** Description changed: (Tracking some collaborative work with persia) A review of RC bugs from Debian shows 4 CVEs fixed in the latest Debian release. This includes 2 CVEs fixed in an upstream (bug-fix level) - release, and 2 fixed in Debian. Currently verifying that a merge is - clean and minimal, for a possible FFe. + release, and 2 fixed in Debian. Update: this Debian release has now been + merged to quantal, see LP: #1022360 Applying these fixes to Precise SRU would require cherrypicking. - Unknown if these CVEs affect earlier Ubuntu releases also. + All CVEs affect only 1.8.x series of asterisk, so no work is needed for + releases earlier than precise.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1048093 Title: Outstanding security fixes in asterisk To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/asterisk/+bug/1048093/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs