-
asterisk (1:16.16.1~dfsg-2) unstable; urgency=high
* CVE-2021-32558 / AST-2021-008 (Closes: #991710)
If the IAX2 channel driver receives a packet that contains an unsupported
media format it can cause a crash to occur in Asterisk
* CVE-2021-32686 / AST-2021-009 (Closes: #991931)
pjproject/pjsip: crash when SSL socket destroyed during handshake
-- Bernhard Schmidt <email address hidden> Fri, 06 Aug 2021 15:35:20 +0200
-
asterisk (1:16.16.1~dfsg-1build1) impish; urgency=medium
* No-change rebuild due to OpenLDAP soname bump.
-- Sergio Durigan Junior <email address hidden> Mon, 21 Jun 2021 17:44:01 -0400
-
asterisk (1:16.16.1~dfsg-1) unstable; urgency=medium
* New minor upstream version 16.16.1~dfsg
- CVE-2020-35776 / AST-2021-001 (Closes: #983158)
Remote crash in res_pjsip_diversion
- CVE-2021-26717 / AST-2021-002 (Closes: #983157)
Remote crash possible when negotiating T.38
- CVE-2021-26712 / AST-2021-003
Remote attacker could prematurely tear down SRTP calls
- CVE-2021-26713 / AST-2021-004
An unsuspecting WebRTC user could crash Asterisk with multiple
hold/unhold requests
- CVE-2021-26906 / AST-2021-005 (Closes: #983159)
Remote Crash Vulnerability in PJSIP channel driver
-- Bernhard Schmidt <email address hidden> Mon, 22 Feb 2021 21:45:24 +0100