Re: About the security issues affecting asterisk in Wheezy
Hi
Salvatore has updated this for you. No need to make an action on your part.
// Ola
On 12 November 2017 at 10:14, Tzafrir Cohen <tzafrir@cohens.org.il> wrote:
> Thanks for the note,
>
> On Sat, Nov 11, 2017 at 07:17:04PM +0100, Ola Lundqvist wrote:
>> Dear maintainers,
>>
>> The Debian LTS team recently reviewed the security issue(s) affecting your
>> package in Wheezy:
>> https://security-tracker.debian.org/tracker/CVE-2017-16672
>
> The issue is about handling of a SIP INVITE message in Asterisk code
> that is related to the external pjsip library.
>
> Pjsip was not linked at all with Asterisk in 1.8 (Wheezy) and was not
> used for SIP in Asterisk 11 (Jessie).
>
> How should I mark it so? Mark versions 1:11.13.1~dfsg-2+deb8u2 and
> 1:1.8.13.1~dfsg1-3+deb7u3 as fixed?
>
> --
> Tzafrir Cohen | tzafrir@jabber.org | VIM is
> http://tzafrir.org.il | | a Mutt's
> tzafrir@cohens.org.il | | best
> tzafrir@debian.org | | friend
--
--- Inguza Technology AB --- MSc in Information Technology ----
/ ola@inguza.com Folkebogatan 26 \
| opal@debian.org 654 68 KARLSTAD |
| http://inguza.com/ Mobile: +46 (0)70-332 1551 |
\ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 /
---------------------------------------------------------------
Reply to: