-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sat, 23 Apr 2011 17:35:01 +0300 Source: asterisk Binary: asterisk asterisk-h323 asterisk-doc asterisk-dev asterisk-dbg asterisk-sounds-main asterisk-config Architecture: source all amd64 Version: 1:1.6.2.9-2+squeeze2 Distribution: stable-security Urgency: high Maintainer: Debian VoIP Team Changed-By: Tzafrir Cohen Description: asterisk - Open Source Private Branch Exchange (PBX) asterisk-config - Configuration files for Asterisk asterisk-dbg - Debugging symbols for Asterisk asterisk-dev - Development files for Asterisk asterisk-doc - Source code documentation for Asterisk asterisk-h323 - H.323 protocol support for Asterisk asterisk-sounds-main - Core Sound files for Asterisk (English) Closes: 614580 618790 618791 623775 Changes: asterisk (1:1.6.2.9-2+squeeze2) stable-security; urgency=high . * Patch AST-2011-002 (CVE-2011-1147): Multiple crash vulnerabilities in UDPTL code (Closes: #614580). * Patch AST-2011-005 (CVE-2011-1507): Resource exhaustion in Asterisk Manager Interface. * Patch AST-2011-005-p2: Resource exhaustion in chan_skinny and AJAM - second part of the above (Closes: #618790). * Patch AST-2011-006: Check for "system" privilege in the manager interface (Closes: #623775). * Patches AST-2011-003, manager_manager_bugfix_reload - its pre-requirements. * Patch AST-2011-004: Remote crash vulnerability in TCP/TLS server (Closes: #618791). Checksums-Sha1: 76fff6bf31fbfef6244d210b4f4d2e5ccec86393 2172 asterisk_1.6.2.9-2+squeeze2.dsc 0218e418266fbaa403aaf7abc09be5b3b1262ffd 84959 asterisk_1.6.2.9-2+squeeze2.debian.tar.gz 50e1ccdf02d5c5ace5faf79085b187b4c512a446 1703746 asterisk-doc_1.6.2.9-2+squeeze2_all.deb 0e7f2f020ecf990b56338fa0d56cad8d66900295 635482 asterisk-dev_1.6.2.9-2+squeeze2_all.deb 3ad2a07e1645c9cca0d4403e47ca224c0a0bfadd 2186840 asterisk-sounds-main_1.6.2.9-2+squeeze2_all.deb 3df19a7623188b6658d075fdf2442d53e2e68285 716440 asterisk-config_1.6.2.9-2+squeeze2_all.deb 876a08fc6fde714374ed4ee6a680fbb34cfb0c87 3599066 asterisk_1.6.2.9-2+squeeze2_amd64.deb baec5ac5b4c129012251d906dfeb3ca177b999fa 533072 asterisk-h323_1.6.2.9-2+squeeze2_amd64.deb 344add77edab899661b77c6e415af350f63d08ed 20322810 asterisk-dbg_1.6.2.9-2+squeeze2_amd64.deb Checksums-Sha256: 55e27b3ef2993a8b38ac44b4fde2e51b09d5cbff309a3420428877a05c37755e 2172 asterisk_1.6.2.9-2+squeeze2.dsc 06992a32c513aad2d42553c8a7fb912b001886013c958796000a9c2a83d1aedc 84959 asterisk_1.6.2.9-2+squeeze2.debian.tar.gz c7153f77d2ab488353823df1e5b06b82fc92a190e1f848c4d309a057d6ea800e 1703746 asterisk-doc_1.6.2.9-2+squeeze2_all.deb 49ca880e4dcb8c6c4108f063c5c3caea222fd91480661b19f5e9d28e93f230a6 635482 asterisk-dev_1.6.2.9-2+squeeze2_all.deb 784e56af9618f6c9d355e1995738591ed691d8a1d2595abc11033e2da7ab7dca 2186840 asterisk-sounds-main_1.6.2.9-2+squeeze2_all.deb c856a4f0b93a34ff586140c9a5a7bf6ab435d31011be9ab2c1ec6ad65cec9777 716440 asterisk-config_1.6.2.9-2+squeeze2_all.deb 613f7b2a0ebdaebb995ad9045b84a3cbd8e428930b5e4b207ec07fa432de6d13 3599066 asterisk_1.6.2.9-2+squeeze2_amd64.deb 9d0e0a15c47c8476a9cc81b88daa057b6b462e217a1765157581b35fba116255 533072 asterisk-h323_1.6.2.9-2+squeeze2_amd64.deb 65cebb0efbfb7abe536e42c3586b1bb1fe354f80785ad659ad6d84a81e3cb47c 20322810 asterisk-dbg_1.6.2.9-2+squeeze2_amd64.deb Files: 515a62f82baad1d0af6ae5dadae7294e 2172 comm optional asterisk_1.6.2.9-2+squeeze2.dsc 8697a1a846809424305cae4e3a36ff2e 84959 comm optional asterisk_1.6.2.9-2+squeeze2.debian.tar.gz bf423038f53ca9fd37b7c611d7c96050 1703746 doc extra asterisk-doc_1.6.2.9-2+squeeze2_all.deb 87eff4e2170c9cbf210aa87351424033 635482 devel extra asterisk-dev_1.6.2.9-2+squeeze2_all.deb 2bb17d91e2029ae25593e3d5e3999843 2186840 comm optional asterisk-sounds-main_1.6.2.9-2+squeeze2_all.deb fed9b9dac88607b781f62a7efde07d36 716440 comm optional asterisk-config_1.6.2.9-2+squeeze2_all.deb c44625222c21809662549a6593844a46 3599066 comm optional asterisk_1.6.2.9-2+squeeze2_amd64.deb c551867c1addad0a21557a9725041ab1 533072 comm optional asterisk-h323_1.6.2.9-2+squeeze2_amd64.deb fb1e95d63f01fef96d41edeb4f14a399 20322810 debug extra asterisk-dbg_1.6.2.9-2+squeeze2_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAk2zAlwACgkQxArWdkN9MoubTwCgyklnDyAEoH1XXQ3/byDgSJU7 6P4AmQGv2O0cmOxDoUuBypgKOKl9TV9W =lUc8 -----END PGP SIGNATURE-----