Change log for asterisk package in Ubuntu

175 of 132 results
Published in cosmic-proposed on 2018-07-23
asterisk (1:13.22.0~dfsg-1) unstable; urgency=medium

  * New upstream version 13.22.0~dfsg
    - CVE-2018-12227 / AST-2018-008 (Closes: #902954)
      PJSIP endpoint presence disclosure when using ACL
    - pjsip: Increase maximum number of usable ciphers (Closes: #897412)
  * Drop d/p/no_uname, not necessary anymore
  * Drop d/p/radcli-detection.patch, applied upstream
  * Fix d/p/hack-multiple-app-voicemail for upstream libtdl drop
  * Unfuzz d/p/amr.patch and d/p/ffmpeg-detection.patch
  * Fix FTBFS due to wrong filename for dh_installdocs (Closes: #903412)

 -- Bernhard Schmidt <email address hidden>  Sun, 22 Jul 2018 23:31:23 +0200
Published in cosmic-release on 2018-05-15
Deleted in cosmic-proposed (Reason: moved to release)
asterisk (1:13.20.0~dfsg-1) unstable; urgency=medium

  * New upstream version 13.20.0 (Closes: #891227, #891228)
  * Reorganize upstream GPG keys
    - Split individual signing keys in separate files
    - Add new key for Ben Ford <email address hidden>: 0x073B0C1FC9B2E352
    - Add new key for Joshua Colp <email address hidden>:
      0xCDBEE4CC699E200EB4D46BB79E76E3A42341CE04
  * Fix missing/broken Closes: in previous changelog
  * Install realtime database schema into asterisk-doc
  * Point Vcs-* to salsa

 -- Bernhard Schmidt <email address hidden>  Tue, 03 Apr 2018 10:59:20 +0200
Superseded in cosmic-release on 2018-05-15
Published in bionic-release on 2018-03-07
Deleted in bionic-proposed (Reason: moved to release)
asterisk (1:13.18.3~dfsg-1ubuntu4) bionic; urgency=medium

  * No-change rebuild against libcurl4

 -- Steve Langasek <email address hidden>  Wed, 28 Feb 2018 06:44:47 +0000
Superseded in bionic-release on 2018-03-07
Deleted in bionic-proposed on 2018-03-08 (Reason: moved to release)
asterisk (1:13.18.3~dfsg-1ubuntu3) bionic; urgency=high

  * No change rebuild against openssl1.1.

 -- Dimitri John Ledkov <email address hidden>  Tue, 06 Feb 2018 12:11:04 +0000
Superseded in bionic-release on 2018-02-08
Deleted in bionic-proposed on 2018-02-10 (Reason: moved to release)
asterisk (1:13.18.3~dfsg-1ubuntu2) bionic; urgency=medium

  * No-change rebuild for libical soname change.

 -- Matthias Klose <email address hidden>  Sat, 09 Dec 2017 11:51:40 +0000
Superseded in bionic-release on 2017-12-09
Deleted in bionic-proposed on 2017-12-10 (Reason: moved to release)
asterisk (1:13.18.3~dfsg-1ubuntu1) bionic; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - debian/asterisk.init: chown /dev/dahdi.

Superseded in bionic-release on 2017-12-08
Deleted in bionic-proposed on 2017-12-09 (Reason: moved to release)
asterisk (1:13.18.1~dfsg-1ubuntu1) bionic; urgency=medium

  * Merge from Debian unstable.  Remaining changes:
    - debian/asterisk.init: chown /dev/dahdi.

Superseded in bionic-release on 2017-11-12
Deleted in bionic-proposed on 2017-11-14 (Reason: moved to release)
asterisk (1:13.17.2~dfsg-2ubuntu1) bionic; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - debian/asterisk.init: chown /dev/dahdi.

Superseded in bionic-release on 2017-10-27
Published in artful-release on 2017-09-25
Deleted in artful-proposed (Reason: moved to release)
asterisk (1:13.17.2~dfsg-1ubuntu1) artful; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - debian/asterisk.init: chown /dev/dahdi.

Superseded in artful-release on 2017-09-25
Deleted in artful-proposed on 2017-09-26 (Reason: moved to release)
asterisk (1:13.17.1~dfsg-1ubuntu1) artful; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - debian/asterisk.init: chown /dev/dahdi.

Superseded in artful-release on 2017-09-03
Deleted in artful-proposed on 2017-09-04 (Reason: moved to release)
asterisk (1:13.17.0~dfsg-2ubuntu1) artful; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - debian/asterisk.init: chown /dev/dahdi.

Superseded in artful-release on 2017-08-21
Deleted in artful-proposed on 2017-08-22 (Reason: moved to release)
asterisk (1:13.14.1~dfsg-2ubuntu4) artful; urgency=medium

  * Rebuild against libgmime2.6 new source package.

 -- Gianfranco Costamagna <email address hidden>  Mon, 14 Aug 2017 13:06:54 +0200
Superseded in artful-release on 2017-08-14
Deleted in artful-proposed on 2017-08-15 (Reason: moved to release)
asterisk (1:13.14.1~dfsg-2ubuntu3) artful; urgency=medium

  * Rebuild against libgmime3.

 -- Gianfranco Costamagna <email address hidden>  Thu, 10 Aug 2017 11:03:38 +0200
Superseded in artful-release on 2017-08-10
Deleted in artful-proposed on 2017-08-11 (Reason: moved to release)
asterisk (1:13.14.1~dfsg-2ubuntu2) artful; urgency=medium

  * No-change rebuild against libgmime-3.0-0

 -- Steve Langasek <email address hidden>  Thu, 20 Jul 2017 03:25:48 +0000
Superseded in artful-release on 2017-07-20
Deleted in artful-proposed on 2017-07-21 (Reason: moved to release)
asterisk (1:13.14.1~dfsg-2ubuntu1) artful; urgency=high

  * Merge from Debian unstable. Remaining changes:
    - debian/asterisk.init: chown /dev/dahdi.

Superseded in artful-release on 2017-06-03
Deleted in artful-proposed on 2017-06-04 (Reason: moved to release)
asterisk (1:13.14.1~dfsg-1ubuntu1) artful; urgency=medium

  * Merge from Debian unstable.  Remaining changes:
    - debian/asterisk.init: chown /dev/dahdi.

Published in xenial-updates on 2017-04-12
Deleted in xenial-proposed (Reason: moved to -updates)
asterisk (1:13.1.0~dfsg-1.1ubuntu4.1) xenial; urgency=medium

  * debian/patches/fix_h264.patch: Backport fixes for H.264 support.
    Thanks to Joshua Colp <email address hidden>, Alexander Traud
    <email address hidden>, and Jörg Hänsel.  Closes LP: #1671767.

 -- Nishanth Aravamudan <email address hidden>  Thu, 30 Mar 2017 16:43:30 -0700
Superseded in artful-release on 2017-05-06
Obsolete in zesty-release on 2018-06-22
Deleted in zesty-proposed on 2018-06-22 (Reason: moved to release)
asterisk (1:13.13.1~dfsg-4ubuntu1) zesty; urgency=medium

  * Resync on Debian unstable. Remaining changes:
    + debian/asterisk.init: chown /dev/dahdi.

Superseded in zesty-release on 2017-01-25
Deleted in zesty-proposed on 2017-01-26 (Reason: moved to release)
asterisk (1:13.12.2~dfsg-1ubuntu1) zesty; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - debian/asterisk.init: chown /dev/dahdi.

Superseded in zesty-release on 2016-11-14
Deleted in zesty-proposed on 2016-11-16 (Reason: moved to release)
asterisk (1:13.12.1~dfsg-1ubuntu1) zesty; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - debian/asterisk.init: chown /dev/dahdi.

Superseded in zesty-release on 2016-11-14
Obsolete in yakkety-release on 2018-01-23
Deleted in yakkety-proposed on 2018-01-23 (Reason: moved to release)
asterisk (1:13.10.0~dfsg-1ubuntu2) yakkety; urgency=medium

  * No-change rebuild against current radius client lib now that
    libfreeradius-client-dev is removed from archive.

 -- Steve Langasek <email address hidden>  Sat, 01 Oct 2016 00:55:47 -0700
Superseded in yakkety-proposed on 2016-10-01
asterisk (1:13.10.0~dfsg-1ubuntu1) yakkety; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - debian/asterisk.init: chown /dev/dahdi.
  * Dropped changes, included in Debian:
    - Add build dependencies on libsdl2-dev, libopencore-amrnb-dev,
      libopencore-amrwb-dev.
    - Add build dependencies on libavformat-dev, libv4l-dev, libavutil-dev,
      libswscale-dev and libavcodec-dev.

Superseded in yakkety-release on 2016-10-01
Deleted in yakkety-proposed on 2016-10-02 (Reason: moved to release)
asterisk (1:13.1.0~dfsg-1.1ubuntu5) yakkety; urgency=medium

  * No-change rebuild for libical soname change.

 -- Matthias Klose <email address hidden>  Wed, 25 May 2016 12:58:53 +0000
Superseded in yakkety-release on 2016-06-01
Published in xenial-release on 2016-04-07
Deleted in xenial-proposed (Reason: moved to release)
asterisk (1:13.1.0~dfsg-1.1ubuntu4) xenial; urgency=medium

  * Rebuild against libmysqlclient20.

 -- Robie Basak <email address hidden>  Tue, 05 Apr 2016 12:13:44 +0000
Superseded in xenial-release on 2016-04-07
Obsolete in wily-release on 2018-01-22
Deleted in wily-proposed on 2018-01-22 (Reason: moved to release)
asterisk (1:13.1.0~dfsg-1.1ubuntu3) wily; urgency=medium

  * Add build dependencies on libavformat-dev, libv4l-dev, libavutil-dev,
    libswscale-dev, libavcodec-dev.

 -- Matthias Klose <email address hidden>  Wed, 02 Sep 2015 16:01:33 +0200
Superseded in wily-proposed on 2015-09-02
asterisk (1:13.1.0~dfsg-1.1ubuntu2) wily; urgency=medium

  * Add build dependencies on  libsdl2-dev, libopencore-amrnb-dev,
    libopencore-amrwb-dev.

 -- Matthias Klose <email address hidden>  Wed, 02 Sep 2015 14:20:00 +0200
Superseded in wily-proposed on 2015-09-02
asterisk (1:13.1.0~dfsg-1.1ubuntu1) wily; urgency=medium

  * Merge from Debian unstable, remaining changes:
    - debian/asterisk.init:
      + chown /dev/dahdi.
  * Dropped changes, superseded in Debian:
    - drop use of hardening-wrapper; we now use the standard dpkg mechanism.

Superseded in wily-proposed on 2015-08-13
asterisk (1:13.1.0~dfsg-1ubuntu3) wily; urgency=medium

  * No-change rebuild against libjack-jackd2-0v5

 -- Steve Langasek <email address hidden>  Tue, 11 Aug 2015 06:32:49 +0000
Superseded in wily-release on 2015-09-02
Obsolete in vivid-release on 2018-01-18
Deleted in vivid-proposed on 2018-01-19 (Reason: moved to release)
asterisk (1:13.1.0~dfsg-1ubuntu2) vivid; urgency=medium

  * No-change rebuild for new libical
 -- Iain Lane <email address hidden>   Tue, 06 Jan 2015 12:09:18 +0000
Superseded in vivid-release on 2015-01-07
Deleted in vivid-proposed on 2015-01-08 (Reason: moved to release)
asterisk (1:13.1.0~dfsg-1ubuntu1) vivid; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - debian/asterisk.init:
      + chown /dev/dahdi.
    - debian/control, debian/rules:
      + Enable Hardening Wrapper (PIE and BIND_NOW).
 -- Artur Rona <email address hidden>   Sat, 03 Jan 2015 11:14:20 +0100
Superseded in vivid-release on 2015-01-03
Deleted in vivid-proposed on 2015-01-04 (Reason: moved to release)
asterisk (1:13.0.0~dfsg-2ubuntu1) vivid; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - debian/asterisk.init:
      + chown /dev/dahdi.
    - debian/control, debian/rules:
      + Enable Hardening Wrapper (PIE and BIND_NOW).
  * Drop following change, no reason to keeping:
    - debian/control:
      + Build against libical 1.0.
 -- Artur Rona <email address hidden>   Thu, 30 Oct 2014 00:22:53 +0100
Superseded in vivid-release on 2014-10-30
Deleted in vivid-proposed on 2014-10-31 (Reason: moved to release)
asterisk (1:11.13.0~dfsg-1ubuntu1) vivid; urgency=medium

  * Merge from Debian unstable.  Remaining changes:
    - debian/asterisk.init:
      + chown /dev/dahdi.
    - debian/control, debian/rules:
      + Enable Hardening Wrapper (PIE and BIND_NOW).
    - debian/control:
      + Build against libical 1.0.
 -- Bhavani Shankar <email address hidden>   Sun, 26 Oct 2014 12:15:33 +0530
Superseded in vivid-release on 2014-10-26
Obsolete in utopic-release on 2016-11-03
Deleted in utopic-proposed on 2016-11-03 (Reason: moved to release)
asterisk (1:11.11.0~dfsg-2ubuntu1) utopic; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - debian/asterisk.init:
      + chown /dev/dahdi.
    - debian/control, debian/rules:
      + Enable Hardening Wrapper (PIE and BIND_NOW).
    - debian/control:
      + Build against libical 1.0.
 -- Artur Rona <email address hidden>   Wed, 20 Aug 2014 23:14:39 +0200
Superseded in utopic-release on 2014-08-20
Deleted in utopic-proposed on 2014-08-22 (Reason: moved to release)
asterisk (1:11.10.2~dfsg-1ubuntu1) utopic; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - debian/asterisk.init:
      + chown /dev/dahdi.
    - debian/control, debian/rules:
      + Enable Hardening Wrapper (PIE and BIND_NOW).
    - debian/control:
      + Build against libical 1.0.
 -- Artur Rona <email address hidden>   Sun, 15 Jun 2014 10:38:06 +0200
Superseded in utopic-release on 2014-06-15
Deleted in utopic-proposed on 2014-06-16 (Reason: moved to release)
asterisk (1:11.10.0~dfsg-1ubuntu1) utopic; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - debian/asterisk.init:
      + chown /dev/dahdi.
    - debian/control, debian/rules:
      + Enable Hardening Wrapper (PIE and BIND_NOW).
    - debian/control:
      + Build against libical 1.0.
 -- Artur Rona <email address hidden>   Wed, 04 Jun 2014 23:23:28 +0200
Superseded in utopic-release on 2014-06-04
Deleted in utopic-proposed on 2014-06-06 (Reason: moved to release)
asterisk (1:11.9.0~dfsg-2ubuntu1) utopic; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - debian/asterisk.init:
      + chown /dev/dahdi.
    - debian/control, debian/rules:
      + Enable Hardening Wrapper (PIE and BIND_NOW).
    - debian/control:
      + Build against libical 1.0.
 -- Artur Rona <email address hidden>   Thu, 29 May 2014 23:42:20 +0200
Superseded in utopic-release on 2014-05-29
Deleted in utopic-proposed on 2014-05-31 (Reason: moved to release)
asterisk (1:11.8.1~dfsg-1ubuntu1) utopic; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - debian/asterisk.init:
      + chown /dev/dahdi
    - debian/control, debian/rules:
      + Enable Hardening Wrapper (PIE and BIND_NOW)
    - debian/control:
      + Build against libical 1.0
 -- Artur Rona <email address hidden>   Sun, 11 May 2014 09:36:21 +0200
Superseded in utopic-release on 2014-05-12
Published in trusty-release on 2013-12-24
Deleted in trusty-proposed (Reason: moved to release)
asterisk (1:11.7.0~dfsg-1ubuntu1) trusty; urgency=low

  * Merge from Debian testing, remaining changes:
    - debian/asterisk.init: chown /dev/dahdi
    - debian/control, debian/rules:
      + Enable Hardening Wrapper (PIE and BIND_NOW)
      + Build against libical 1.0

Superseded in trusty-release on 2013-12-24
Deleted in trusty-proposed on 2013-12-25 (Reason: moved to release)
asterisk (1:11.6.0~dfsg-3ubuntu1) trusty; urgency=low

  * Merge from Debian unstable, remaining changes:
    - debian/asterisk.init: chown /dev/dahdi
    - debian/control, debian/rules:
      + Enable Hardening Wrapper (PIE and BIND_NOW)
      + Build against libical 1.0

Superseded in trusty-release on 2013-12-17
Obsolete in saucy-release on 2015-04-24
Deleted in saucy-proposed on 2015-04-28 (Reason: moved to release)
asterisk (1:1.8.13.1~dfsg-3ubuntu3) saucy; urgency=low

  * Use the autotools-dev dh addon to update config.guess/config.sub for
    arm64.
 -- Colin Watson <email address hidden>   Thu, 17 Oct 2013 00:43:57 +0100
Superseded in saucy-release on 2013-10-17
Deleted in saucy-proposed on 2013-10-18 (Reason: moved to release)
asterisk (1:1.8.13.1~dfsg-3ubuntu2) saucy; urgency=low

  * Drop Build-Depends on libopenais-dev. This drops support for res_ais.so.
    A newer upstream release has support for Corosync instead of ais.
 -- Andres Rodriguez <email address hidden>   Wed, 25 Sep 2013 14:06:23 -0400
Superseded in saucy-release on 2013-09-26
Deleted in saucy-proposed on 2013-09-27 (Reason: moved to release)
asterisk (1:1.8.13.1~dfsg-3ubuntu1) saucy; urgency=low

  * Merge from Debian unstable. (LP: #1205644) Remaining changes:
    - debian/asterisk.init:
      + chown /dev/dahdi
    - debian/control, debian/rules:
      + Enable Hardening Wrapper (PIE and BIND_NOW).
      + Build against libical 1.0.
    - debian/patches/armhf-fixes:
      + Fix FTBFS on armhf.
  * Fixed security issues:
    - CVE-2012-5976 (LP: #1097687)
    - CVE-2012-5977 (LP: #1097691)
    - CVE-2013-2686
    - CVE-2013-2264

Superseded in saucy-release on 2013-07-30
Deleted in saucy-proposed on 2013-07-31 (Reason: moved to release)
asterisk (1:1.8.13.1~dfsg-1ubuntu4) saucy; urgency=low

  * Build against libical 1.0
 -- Jonathan Riddell <email address hidden>   Thu, 13 Jun 2013 13:23:50 +0100
Superseded in saucy-release on 2013-06-19
Deleted in saucy-proposed on 2013-06-20 (Reason: moved to release)
asterisk (1:1.8.13.1~dfsg-1ubuntu3) saucy; urgency=low

  * Rebuild for libsnmp30.
 -- Colin Watson <email address hidden>   Mon, 20 May 2013 09:47:14 +0100
Superseded in saucy-release on 2013-06-02
Obsolete in raring-release on 2015-04-24
Obsolete in quantal-release on 2015-04-24
asterisk (1:1.8.13.1~dfsg-1ubuntu2) quantal; urgency=low

  * Build-depend on hardening-wrapper again,
    reenables pie and bindnow (LP: #1039542)
 -- Julian Taylor <email address hidden>   Tue, 09 Oct 2012 21:44:39 +0200
Superseded in quantal-release on 2012-10-09
asterisk (1:1.8.13.1~dfsg-1ubuntu1) quantal; urgency=low

  * Merge from Debian unstable. (LP: #1022360, CVE-2012-3812)
    Remaining changes:
    - debian/asterisk.init: chown /dev/dahdi
    - Fix building on armhf with debian/patches/armhf-fixes:
      + Flatten linux-gnueabihf in configure to linux-gnu, in
        the same way that's already done for linux-gnueabi

Superseded in quantal-release on 2012-09-08
asterisk (1:1.8.13.0~dfsg-1ubuntu1) quantal; urgency=low

  * Merge from Debian unstable.
  * Remaining changes:
    - debian/asterisk.init: chown /dev/dahdi
    - Fix building on armhf with debian/patches/armhf-fixes:
      + Flatten linux-gnueabihf in configure to linux-gnu, in
        the same way that's already done for linux-gnueabi
  * Changes dropped from Ubuntu delta as no longer applicable:
    - debian/backports/hardy: add file
    - debian/backports/asterisk.init.hardy: add file

Superseded in quantal-release on 2012-06-20
Published in precise-release on 2012-04-24
asterisk (1:1.8.10.1~dfsg-1ubuntu1) precise; urgency=low

  * Merge from Debian unstable. (LP: #987772, #956578, #956580, #956581)
  * Remaining changes:
    - debian/asterisk.init: chown /dev/dahdi
    - debian/backports/hardy: add file
    - debian/backports/asterisk.init.hardy: add file
    - Fix building on armhf with debian/patches/armhf-fixes:
      + Flatten linux-gnueabihf in configure to linux-gnu, in
        the same way that's already done for linux-gnueabi
  * Changes dropped from Ubuntu delta as no longer applicable:
    - debian/patches/backport-r312866.diff: Backported from upstream
    - debian/control: Build-depend on hardening-wrapper, now handled
      by dpkg-buildflags
    - debian/rules: Make use of hardening-wrapper

Obsolete in oneiric-updates on 2015-04-24
Deleted in oneiric-proposed on 2015-04-26 (Reason: moved to -updates)
asterisk (1:1.8.4.4~dfsg-2ubuntu1.1) oneiric-proposed; urgency=low

  * debian/patches/backport-r312866.diff
  -  Responding to OPTIONS packet with 404 because Asterisk not looking for
     "s" extension (LP: #920020)
 -- Paul Belanger <email address hidden>   Sun, 11 Mar 2012 00:40:50 +0100
Superseded in precise-release on 2012-04-24
asterisk (1:1.8.4.4~dfsg-2ubuntu4) precise; urgency=low

  * debian/patches/backport-r312866.diff
  -  Responding to OPTIONS packet with 404 because Asterisk not looking for
     "s" extension (LP: #920020)
 -- Paul Belanger <email address hidden>   Sat, 10 Mar 2012 21:38:29 +0100
Superseded in precise-release on 2012-03-11
asterisk (1:1.8.4.4~dfsg-2ubuntu3) precise; urgency=low

  * Fix building on armhf with debian/patches/armhf-fixes:
    - Add linux-gnueabihf to list of OSARCHes that need -ldl
    - Flatten linux-gnueabihf in configure to linux-gnu, in
      the same way that's already done for linux-gnueabi
 -- Adam Conrad <email address hidden>   Thu, 12 Jan 2012 09:08:17 -0700
Superseded in precise-release on 2012-01-13
asterisk (1:1.8.4.4~dfsg-2ubuntu2) precise; urgency=low

  * Rebuild for libmysqlclient transition.
 -- Clint Byrum <email address hidden>   Wed, 23 Nov 2011 10:52:40 -0800
Superseded in precise-release on 2011-11-23
Obsolete in oneiric-release on 2015-04-24
asterisk (1:1.8.4.4~dfsg-2ubuntu1) oneiric; urgency=low

  * Merge from debian unstable (LP: #852479).  Remaining changes:
    - debian/control: Build-depend on hardening-wrapper
    - debian/rules: Make use of hardening-wrapper
    - debian/asterisk.init: chown /dev/dahdi
    - debian/backports/hardy: add file
    - debian/backports/asterisk.init.hardy: add file
  * Changes dropped from Ubuntu delta as no longer applicable:
    - debian/control:
      + Removed Uploaders field
      + Removed Debian Vcs-Svn entry and replaced with ubuntu-voip Vcs-Bzr,
        to reflect divergence in packages.

Obsolete in lucid-updates on 2016-10-26
Obsolete in lucid-security on 2016-10-26
asterisk (1:1.6.2.5-0ubuntu1.4) lucid-security; urgency=low

  * SECURITY UPDATE: denial of service and possible code exection via
    crafted UDPTL packet
    - debian/patches/AST-2011-002-1.6.2.diff: properly calculate lengths in
      main/udptl.c.
    - CVE-2011-1147
  * SECURITY UPDATE: denial of service via manager session with invalid
    data
    - debian/patches/AST-2011-003-1.6.2.diff: check for errors in
      main/manager.c.
    - CVE-2011-1174
  * SECURITY UPDATE: denial of service via many short TLS sessions
    - debian/patches/AST-2011-004-1.6.2.diff: gracefully handle failures
      in main/tcptls.c.
    - CVE-2011-1175
  * SECURITY UPDATE: denial of service via a series of TCP connections
    - debian/patches/AST-2011-005-1.6.2.diff: add timeouts and session
      limits to main/manager.c, configs/manager.conf.sample,
      channels/chan_sip.c, channels/chan_skinny.c, main/http.c,
      configs/{skinny,sip,http}.conf.sample.
    - CVE-2011-1507
  * SECURITY UPDATE: remote command execution via incomplete system
    privilege check
    - debian/patches/AST-2011-006-1.6.2.diff: correctly check privileges in
      main/manager.c.
    - CVE-2011-1599
  * SECURITY UPDATE: denial of service via crafted packet and SIP channel
    driver
    - debian/patches/AST-2011-008.diff: set proper length in
      channels/chan_sip.c.
    - CVE-2011-2529
  * SECURITY UPDATE: denial of service and possible code execution via
    IAX2 channel driver crafted frame
    - debian/patches/AST-2011-010-1.6.2.diff: validate options in
      channels/chan_iax2.c, main/features.c.
    - CVE-2011-2535
  * SECURITY UPDATE: account name enumeration
    - debian/patches/AST-2011-011-1.6.2.diff: adjust responses in
      channels/chan_sip.c.
    - CVE-2011-2536
 -- Marc Deslauriers <email address hidden>   Tue, 12 Jul 2011 15:49:26 -0400
Obsolete in maverick-updates on 2013-03-05
Obsolete in maverick-security on 2013-03-05
asterisk (1:1.6.2.7-1ubuntu1.2) maverick-security; urgency=low

  * SECURITY UPDATE: denial of service and possible code exection via
    crafted UDPTL packet
    - debian/patches/AST-2011-002-1.6.2.diff: properly calculate lengths in
      main/udptl.c.
    - CVE-2011-1147
  * SECURITY UPDATE: denial of service via manager session with invalid
    data
    - debian/patches/AST-2011-003-1.6.2.diff: check for errors in
      main/manager.c.
    - CVE-2011-1174
  * SECURITY UPDATE: denial of service via many short TLS sessions
    - debian/patches/AST-2011-004-1.6.2.diff: gracefully handle failures
      in main/tcptls.c.
    - CVE-2011-1175
  * SECURITY UPDATE: denial of service via a series of TCP connections
    - debian/patches/AST-2011-005-1.6.2.diff: add timeouts and session
      limits to main/manager.c, configs/manager.conf.sample,
      channels/chan_sip.c, channels/chan_skinny.c, main/http.c,
      configs/{skinny,sip,http}.conf.sample.
    - CVE-2011-1507
  * SECURITY UPDATE: remote command execution via incomplete system
    privilege check
    - debian/patches/AST-2011-006-1.6.2.diff: correctly check privileges in
      main/manager.c.
    - CVE-2011-1599
  * SECURITY UPDATE: denial of service via crafted packet and SIP channel
    driver
    - debian/patches/AST-2011-008.diff: set proper length in
      channels/chan_sip.c.
    - CVE-2011-2529
  * SECURITY UPDATE: denial of service and possible code execution via
    IAX2 channel driver crafted frame
    - debian/patches/AST-2011-010-1.6.2.diff: validate options in
      channels/chan_iax2.c, main/features.c.
    - CVE-2011-2535
  * SECURITY UPDATE: account name enumeration
    - debian/patches/AST-2011-011-1.6.2.diff: adjust responses in
      channels/chan_sip.c.
    - CVE-2011-2536
 -- Marc Deslauriers <email address hidden>   Tue, 12 Jul 2011 15:44:59 -0400
Obsolete in natty-updates on 2013-06-04
Obsolete in natty-security on 2013-06-04
asterisk (1:1.6.2.9-2ubuntu2.1) natty-security; urgency=low

  * SECURITY UPDATE: denial of service and possible code exection via
    crafted UDPTL packet
    - debian/patches/AST-2011-002-1.6.2.diff: properly calculate lengths in
      main/udptl.c.
    - CVE-2011-1147
  * SECURITY UPDATE: denial of service via manager session with invalid
    data
    - debian/patches/AST-2011-003-1.6.2.diff: check for errors in
      main/manager.c.
    - CVE-2011-1174
  * SECURITY UPDATE: denial of service via many short TLS sessions
    - debian/patches/AST-2011-004-1.6.2.diff: gracefully handle failures
      in main/tcptls.c.
    - CVE-2011-1175
  * SECURITY UPDATE: denial of service via a series of TCP connections
    - debian/patches/AST-2011-005-1.6.2.diff: add timeouts and session
      limits to main/manager.c, configs/manager.conf.sample,
      channels/chan_sip.c, channels/chan_skinny.c, main/http.c,
      configs/{skinny,sip,http}.conf.sample.
    - CVE-2011-1507
  * SECURITY UPDATE: remote command execution via incomplete system
    privilege check
    - debian/patches/AST-2011-006-1.6.2.diff: correctly check privileges in
      main/manager.c.
    - CVE-2011-1599
  * SECURITY UPDATE: denial of service via crafted packet and SIP channel
    driver
    - debian/patches/AST-2011-008.diff: set proper length in
      channels/chan_sip.c.
    - CVE-2011-2529
  * SECURITY UPDATE: denial of service and possible code execution via
    IAX2 channel driver crafted frame
    - debian/patches/AST-2011-010-1.6.2.diff: validate options in
      channels/chan_iax2.c, main/features.c.
    - CVE-2011-2535
  * SECURITY UPDATE: account name enumeration
    - debian/patches/AST-2011-011-1.6.2.diff: adjust responses in
      channels/chan_sip.c.
    - CVE-2011-2536
 -- Marc Deslauriers <email address hidden>   Tue, 12 Jul 2011 14:38:08 -0400
Superseded in oneiric-release on 2011-09-23
asterisk (1:1.8.3.3-1ubuntu1) oneiric; urgency=low

  * Merge from debian unstable, remaining changes:
    - debian/control:
      + Build-depend on hardening-wrapper
      + Removed Uploaders field
      + Removed Debian Vcs-Svn entry and replaced with ubuntu-voip Vcs-Bzr,
        to reflect divergence in packages.
    - debian/rules: Make use of hardening-wrapper
    - debian/asterisk.init: chown /dev/dahdi
    - debian/backports/hardy: add file
    - debian/backports/asterisk.init.hardy: add file

Superseded in lucid-updates on 2011-07-19
Superseded in lucid-security on 2011-07-18
asterisk (1:1.6.2.5-0ubuntu1.3) lucid-security; urgency=low

  * SECURITY UPDATE: Stack buffer overflow in SIP channel driver. (LP: #705014)
    - debian/patches/AST-2011-001-1.6.2: The size of the output buffer passed
      to the ast_uri_encode function is now properly respected in main/utils.c.
      Patch courtesy of upstream.
    - CVE-2011-0495
 -- Dave Walker (Daviey) <email address hidden>   Thu, 20 Jan 2011 23:31:55 +0000
Superseded in maverick-updates on 2011-07-19
Superseded in maverick-security on 2011-07-18
asterisk (1:1.6.2.7-1ubuntu1.1) maverick-security; urgency=low

  * SECURITY UPDATE: Stack buffer overflow in SIP channel driver. (LP: #705014)
    - debian/patches/AST-2011-001-1.6.2: The size of the output buffer passed
      to the ast_uri_encode function is now properly respected in main/utils.c.
      Patch courtesy of upstream.
    - CVE-2011-0495
 -- Dave Walker (Daviey) <email address hidden>   Thu, 20 Jan 2011 23:36:57 +0000
Superseded in oneiric-release on 2011-05-03
Obsolete in natty-release on 2013-06-04
asterisk (1:1.6.2.9-2ubuntu2) natty; urgency=low

  * SECURITY UPDATE: Stack buffer overflow in SIP channel driver. (LP: #705014)
    - debian/patches/AST-2011-001-1.6.2: The size of the output buffer passed
      to the ast_uri_encode function is now properly respected in main/utils.c.
      Patch courtesy of upstream.
    - CVE-2011-0495
 -- Dave Walker (Daviey) <email address hidden>   Thu, 20 Jan 2011 21:19:46 +0000
Superseded in lucid-updates on 2011-01-21
Deleted in lucid-proposed on 2011-01-22 (Reason: moved to -updates)
asterisk (1:1.6.2.5-0ubuntu1.2) lucid-proposed; urgency=low

  * debian/patches/unattended_fix: Fix attended transfer call in 1.2.6.5
    Patch based on Asterisk project's upstream patch (between 1.2.6.5 and
    1.2.6.6 where issue is declared to be fixed see issue 16816 on Asterisk
    bug tracker). (LP: #686625)
 -- Lionel Porcheron <email address hidden>   Mon, 06 Dec 2010 16:56:12 +0100
Superseded in natty-release on 2011-01-21
asterisk (1:1.6.2.9-2ubuntu1) natty; urgency=low

  * Merge from debian unstable, remaining changes:
    - debian/control:
      + Build-depend on hardening-wrapper
      + Change Maintainer
      + Removed Uploaders field.
      + Removed Debian Vcs-Svn entry and replaced with ubuntu-voip Vcs-Bzr,
        to reflect divergence in packages.
    - debian/rules: Make use of hardening-wrapper
    - debian/asterisk.init: chown /dev/dahdi
    - debian/backports/hardy: add file
    - debian/backports/asterisk.init.hardy: add file

Superseded in lucid-updates on 2011-01-21
Deleted in lucid-proposed on 2011-01-22 (Reason: moved to -updates)
asterisk (1:1.6.2.5-0ubuntu1.1) lucid-proposed; urgency=low

  * debian/patches/dnsmgr-A-SRV-handling: Resolve handling of A and SRV
    record changes and problem with multiple A/SRV records returned.
    Patch based on Asterisk project's upstream patch.  (LP: #605358)
 -- Dave Walker (Daviey) <email address hidden>   Wed, 14 Jul 2010 11:40:55 +0100
Superseded in natty-release on 2010-10-15
Obsolete in maverick-release on 2013-03-05
asterisk (1:1.6.2.7-1ubuntu1) maverick; urgency=low

  * Merge from debian unstable (LP: #597792), remaining changes:
    - debian/control:
      + Build-depend on hardening-wrapper
      + Change Maintainer
      + Removed Uploaders field.
      + Removed Debian Vcs-Svn entry and replaced with ubuntu-voip Vcs-Bzr,
        to reflect divergence in packages.
    - debian/rules: Make use of hardening-wrapper
    - debian/asterisk.init: chown /dev/dahdi
    - debian/backports/hardy: add file
    - debian/backports/asterisk.init.hardy: add file

Superseded in maverick-release on 2010-06-23
Obsolete in lucid-release on 2016-10-26
asterisk (1:1.6.2.5-0ubuntu1) lucid; urgency=low

  * New upstream bugfix release (1.6.2.5)
   * Security Fixes:
    - AST-2010-003: Invalid parsing of ACL rules can compromise security
    - AST-2010-002: Dialplan injection vulnerability

  * Remaining Ubuntu-specific changes:
    - debian/control: Build-depend on hardening-wrapper
    - debian/rules: Make use of hardening-wrapper
    - debian/control: Change Maintainer
    - debian/control: Removed Uploaders field.
    - debian/control: Removed Debian Vcs-Svn entry and replaced with
        ubuntu-voip Vcs-Bzr, to reflect divergence in packages.
    - debian/asterisk.init : chown /dev/dahdi
    - debian/backports/hardy : add file
    - debian/backports/asterisk.init.hardy : add file
 -- Jean-Michel Dault <email address hidden>   Tue, 13 Apr 2010 16:27:27 -0400
Superseded in lucid-release on 2010-04-14
asterisk (1:1.6.2.2-1ubuntu2) lucid; urgency=low

  * debian/{control,rules}: re-enable hardened options to gain PIE build
    (Debian bug 542741, LP: #527538)
 -- Steve Beattie <email address hidden>   Tue, 02 Mar 2010 10:00:03 -0800
Superseded in lucid-release on 2010-03-02
asterisk (1:1.6.2.2-1ubuntu1) lucid; urgency=high

  * Merge from Debian: security update
    * Changes:
    - debian/control: Change Maintainer
    - debian/control: Removed Uploaders field.
    - debian/control: Removed Debian Vcs-Svn entry and replaced with
        ubuntu-voip Vcs-Bzr, to reflect divergence in packages.
    - debian/asterisk.init : chown /dev/dahdi
    - debian/backports/hardy : add file
    - debian/backports/asterisk.init.hardy : add file
 -- Jean-Michel Dault <email address hidden>   Tue, 16 Feb 2010 14:08:54 -0500
Superseded in lucid-release on 2010-02-17
asterisk (1:1.6.2.0~rc2-0ubuntu3) lucid; urgency=low

  * debian/control: remove libreadline5-dev from Depends field.
 -- Devid Antonio Filoni <email address hidden>   Wed, 30 Dec 2009 15:32:48 +0100
Superseded in lucid-release on 2009-12-30
asterisk (1:1.6.2.0~rc2-0ubuntu2) lucid; urgency=low

  [ Dave Walker (Daviey) ]
  * SECURITY UPDATE: ACL not respected on SIP INVITE (LP: #491632).
    - debian/patches/AST-2009-007: Additional check in channels/chan_sip.c to
      check ACL for handling SIP INVITEs.  This blocks calls on networks
      intended to be prohibited, by configuration. Based on upstream patch.
    - AST-2009-007
    - CVE-2009-3723
  * SECURITY UPDATE: SIP responses expose valid usernames (LP: #491637).
    - debian/patches/AST-2009-008: Sanitise certain return of REGISTER message
      to stop a specially crafted series of requests returning valid usernames.
      Based on upstream patch.
    - AST-2009-008
    - CVE-2009-3727
  * SECURITY UPDATE:  RTP Remote Crash Vulnerability (LP: #493555).
    - debian/patches/AST-2009-010: Stops Asterisk from crashing when an RTP
      comfort noise payload containing 24 bytes or greater is recieved.
    - AST-2009-010
    - CVE-2009-4055

  [ Roberto D'Auria ]
  * debian/patches/iax2-heavy-traffic-fix: Stops asterisk crashing on
    heavy traffic on iax2 channel, editing channels/chan_iax2.c.
    Based on upstream patch. (LP: #501116)
 -- Roberto D'Auria <email address hidden>   Wed, 30 Dec 2009 14:49:24 +0100
Obsolete in karmic-updates on 2013-03-04
Deleted in karmic-proposed on 2013-03-04 (Reason: moved to -updates)
asterisk (1:1.6.2.0~rc2-0ubuntu1.2) karmic-proposed; urgency=low

  * debian/patches/iax2-heavy-traffic-fix: Stops asterisk crashing on
    heavy traffic on iax2 channel, editing channels/chan_iax2.c.
    Based on upstream patch. (LP: #501116)
 -- Roberto D'Auria <email address hidden>   Tue, 29 Dec 2009 22:42:00 +0100
Superseded in karmic-updates on 2010-01-10
Obsolete in karmic-security on 2013-03-04
asterisk (1:1.6.2.0~rc2-0ubuntu1.1) karmic-security; urgency=low

  * SECURITY UPDATE: ACL not respected on SIP INVITE (LP: #491632).
    - debian/patches/AST-2009-007: Additional check in channels/chan_sip.c to
      check ACL for handling SIP INVITEs.  This blocks calls on networks
      intended to be prohibited, by configuration. Based on upstream patch.
    - AST-2009-007
    - CVE-2009-3723
  * SECURITY UPDATE: SIP responses expose valid usernames (LP: #491637).
    - debian/patches/AST-2009-008: Sanitise certain return of REGISTER message
      to stop a specially crafted series of requests returning valid usernames.
      Based on upstream patch.
    - AST-2009-008
    - CVE-2009-3727
  * SECURITY UPDATE:  RTP Remote Crash Vulnerability (LP: #493555).
    - debian/patches/AST-2009-010: Stops Asterisk from crashing when an RTP
      comfort noise payload containing 24 bytes or greater is recieved.
    - AST-2009-010
    - CVE-2009-4055
 -- Dave Walker (Daviey) <email address hidden>   Mon, 07 Dec 2009 12:23:36 +0000
Obsolete in jaunty-updates on 2013-02-28
Obsolete in jaunty-security on 2013-02-28
asterisk (1:1.4.21.2~dfsg-3ubuntu2.1) jaunty-security; urgency=low

  * SECURITY UPDATE: information leak in IAX2 authentication
    - added debian/patches/CVE-2009-0041: Adjust chan_iax2.c to fix
      information leak in IAX2 authentication. Based on upstream patch.
    - CVE-2009-0041
    - AST-2009-001

 -- Brian Thomason <email address hidden>   Tue, 06 Oct 2009 15:49:28 -0400
Obsolete in intrepid-updates on 2013-02-20
Obsolete in intrepid-security on 2013-02-20
asterisk (1:1.4.21.2~dfsg-1ubuntu3.1) intrepid-security; urgency=low

  * SECURITY UPDATE: information leak in IAX2 authentication
    - added debian/patches/CVE-2009-0041: Adjust chan_iax2.c to fix
      information leak in IAX2 authentication. Based on upstream patch.
    - CVE-2009-0041
    - AST-2009-001

 -- Brian Thomason <email address hidden>   Wed, 07 Oct 2009 14:31:11 -0400
Obsolete in hardy-updates on 2015-04-24
Obsolete in hardy-security on 2015-04-24
asterisk (1:1.4.17~dfsg-2ubuntu1.1) hardy-security; urgency=low

  * SECURITY UPDATE: ACK response spoofing
    - added debian/patches/CVE-2008-1897: Adjust chan_iax2.c to use a special
      id to prevent ACK response spoofing. Based on upstream patch.
    - CVE-2008-1897
    - AST-2008-006
  * SECURITY UPDATE: POKE request flooding
    - added debian/patches/CVE-2008-3263: Adjust chan_iax2.c to prevent
      'POKE' request flooding. Based on upstream patch.
    - CVE-2008-3263
    - AST-2008-010
  * SECURITY UPDATE: firmware packet flooding
    - added debian/patches/CVE-2008-3264: Adjust chan_iax2.c to prevent
      firmware packet flooding. Based on upstream patch.
    - CVE-2008-3264
    - AST-2008-011
  * SECURITY UPDATE: information leak in IAX2 authentication
    - added debian/patches/CVE-2009-0041: Adjust chan_iax2.c to fix
      information leak in IAX2 authentication. Based on upstream patch.
    - CVE-2009-0041
    - AST-2009-001
  * SECURITY UPDATE: SIP responses expose valid usernames
    - added debian/patches/CVE-2008-3903: Adjust chan_sip.c to make
      it more difficult to scan for available usernames.
    - CVE-2008-3903
    - AST-2009-003
  * SECURITY UPDATE: An attacker could hijack a manager session
    - added debian/patches/CVE-2008-1390: Adjust manager.c to
      never assign an invalid id of 0
    - CVE-2008-1390
    - AST-2008-005

 -- Brian Thomason <email address hidden>   Mon, 16 Mar 2009 17:52:11 -0400
Superseded in lucid-release on 2009-12-30
Obsolete in karmic-release on 2013-03-04
asterisk (1:1.6.2.0~rc2-0ubuntu1) karmic; urgency=low

  * New upstream version, upstream is now DFSG compliant.
    - ilibc has been removed upstream.
    - Music on Hold is now cc-by-sa.
    - binary firmware iaxy.bin has been removed upstream.
  * debian/rules: Santitised UPSTREAM variable for compatiability
    with Ubuntu and other variants.
  * debian/control: Removed Debian Vcs-Svn entry and replaced
    with ubuntu-voip Vcs-Bzr, to reflect divergence in packages.
  * patches/makefile_appdocs_dtd: Removed, merged upstream.
  * patches/disable_moh: Previosly disabled, removed from pool.
  * patches/ubuntu-banner: Ported debian-banner to display Ubuntu
    centric bug report information.
  * Refresh quilt patches

 -- Dave Walker (Daviey) <email address hidden>   Tue, 22 Sep 2009 16:22:14 +0100
175 of 132 results