterisk-dbg_1.8.8.0~dfsg-1_amd64.deb
Files:
e2c6f63f7ff6a015c7da5ce8255d8a0b 2990 comm optional asterisk_1.8.8.0~dfsg-1.dsc
95af701dba79cdda8fce2a3cf878525c 7570306 comm optional
asterisk_1.8.8.0~dfsg.orig.tar.gz
9c0587f89a6f0f2e217a9dc25f5b93db 348078 comm optional
asterisk_1.8.8.0~dfsg-1.debian.tar.gz
b0dd604caf4a305bd72b64e04f377302 1911838 doc extra
asterisk-doc_1.8.8.0~dfsg-1_all.deb
5fb18dc83965818cbbc8c50d61b28c0d 875334 devel extra
asterisk-dev_1.8.8.0~dfsg-1_all.deb
3af427a2200d1c8e0b4a30a424fb638d 926664 comm optional
asterisk-config_1.8.8.0~dfsg-1_all.deb
1f039a5f55521975ad2a93b5d02f7e4d 1660036 comm optional
asterisk_1.8.8.0~dfsg-1_amd64.deb
b78b1c5a19e445fbfe4f8d31e173146e 2708132 libs optional
asterisk-modules_1.8.8.0~dfsg-1_amd64.deb
fe38e8a00cdbfc7de5564d1e7b145269 837726 comm optional
asterisk-dahdi_1.8.8.0~dfsg-1_amd64.deb
cd6d273d49879a94d331581cfd5515c1 613882 comm optional
asterisk-voicemail_1.8.8.0~dfsg-1_amd64.deb
bc30f1378c7c7f10b3f9174475cec337 628874 comm optional
asterisk-voicemail-imapstorage_1.8.8.0~dfsg-1_amd64.deb
44598b85fe47282fd82d7bdc5bb721a1 620016 comm optional
asterisk-voicemail-odbcstorage_1.8.8.0~dfsg-1_amd64.deb
635a9132f7461157e5e50f82fe2c28dc 952234 comm optional
asterisk-ooh323_1.8.8.0~dfsg-1_amd64.deb
1163ce923ac39b7fdf2bf6b0f1a0c60a 554812 comm optional
asterisk-mp3_1.8.8.0~dfsg-1_amd64.deb
197666cff6b43f6d57a3968a1a7ebf60 578360 comm optional
asterisk-mysql_1.8.8.0~dfsg-1_amd64.deb
8049936f86a523fabfca95ad6f2f4800 568064 comm optional
asterisk-mobile_1.8.8.0~dfsg-1_amd64.deb
6322cfb753b98e501dcdb551fd6c5407 28869826 debug extra
asterisk-dbg_1.8.8.0~dfsg-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAk7uR7wACgkQxArWdkN9MouRfACcDebUOFOKrWZqTt931n5XNBQb
BRwAoKlV0I+ztyS7nCm+UQWcqERDgElu
=gq3c
-----END PGP SIGNATURE-----
--- End Message ---
