AW: [SECURITY] [DSA 2550-2] asterisk regression update
-Ursprüngliche Nachricht- Von: Moritz Muehlenhoff [mailto:j...@debian.org] Gesendet: Mittwoch, 26. September 2012 18:05 An: debian-security-annou...@lists.debian.org Betreff: [SECURITY] [DSA 2550-2] asterisk regression update -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-2550-2 secur...@debian.org http://www.debian.org/security/Moritz Muehlenhoff September 26, 2012 http://www.debian.org/security/faq - - Package: asterisk Vulnerability : several Problem type : remote Debian-specific: no CVE ID : CVE-2012-2186 CVE-2012-3812 CVE-2012-3863 CVE-2012-4737 A regression in the SIP handling code was found in DSA-2550-1. For the stable distribution (squeeze), this problem has been fixed in version 1:1.6.2.9-2+squeeze8. We recommend that you upgrade your asterisk packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: debian-security-annou...@lists.debian.org -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlBjJnEACgkQXm3vHE4uylqJsACgoeA/kky6st0av/TqkZFL2ZZh 90YAnAmz1yk9Q8gtRi6vipubwJiY2a/V =+kqj -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-security-announce-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120926160500.GA5492@pisco.westfalen.local -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/014901cd9c02$1e350030$5a9f0090$@newego.de
AW: [SECURITY] [DSA 2550-2] asterisk regression update
-Ursprüngliche Nachricht- Von: Moritz Muehlenhoff [mailto:j...@debian.org] Gesendet: Mittwoch, 26. September 2012 18:05 An: debian-security-annou...@lists.debian.org Betreff: [SECURITY] [DSA 2550-2] asterisk regression update -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-2550-2 secur...@debian.org http://www.debian.org/security/Moritz Muehlenhoff September 26, 2012 http://www.debian.org/security/faq - - Package: asterisk Vulnerability : several Problem type : remote Debian-specific: no CVE ID : CVE-2012-2186 CVE-2012-3812 CVE-2012-3863 CVE-2012-4737 A regression in the SIP handling code was found in DSA-2550-1. For the stable distribution (squeeze), this problem has been fixed in version 1:1.6.2.9-2+squeeze8. We recommend that you upgrade your asterisk packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: debian-security-annou...@lists.debian.org -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlBjJnEACgkQXm3vHE4uylqJsACgoeA/kky6st0av/TqkZFL2ZZh 90YAnAmz1yk9Q8gtRi6vipubwJiY2a/V =+kqj -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-security-announce-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120926160500.GA5492@pisco.westfalen.local -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/014a01cd9c02$28317550$78945ff0$@newego.de
Re: Bug#688639: [SECURITY] [DSA 2550-1] asterisk security update
On Wed, Sep 26, 2012 at 01:20:33PM +0200, Daniel Reichelt wrote: > Hi Moritz > > > > Please test/report, whether the packages located at > > > http://people.debian.org/~jmm/ fix the problem for you. > Could you please publish the source package as well? Note that it was built from the "squeeze" branch of the Subversion repository listed in the package: http://anonscm.debian.org/viewvc/pkg-voip/asterisk/branches/squeeze/ -- Tzafrir Cohen icq#16849755 jabber:tzafrir.co...@xorcom.com +972-50-7952406 mailto:tzafrir.co...@xorcom.com http://www.xorcom.com iax:gu...@local.xorcom.com/tzafrir -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120926115630.gf18...@xorcom.com
Re: [SECURITY] [DSA 2550-1] asterisk security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Moritz > > Please test/report, whether the packages located at > > http://people.debian.org/~jmm/ fix the problem for you. Could you please publish the source package as well? And is this going to go into squeeze-updates eventually? Cheers Daniel (@moritz: sry for double-posting...) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJQYuUBAAoJEIWTgWPaKFdzzTgP+QFfFGoV832ZwcAmhxJvwGko UTh+q4m+HLnpZSmRMJMQsXD1yaL7aPxdX/ro0ZWlE7b4cKYnQJ50MVGvxyWI9OIG ENh1nemiVGvyCsbEKVQ6ockIbRllYT3IWjmaAmKu+/CmmbUjUFafEd/wgRvK5mDG 1C363bXDZla+8NblI/LJnvlvXoP6zt9sgmywdYlg4lZy/x7vo69sUbXXhvcA6f3h kKAqGlQwNdZN4Wc8PhmtQQyFDhK1MM3v+L7jEwgWpTdCMmByPGPiWDn21fQte6Dz joEeUbfRekHTKYKynEN41clfL7SIAyVOhTjt9HfRBss+TjquQ1yQdwt4MXTD8iKE 08XAmIge7mbOW7Edypc/dlHPLn3lxfI/M3kpOKfGL+16SpLRHCFoYzbBAzxF2ASi cWoayD74V/0mE0qWt58/m14ahAFQs6g5ypYKIm+AT2IxNGL9f8Z8XswE+Qm0MQTz qIrWXfe0UZ3lA5gh2ocNh9tVRbY78VtCBKgJKt3DtatBZUAJfyhGDMb0vowL6fp0 YKZnTeozW/fEc6IVuR38Xi19350JFdAlLUUYgeNdM7LFICJvbMFzBTFKXHtQgTgX 5ZsE/Z/WA8A8dUNo0OZ6ZikU+m8zrxYFgXwaYhPVrMcwRbhCDu30H2KSMGVOqoer FeQ0HGCxuE9rjgMO27nR =5J/q -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/5062e501.7040...@nachtgeist.net