Changelog
asterisk (1:11.13.1~dfsg-2) testing-proposed-updates; urgency=high
* New upstream release: fixes AST-2014-011 (CVE-2014-3566, POODLE).
* Add a local gbp.conf for branch jessie
* New patches for recent security issues (Closes: #771463):
- AST-2014-012 (CVE-2014-8412): Mixed IP address families in ACLs
may permit unwanted traffic
- AST-2014-014 (CVE-2014-8414): High call load may result in hung
channels in ConfBridge
- AST-2014-017 (CVE-2014-8417): Mark CONFBRIDGE as a sensitive
function for external APIs
- AST-2014-018 (CVE-2014-8418): Mark DB as a sensitive function for
external APIs
* AST-2014-019.patch (CVE-2014-9374): Remote Crash Vulnerability in
WebSocket Server (Closes: #773230).
* sanity check to avoid changing the ABI hash.
-- Tzafrir Cohen <email address hidden> Thu, 01 Jan 2015 01:25:11 +0200