Launchpad has imported 3 comments from the remote bug at https://bugs.gentoo.org/show_bug.cgi?id=425050.
If you reply to an imported comment from within Launchpad, your comment will be sent to the remote bug automatically. Read more about Launchpad's inter-bugtracker facilities at https://help.launchpad.net/InterBugTracking. ------------------------------------------------------------------------ On 2012-07-06T12:32:21+00:00 J-ago wrote: http://downloads.asterisk.org/pub/security/AST-2012-010.html http://downloads.asterisk.org/pub/security/AST-2012-011.html Please bump 1.8.13.1 Reply at: https://bugs.launchpad.net/ubuntu/+source/asterisk/+bug/1022360/comments/0 ------------------------------------------------------------------------ On 2012-07-06T13:26:46+00:00 Chainsaw wrote: +*asterisk-10.5.2 (06 Jul 2012) +*asterisk-1.8.13.1 (06 Jul 2012) + + 06 Jul 2012; Tony Vroon <chain...@gentoo.org> -asterisk-1.8.13.0.ebuild, + -asterisk-1.8.13.0-r1.ebuild, +asterisk-1.8.13.1.ebuild, + -asterisk-10.5.1.ebuild, +asterisk-10.5.2.ebuild: + Upgrades on the 1.8 & 10 branches to address a potential resource leak when a + re-invite transaction is not completed (AST-2012-010) and on the 1.8 branch + only for a remote crash vulnerability in the voicemail application + (AST-2012-011). Both covered under CVE-2012-3812. Removed any non-stable + vulnerable ebuild. Arches, please test and mark stable: =net-misc/asterisk-1.8.13.1 Last arch, please remove: =net-misc/asterisk-1.8.12.1 Reply at: https://bugs.launchpad.net/ubuntu/+source/asterisk/+bug/1022360/comments/1 ------------------------------------------------------------------------ On 2012-07-06T15:10:02+00:00 J-ago wrote: amd64 stable Reply at: https://bugs.launchpad.net/ubuntu/+source/asterisk/+bug/1022360/comments/2 ** Changed in: asterisk (Debian) Status: Unknown => Fix Committed ** Changed in: gentoo Importance: Unknown => Low -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to asterisk in Ubuntu. https://bugs.launchpad.net/bugs/1022360 Title: (CVE-2012-3812) CVE-2012-3812 asterisk: Remote crash vulnerability in voice mail application (CVE-2012-3863) CVE-2012-3863 asterisk: Possible resource leak on uncompleted re-invite transactions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/asterisk/+bug/1022360/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
