-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 23 Apr 2011 17:35:01 +0300 Source: asterisk Binary: asterisk asterisk-h323 asterisk-doc asterisk-dev asterisk-dbg asterisk-sounds-main asterisk-config Architecture: i386 Version: 1:1.6.2.9-2+squeeze2 Distribution: squeeze-security Urgency: high Maintainer: i386 Build Daemon (murphy) Changed-By: Tzafrir Cohen Description: asterisk - Open Source Private Branch Exchange (PBX) asterisk-config - Configuration files for Asterisk asterisk-dbg - Debugging symbols for Asterisk asterisk-dev - Development files for Asterisk asterisk-doc - Source code documentation for Asterisk asterisk-h323 - H.323 protocol support for Asterisk asterisk-sounds-main - Core Sound files for Asterisk (English) Closes: 614580 618790 618791 623775 Changes: asterisk (1:1.6.2.9-2+squeeze2) stable-security; urgency=high . * Patch AST-2011-002 (CVE-2011-1147): Multiple crash vulnerabilities in UDPTL code (Closes: #614580). * Patch AST-2011-005 (CVE-2011-1507): Resource exhaustion in Asterisk Manager Interface. * Patch AST-2011-005-p2: Resource exhaustion in chan_skinny and AJAM - second part of the above (Closes: #618790). * Patch AST-2011-006: Check for "system" privilege in the manager interface (Closes: #623775). * Patches AST-2011-003, manager_manager_bugfix_reload - its pre-requirements. * Patch AST-2011-004: Remote crash vulnerability in TCP/TLS server (Closes: #618791). Checksums-Sha1: a3fdcd9aa553ad49fb9b1a894bdf83e3cf62a392 3349678 asterisk_1.6.2.9-2+squeeze2_i386.deb dab5b4fc34426f651eedcf7224b58053503fb5b4 527814 asterisk-h323_1.6.2.9-2+squeeze2_i386.deb 3da257ccee25814f7a74bd2abf330de96bdeb58a 20308730 asterisk-dbg_1.6.2.9-2+squeeze2_i386.deb Checksums-Sha256: e84d8c4c3827c0db837c33325385639c143eee3f29ddf809a67ce75ac4622ac3 3349678 asterisk_1.6.2.9-2+squeeze2_i386.deb eb6d9c94a5d8896ce9b3b9229b627887790bad22039982abfc46aeb9abdc4802 527814 asterisk-h323_1.6.2.9-2+squeeze2_i386.deb 376d5304ba9ce7d18b44825893d879507eeb65be99da823acde912e930412cd2 20308730 asterisk-dbg_1.6.2.9-2+squeeze2_i386.deb Files: 0fb6954e8cc6fc305c9275c33e690187 3349678 comm optional asterisk_1.6.2.9-2+squeeze2_i386.deb 1ea983e682e3eae395bfceea284ac09d 527814 comm optional asterisk-h323_1.6.2.9-2+squeeze2_i386.deb 0493f6c46703322e2889c2b80831b926 20308730 debug extra asterisk-dbg_1.6.2.9-2+squeeze2_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBCAAGBQJNsxmVAAoJEFc2rhMcPx5efDcP/1hjVdrGeyGcCY7IiBogY2+e YwXhV0Odr/03lojjIW23UlSA7nCfScB/tKWJIYL1xr0TxNlr4SkZLahsYcY6jcMg U+xkQdUdXX3wPNCrPV+Rn8RT1sXxsCSuhR1RiQu616tLvM0G7OvaTr4ScTyHllwi jAOSg+mFCtTU+pGdlfLgqODOOeQ7kKes8wiiGhzM1P5lKuZ0sQFHDsbeG3TJl+Ah 0pOVFDmaqzfMSxG5wtW1GGUKwRCO31pz743RVmiCUdPYhNExThpgu6zchtBf9QTz nWfg30Rb06Xbth6L+2s9ps8zJve1UvznEshzTEpZY5DwZEIMvuJ/Uk9ntt7mRpUP cjNUMidkQecuGvZHDXA5/c3qePbv5Svw8Y1LAmpAIbbDG9VVX2J/GGX6Vq5W1uo3 nTZJXznImtVH0ZAK/1efCJhHCx2WOvM3YI1wGgCHz3w7o+9rv8MT1aE630AOt0W/ lgHBkAEZcCLQf3P6wSgdVcGbhIWIyFSCvskGPJyRH3F9ArEjabfxkb40qOE/9blM soLLY8Uy3VFMm4QxymxmoQNcWunKCzJV0OW2O7EP7ojyYQJVJ0SZeVceO6CLsOV1 C+N8BLNP4O5EbbErcaBnmpA7LnEQbu+rikpXP6lLHP5I/HCy8pXO9+pFsHvle19u UxAdt/eUlThVNiq26L8W =qaf7 -----END PGP SIGNATURE-----