Back to asterisk PTS page

Accepted asterisk 1:16.28.0~dfsg-0+deb10u3 (source) into oldstable

To: dispatch@tracker.debian.org, debian-lts-changes@lists.debian.org
Subject: Accepted asterisk 1:16.28.0~dfsg-0+deb10u3 (source) into oldstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Tue, 18 Apr 2023 22:00:20 +0000
Debian: DAK
Debian-architecture: source
Debian-archive-action: accept
Debian-changes: asterisk_16.28.0~dfsg-0+deb10u3_source.changes
Debian-source: asterisk
Debian-suite: oldstable
Debian-version: 1:16.28.0~dfsg-0+deb10u3
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.seger; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=HaWeqc5QB9bh4CjY1Axg2cuvBN09tmlywyDEMd2VLXo=; b=kYItDlBAsCRK/Em5MQTXGb80I5 5wgkfv6vP8Sve5oZa0sR0kDvm+mL9z6xTYarVCUBTyE/B0BhfC9sq7SOiyMBuROti2yzdSJ/PUp1r J39cL7w13SdIVwu3JSQQrUFxSlqJWpkaNrJrvQ/j41HU6h+G8fxN6Fayj/9HXIdcrD3WA5/v+V+iv 8vahEb8CJ2orhN08Ott73+nIWQUPNBTdezRzsPUt8N/T9cZ4MgwE8aZDtwcUU9jjlggq+YikqD5yN Hyi2NPCYe0cUJcnXRXNjFhttBRRrqEnq9fQI/q2l103qCCGioJ1NgddDFZldbkhV3SdbTziCARD7K 2dRiAB/w==;
Mail-followup-to: debian-lts@lists.debian.org
Message-id: <E1potN6-00C6yk-6x@seger.debian.org>
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 18 Apr 2023 23:36:00 CEST
Source: asterisk
Architecture: source
Version: 1:16.28.0~dfsg-0+deb10u3
Distribution: buster-security
Urgency: high
Maintainer: Debian VoIP Team <pkg-voip-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Checksums-Sha1:
 1672858ecd6a66255fff6436d9ca890e5b31fa2d 4397 asterisk_16.28.0~dfsg-0+deb10u3.dsc
 772055eb4ace0f489628d40941f16b8a799d16f5 6836816 asterisk_16.28.0~dfsg-0+deb10u3.debian.tar.xz
 150a202a01f40d38f458f24ae59893d3e21f5e84 28792 asterisk_16.28.0~dfsg-0+deb10u3_amd64.buildinfo
Checksums-Sha256:
 2ebf924dc7f1f2f38bf7aebea0f02232cb5613d56373d9ac3ba7b9900021bb4c 4397 asterisk_16.28.0~dfsg-0+deb10u3.dsc
 5dc46f3c3e48f2c0e7e548423829f58f22661658cea6a1f72410316ea7a990dd 6836816 asterisk_16.28.0~dfsg-0+deb10u3.debian.tar.xz
 61e6890f00cbcb38bf53f9eba4ab55f2f04455d3f0ef9cab2b555f98f7d31e30 28792 asterisk_16.28.0~dfsg-0+deb10u3_amd64.buildinfo
Changes:
 asterisk (1:16.28.0~dfsg-0+deb10u3) buster-security; urgency=high
 .
   * Non-maintainer upload by the LTS team.
   * Fix CVE-2023-27585:
     A flaw was found in Asterisk, an Open Source Private Branch Exchange. A
     buffer overflow vulnerability affects users that use PJSIP DNS resolver.
     This vulnerability is related to CVE-2022-24793. The difference is that
     this issue is in parsing the query record `parse_query()`, while the issue
     in CVE-2022-24793 is in `parse_rr()`. A workaround is to disable DNS
     resolution in PJSIP config (by setting `nameserver_count` to zero) or use
     an external resolver implementation instead.
Files:
 28e52b2865918cba1d59ca96e1d2ec00 4397 comm optional asterisk_16.28.0~dfsg-0+deb10u3.dsc
 c7776fc1914220ec693a2048d1b3d774 6836816 comm optional asterisk_16.28.0~dfsg-0+deb10u3.debian.tar.xz
 155beb206086919aded863e1e1293d5c 28792 comm optional asterisk_16.28.0~dfsg-0+deb10u3_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmQ/DnhfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1Hk6bEP/jfAgCyc/sZmCxRwloeAN8k02hToEGVoec+y
sw4dDUDEeCwkukIMVhWby3GU94Jke3psURepU/oeuqU8vT3QgCMzihFwzo5K9I2+
qZosnrtpzOgcWz3dyjg/o5Z0x98ugQ7mIf+fSmPd0luR2aGP5uJ8T1lzdi5/rvpy
qRD5SoHI7/WcmXyKgC3U1op3fQMCbYQgeEF20+uHZXvML3tC21xdhnoSZZPAJ5z0
RJefcVdLKh+TqtQUZIOXJtJPX33DuTYi0Tu1Rv3uk7SDn0wtucazSx0zLcFhNTng
Hfv0DEI8ujJ40F2e4cM+2bzCuMkUBWnxQJw9ofa5eJ7aO5PrYEwArxbxoX+qaEWk
Dy2OIavnyM0JCge8+OJU4XwJmVCrOShas+nJtAOymPVs5VOci6Ki4pdjQr2WGhWQ
8nbHG+a0EvaegtyYA6wwJa6KF5hnom6bQlH37nj6tcWx5yf3lf9ahnCjQEaoGEXy
kVD0r2/iTZmzo/pqI7dc/yAjCyeJDCVUztu+invp86qCkdVZ2I7Y1UVQ4rri8TmC
gNZpkcZ5nzhmxhEamQIGH4E9iIGNyoKHRfxAC4blhdt9SPXuMXjiK5q1BnVpBeoN
ec15fJEAEoxZSxin/Dq30AOdvhTFgqQOtPjWTMGRCUfwemVsE/7Q7x3GxXGUg9gL
AM6zI16F
=IQ8s
-----END PGP SIGNATURE-----