-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Thu, 10 Feb 2011 17:06:37 +0200 Source: asterisk Binary: asterisk asterisk-h323 asterisk-doc asterisk-dev asterisk-dbg asterisk-sounds-main asterisk-config Architecture: source all i386 Version: 1:1.4.21.2~dfsg-3+lenny2 Distribution: oldstable-security Urgency: high Maintainer: Debian VoIP Team Changed-By: Faidon Liambotis Description: asterisk - Open Source Private Branch Exchange (PBX) asterisk-config - Configuration files for Asterisk asterisk-dbg - Debugging symbols for Asterisk asterisk-dev - Development files for Asterisk asterisk-doc - Source code documentation for Asterisk asterisk-h323 - H.323 protocol support for Asterisk asterisk-sounds-main - Core Sound files for Asterisk (English) Closes: 610487 Changes: asterisk (1:1.4.21.2~dfsg-3+lenny2) oldstable-security; urgency=high . [ Tzafrir Cohen ] * AST-2011-001/CVE-2011-0495: Stack buffer overflow in SIP channel driver (Closes: #610487) * Backport a one-liner patch from upstream (ast_uri_validhex) to successfully apply the AST-2011-001 patch. Checksums-Sha1: 80bc90910165cdb7bf8fcd010b636cb43d32a0dd 1985 asterisk_1.4.21.2~dfsg-3+lenny2.dsc 2de385e43bbaafb66d2501659b916eaadced698c 150696 asterisk_1.4.21.2~dfsg-3+lenny2.diff.gz 9984b239f04b65b9121f32ef485094aaa2b164d2 32509280 asterisk-doc_1.4.21.2~dfsg-3+lenny2_all.deb b3a6e144ece0ae9c06d3ae4d52a6be612c2a607b 427756 asterisk-dev_1.4.21.2~dfsg-3+lenny2_all.deb a4698c4d9d98e0a242af6d05b311704955b78157 1897828 asterisk-sounds-main_1.4.21.2~dfsg-3+lenny2_all.deb 5bc03cc8fae124dcd6772f1c8205caa6ff0b01f2 478950 asterisk-config_1.4.21.2~dfsg-3+lenny2_all.deb 7b0a83575d9d88ab3fda5b07332149e7d6dbb319 2407086 asterisk_1.4.21.2~dfsg-3+lenny2_i386.deb 56483acf91f975a8c4295194030bdc222bb0952d 388546 asterisk-h323_1.4.21.2~dfsg-3+lenny2_i386.deb 5d439d17f781033464d75321af8ad100f7e7e91a 12998636 asterisk-dbg_1.4.21.2~dfsg-3+lenny2_i386.deb Checksums-Sha256: abf0fd16e3cb345cd7ced175a73c0a15568679512ad01db8ca4cc881377e2a3f 1985 asterisk_1.4.21.2~dfsg-3+lenny2.dsc 255718da602b5e19e70c8fde35f6b5747bacbc5b7972820e3d67c1339cb8178a 150696 asterisk_1.4.21.2~dfsg-3+lenny2.diff.gz 614cec5f8c11e6bab87a885110c1300876192932aa7c62e66cebaf285b96abd0 32509280 asterisk-doc_1.4.21.2~dfsg-3+lenny2_all.deb 8ddc340d282213da4dd16ffba910e968c5fa3cade50a451e9ee16ae94ea991e8 427756 asterisk-dev_1.4.21.2~dfsg-3+lenny2_all.deb 584fe5150859c21aaf6a0a817f46c46108262971d55b77d0e6f5ea40b96a4427 1897828 asterisk-sounds-main_1.4.21.2~dfsg-3+lenny2_all.deb 1537e5e27cfa66f1557718e247933ac6763c410c8acb858a4e2ffbc16deff9cf 478950 asterisk-config_1.4.21.2~dfsg-3+lenny2_all.deb 75d586df6a6cc639326e527df71f5f6d88d9eefd284204b1fd2aaa8f5f7f18c2 2407086 asterisk_1.4.21.2~dfsg-3+lenny2_i386.deb 348a8faaad09b07d64131f2a41235b8273c6c2f367ad97ec0f4f3997694f61d6 388546 asterisk-h323_1.4.21.2~dfsg-3+lenny2_i386.deb 43e5e38d9adf0f6221ffd3f56832e6a703305b2dd2a55d5ca030574088c0f513 12998636 asterisk-dbg_1.4.21.2~dfsg-3+lenny2_i386.deb Files: 625115fe277a3e3050e0143b58e9b658 1985 comm optional asterisk_1.4.21.2~dfsg-3+lenny2.dsc 54a737752f1f8a851cad0ac2b2f69d0c 150696 comm optional asterisk_1.4.21.2~dfsg-3+lenny2.diff.gz 961b1b453cbab56f5ec5f03ed7e59f7c 32509280 doc extra asterisk-doc_1.4.21.2~dfsg-3+lenny2_all.deb e32177c1085dc857e2a6e05bf94c648c 427756 devel extra asterisk-dev_1.4.21.2~dfsg-3+lenny2_all.deb 941f86ed5d89d517ec16e83f881d75d8 1897828 comm optional asterisk-sounds-main_1.4.21.2~dfsg-3+lenny2_all.deb 701580936396f55e187d8bdb4d9c501e 478950 comm optional asterisk-config_1.4.21.2~dfsg-3+lenny2_all.deb 3625bf89e540f3135b842517af221046 2407086 comm optional asterisk_1.4.21.2~dfsg-3+lenny2_i386.deb d72f12780b219c602be0ae6e2ccbec8f 388546 comm optional asterisk-h323_1.4.21.2~dfsg-3+lenny2_i386.deb f1e2e67224ce07cf6e2c005c5f06f20a 12998636 devel extra asterisk-dbg_1.4.21.2~dfsg-3+lenny2_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAk1UZOAACgkQVty5d8XpUzPc1gCfdORTrx0jQ+/laAX8pxH7C7QL rW0AoIB7jqlw/z/5km9UG83PBnIWEyjz =XbAF -----END PGP SIGNATURE-----