Format: 1.8
Date: Mon, 07 Dec 2009 12:23:36 +0000
Source: asterisk
Binary: asterisk asterisk-h323 asterisk-doc asterisk-dev asterisk-dbg asterisk-sounds-main asterisk-config
Architecture: armel
Version: 1:1.6.2.0~rc2-0ubuntu1.1
Distribution: karmic
Urgency: low
Maintainer: Ubuntu/armel Build Daemon <buildd@jaboticaba.buildd>
Changed-By: Dave Walker (Daviey) <DaveWalker@ubuntu.com>
Description: 
 asterisk   - Open Source Private Branch Exchange (PBX)
 asterisk-config - Configuration files for Asterisk
 asterisk-dbg - Debugging symbols for Asterisk
 asterisk-dev - Development files for Asterisk
 asterisk-doc - Source code documentation for Asterisk
 asterisk-h323 - H.323 protocol support for Asterisk
 asterisk-sounds-main - Core Sound files for Asterisk (English)
Changes: 
 asterisk (1:1.6.2.0~rc2-0ubuntu1.1) karmic-security; urgency=low
 .
   * SECURITY UPDATE: ACL not respected on SIP INVITE (LP: #491632).
     - debian/patches/AST-2009-007: Additional check in channels/chan_sip.c to
       check ACL for handling SIP INVITEs.  This blocks calls on networks
       intended to be prohibited, by configuration. Based on upstream patch.
     - AST-2009-007
     - CVE-2009-3723
   * SECURITY UPDATE: SIP responses expose valid usernames (LP: #491637).
     - debian/patches/AST-2009-008: Sanitise certain return of REGISTER message
       to stop a specially crafted series of requests returning valid usernames.
       Based on upstream patch.
     - AST-2009-008
     - CVE-2009-3727
   * SECURITY UPDATE:  RTP Remote Crash Vulnerability (LP: #493555).
     - debian/patches/AST-2009-010: Stops Asterisk from crashing when an RTP
       comfort noise payload containing 24 bytes or greater is recieved.
     - AST-2009-010
     - CVE-2009-4055
Checksums-Sha1: 
 79dfabfd6093afdd409c5a3e3559425c6f54588e 3632792 asterisk_1.6.2.0~rc2-0ubuntu1.1_armel.deb
 5a722fd7a0d0509550278d686a02dca8bfbe8ef4 439290 asterisk-h323_1.6.2.0~rc2-0ubuntu1.1_armel.deb
 149ee16601d0427dfd06ee68f99bf8a386ec46cb 21253512 asterisk-dbg_1.6.2.0~rc2-0ubuntu1.1_armel.deb
Checksums-Sha256: 
 fa3145a5f601479103c275f9aa84f7e7f231b74880291a42acc59233321cb092 3632792 asterisk_1.6.2.0~rc2-0ubuntu1.1_armel.deb
 6e9515cf3355159af114d6e72913850d932a6cdfd36b86bf4e1177f6148ef220 439290 asterisk-h323_1.6.2.0~rc2-0ubuntu1.1_armel.deb
 31c97605fe4254b4c36022d3120086edb8cd5abf5335e97b2b92e7113d6cdfce 21253512 asterisk-dbg_1.6.2.0~rc2-0ubuntu1.1_armel.deb
Files: 
 39364c95649251e4eedf2a11d8d26d63 3632792 comm optional asterisk_1.6.2.0~rc2-0ubuntu1.1_armel.deb
 3f6956c8605b808299b4b5a035f41fd7 439290 comm optional asterisk-h323_1.6.2.0~rc2-0ubuntu1.1_armel.deb
 264c054f3568a167f2bae5aafb660e1b 21253512 debug extra asterisk-dbg_1.6.2.0~rc2-0ubuntu1.1_armel.deb
Launchpad-Bugs-Fixed: 491632 491637 493555
Original-Maintainer: Debian VoIP Team <pkg-voip-maintainers@lists.alioth.debian.org>