Publishing details

• Removed from disk on 2016-11-01.
• Removal requested on 2016-10-26.
• Published on 2011-07-19
• Copied from ubuntu lucid in PPA for Ubuntu Security Proposed

Changelog

asterisk (1:1.6.2.5-0ubuntu1.4) lucid-security; urgency=low

  * SECURITY UPDATE: denial of service and possible code exection via
    crafted UDPTL packet
    - debian/patches/AST-2011-002-1.6.2.diff: properly calculate lengths in
      main/udptl.c.
    - CVE-2011-1147
  * SECURITY UPDATE: denial of service via manager session with invalid
    data
    - debian/patches/AST-2011-003-1.6.2.diff: check for errors in
      main/manager.c.
    - CVE-2011-1174
  * SECURITY UPDATE: denial of service via many short TLS sessions
    - debian/patches/AST-2011-004-1.6.2.diff: gracefully handle failures
      in main/tcptls.c.
    - CVE-2011-1175
  * SECURITY UPDATE: denial of service via a series of TCP connections
    - debian/patches/AST-2011-005-1.6.2.diff: add timeouts and session
      limits to main/manager.c, configs/manager.conf.sample,
      channels/chan_sip.c, channels/chan_skinny.c, main/http.c,
      configs/{skinny,sip,http}.conf.sample.
    - CVE-2011-1507
  * SECURITY UPDATE: remote command execution via incomplete system
    privilege check
    - debian/patches/AST-2011-006-1.6.2.diff: correctly check privileges in
      main/manager.c.
    - CVE-2011-1599
  * SECURITY UPDATE: denial of service via crafted packet and SIP channel
    driver
    - debian/patches/AST-2011-008.diff: set proper length in
      channels/chan_sip.c.
    - CVE-2011-2529
  * SECURITY UPDATE: denial of service and possible code execution via
    IAX2 channel driver crafted frame
    - debian/patches/AST-2011-010-1.6.2.diff: validate options in
      channels/chan_iax2.c, main/features.c.
    - CVE-2011-2535
  * SECURITY UPDATE: account name enumeration
    - debian/patches/AST-2011-011-1.6.2.diff: adjust responses in
      channels/chan_sip.c.
    - CVE-2011-2536
 -- Marc Deslauriers <email address hidden>   Tue, 12 Jul 2011 15:49:26 -0400

Builds

• amd64
• armel
• i386
• ia64
• powerpc
• sparc

Package files

• asterisk-config_1.6.2.5-0ubuntu1.4_all.deb (642.5 KiB)
• asterisk-dbg_1.6.2.5-0ubuntu1.4_amd64.deb (20.4 MiB)
• asterisk-dbg_1.6.2.5-0ubuntu1.4_armel.deb (20.4 MiB)
• asterisk-dbg_1.6.2.5-0ubuntu1.4_i386.deb (20.4 MiB)
• asterisk-dbg_1.6.2.5-0ubuntu1.4_ia64.deb (20.5 MiB)
• asterisk-dbg_1.6.2.5-0ubuntu1.4_powerpc.deb (21.0 MiB)
• asterisk-dbg_1.6.2.5-0ubuntu1.4_sparc.deb (20.3 MiB)
• asterisk-dev_1.6.2.5-0ubuntu1.4_all.deb (570.8 KiB)
• asterisk-doc_1.6.2.5-0ubuntu1.4_all.deb (1.5 MiB)
• asterisk-h323_1.6.2.5-0ubuntu1.4_amd64.deb (476.4 KiB)
• asterisk-h323_1.6.2.5-0ubuntu1.4_armel.deb (471.4 KiB)
• asterisk-h323_1.6.2.5-0ubuntu1.4_i386.deb (471.0 KiB)
• asterisk-h323_1.6.2.5-0ubuntu1.4_ia64.deb (507.4 KiB)
• asterisk-h323_1.6.2.5-0ubuntu1.4_powerpc.deb (474.4 KiB)
• asterisk-h323_1.6.2.5-0ubuntu1.4_sparc.deb (470.1 KiB)
• asterisk-sounds-main_1.6.2.5-0ubuntu1.4_all.deb (2.1 MiB)
• asterisk_1.6.2.5-0ubuntu1.4.debian.tar.gz (74.6 KiB)
• asterisk_1.6.2.5-0ubuntu1.4.dsc (2.6 KiB)
• asterisk_1.6.2.5-0ubuntu1.4_amd64.deb (3.6 MiB)
• asterisk_1.6.2.5-0ubuntu1.4_armel.deb (3.4 MiB)
• asterisk_1.6.2.5-0ubuntu1.4_i386.deb (3.4 MiB)
• asterisk_1.6.2.5-0ubuntu1.4_ia64.deb (4.8 MiB)
• asterisk_1.6.2.5-0ubuntu1.4_powerpc.deb (3.6 MiB)
• asterisk_1.6.2.5-0ubuntu1.4_sparc.deb (3.6 MiB)
• asterisk_1.6.2.5.orig.tar.gz (22.1 MiB)