Dear Adam, > On Fri, 2020-08-28 at 16:56 +0200, Bernhard Schmidt wrote: >> I would like to make a stable-update for asterisk. >> >> It fixes three minor CVEs (marked no-dsa) >> >> #940060 CVE-2019-15297: AST-2019-004: Crash when negotiating >> for T.38 with a declined stream >> #947377 CVE-2019-18610: AST-2019-007: AMI user could execute system >> commands >> #947381 CVE-2019-18790: AST-2019-006: SIP request can change >> address of a SIP peer >> >> It fixes one segmentation fault due to a wrong datatype when IPv6 is >> in use > [...] >> and one use-after-free that causes a misleading error message to >> appear > > Please go ahead.
Thanks, upload has been ACCEPTED and built on all architectures. Bernhard