On 13/01/13 21:36, Thijs Kinkhorst wrote: > ------------------------------------------------------------------------- > Debian Security Advisory DSA-2605-1 security@debian.org > http://www.debian.org/security/ Thijs Kinkhorst > January 13, 2013 http://www.debian.org/security/faq > ------------------------------------------------------------------------- > > Package : asterisk > Vulnerability : several issues > Problem type : remote > Debian-specific: no > CVE ID : CVE-2012-5976 CVE-2012-5977 > Debian Bug : 697230 > > Several vulnerabilities were discovered in Asterisk, a PBX and telephony > toolkit, that allow remote attackers to perform denial of service > attacks. > > For the stable distribution (squeeze), these problems have been fixed in > version 1:1.6.2.9-2+squeeze9. > > For the testing distribution (wheezy) and unstable distribution (sid), > these problems will be fixed soon. > > We recommend that you upgrade your asterisk packages. > > Further information about Debian Security Advisories, how to apply > these updates to your system and frequently asked questions can be > found at: http://www.debian.org/security/ > > Mailing list: debian-security-announce@lists.debian.org > > Seems that the upgrade is causing some serious issues (segfaults) on stable: http://bugs.debian.org/698118 http://bugs.debian.org/698112
Attachment:
signature.asc
Description: OpenPGP digital signature