Re: testing asterisk for Wheezy LTS

To: Thorsten Alteholz <debian@alteholz.de>, debian-lts@lists.debian.org
Subject: Re: testing asterisk for Wheezy LTS
From: Antoine Beaupré <anarcat@orangeseeds.org>
Date: Tue, 17 May 2016 11:26:24 -0400
Message-id: <[🔎] 8760uceme7.fsf@angela.anarcat.ath.cx>
In-reply-to: <alpine.DEB.2.02.1604241947280.30327@jupiter.server.alteholz.net>
References: <alpine.DEB.2.02.1604241947280.30327@jupiter.server.alteholz.net>

On 2016-04-24 13:56:06, Thorsten Alteholz wrote:
> Hi everybody,
>
> I uploaded version 1.8.13.1~dfsg1-3+deb7u4 of asterisk to:
>   https://people.debian.org/~alteholz/packages/wheezy-lts/asterisk/amd64/
>   https://people.debian.org/~alteholz/packages/wheezy-lts/asterisk/i386/
>
> Please give it a try and tell me about any problems you met.

Could you clarify why CVE-2014-4047 and CVE-2014-2287 were not included
in this upload?

Both are what seem to be serious enough DOS attacks, and are not marked
no-dsa or anything. You are still assigned the package in dla-needed.txt
so for now I'll assume you will complete the work, but please do update
the status correctly next time, or let us know of what the next steps
are.

A.

-- 
The lazy man does not stand in the way of progress. When he sees
progress roaring down upon him he steps nimbly out of the way
                         - Christopher Morley, "On Laziness"

Reply to:

Follow-Ups:
- Re: testing asterisk for Wheezy LTS
  - From: Thorsten Alteholz <debian@alteholz.de>

Prev by Date: Re: libidn test packages [resent]
Next by Date: Re: [Secure-testing-commits] r41743 - data/CVE
Previous by thread: Re: testing asterisk for Wheezy LTS
Next by thread: Re: testing asterisk for Wheezy LTS
Index(es):
- Date
- Thread