Hi
On 06/09/2024 13:14, José Miguel Gonçalves wrote:
Hi all,
I was wondering, what is the current maintenance status of Asterisk on
Debian?
I see that there are packages published on unstable, but the current
version has a reported security vulnerability (CVE-2024-42365
<https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078574>) since
August 12, that was still not addressed.
Is the goal to still maintain Asterisk packages in Debian or there is
lack of man-power for that?
I'm using these packages since 2015 and I need to upgrade some servers
that I support form Asterisk 16 to 20 and I was wondering if could
continue to use Debian packages (even if I need to backport them from
unstable to bookworm) or if I need to go in other direction (find some
alternative Debian packaging, or compile/package it myself).
While on the subject of Asterisk.
PSTN is phased out rapidly over here. The only alternatives are VOIP and
GSM. So I had my old PSTN number ported to VOIP.
I'm currently using the Asterisk from Debian 11 / Bullseye on a 12 /
Bookworm system. You have to install libldap.4-2 and libssl1.1 from 11,
but it does work.
Is it also possible to use the Asterisk from 11 on a 13 / Trixie system
or does one need to build a backport?
I suppose the alternative would be to wait for 14 / Forky to become stable.
BTW, I always chown the files under /etc/asterisk/ to root:asterisk so
the process can't write to it's own config files. I don't use
functionality where Asterisk needs to write to these files.
Note: An update changes this back to asterisk:asterisk.
Regards,
Rob
