News for package asterisk

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 3.0 (quilt)
Source: asterisk
Binary: asterisk, asterisk-modules, asterisk-dahdi, asterisk-vpb, asterisk-voicemail, asterisk-voicemail-imapstorage, asterisk-voicemail-odbcstorage, asterisk-ooh323, asterisk-mp3, asterisk-mysql, asterisk-mobile, asterisk-doc, asterisk-dev, asterisk-config
Architecture: any all
Version: 1:13.14.1~dfsg-2+deb9u3
Maintainer: Debian VoIP Team <pkg-voip-maintainers@lists.alioth.debian.org>
Uploaders:  Bernhard Schmidt <berni@debian.org>, Daniel Pocock <daniel@pocock.com.au>, Jeremy Lainé <jeremy.laine@m4x.org>, Jonas Smedegaard <dr@jones.dk>, Mark Purcell <msp@debian.org>, Tzafrir Cohen <tzafrir@debian.org>
Homepage: http://www.asterisk.org/
Standards-Version: 3.9.8
Vcs-Browser: https://anonscm.debian.org/cgit/pkg-voip/asterisk.git
Vcs-Git: https://anonscm.debian.org/git/pkg-voip/asterisk.git
Build-Depends: autoconf, automake, autotools-dev, binutils-dev, dahdi-source, debhelper (>= 10), default-libmysqlclient-dev, dh-autoreconf, dh-systemd, freetds-dev, libasound2-dev, libavcodec-dev, libbluetooth-dev [linux-any], libc-client2007e-dev, libcap-dev [linux-any], libcurl4-openssl-dev | libcurl-dev, libedit-dev, libradcli-dev | libfreeradius-client-dev | libradiusclient-ng-dev, libgmime-2.6-dev, libgsm1-dev, libical-dev, libiksemel-dev, libjack-dev, libjansson-dev, libldap-dev, liblua5.1-0-dev, libncurses-dev, libneon27-gnutls-dev | libneon27-dev, libnewt-dev, libogg-dev, libopencore-amrnb-dev, libopencore-amrwb-dev, libopenr2-dev [linux-any], libopus-dev, libopusfile-dev, libpjproject-dev, libpopt-dev, libpq-dev, libpri-dev, libreadline-dev, libresample1-dev, libsdl-image1.2-dev, libspandsp-dev, libspeex-dev, libspeexdsp-dev, libsqlite0-dev, libsqlite3-dev, libsrtp-dev, libss7-dev, libssl-dev, libsystemd-dev [linux-any], libswscale-dev, libtonezone-dev [linux-any], liburiparser-dev, libvorbis-dev, libvpb-dev [linux-any], libxml2-dev, libxslt1-dev, portaudio19-dev, unixodbc-dev, uuid-dev, zlib1g-dev
Package-List:
 asterisk deb comm optional arch=any
 asterisk-config deb comm optional arch=all
 asterisk-dahdi deb comm optional arch=linux-any
 asterisk-dev deb devel extra arch=all
 asterisk-doc deb doc extra arch=all
 asterisk-mobile deb comm optional arch=linux-any
 asterisk-modules deb libs optional arch=any
 asterisk-mp3 deb comm optional arch=any
 asterisk-mysql deb comm optional arch=any
 asterisk-ooh323 deb comm optional arch=any
 asterisk-voicemail deb comm optional arch=any
 asterisk-voicemail-imapstorage deb comm optional arch=any
 asterisk-voicemail-odbcstorage deb comm optional arch=any
 asterisk-vpb deb comm optional arch=linux-any
Checksums-Sha1:
 ad3b0601910c7b9debd8edee25bcfe985666280f 6152096 asterisk_13.14.1~dfsg.orig.tar.xz
 7cede2dab885f7d544beca47354ee6d0f3040f6f 147444 asterisk_13.14.1~dfsg-2+deb9u3.debian.tar.xz
Checksums-Sha256:
 9f52c386cb3eec6f01af7f1e03818280870896defde0da9f8f032db351a642b7 6152096 asterisk_13.14.1~dfsg.orig.tar.xz
 e043c97d139f5ca68a350827dcee7d0882600603751bf016ab5967616344a65d 147444 asterisk_13.14.1~dfsg-2+deb9u3.debian.tar.xz
Files:
 6db73384168c17ebe6160ba96c5c6209 6152096 asterisk_13.14.1~dfsg.orig.tar.xz
 a2a7e711b59887e8bd678517dcca6d2e 147444 asterisk_13.14.1~dfsg-2+deb9u3.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQGzBAEBCAAdFiEEjhGGa0mM+W3ykQJyjv1MLwMloM4FAlpGXVEACgkQjv1MLwMl
oM4IiAwAhr8ZpKD3wnnq+0lfZmfbdL5nIASmHBl8CsEqeBYc/6dR8qmM7QjEx/JT
Dw+Bp1n/KK8ATir4nH+1sitMIC/JwNPIucVxRcp15il5jcVqrCjQMPTMW7FpopnD
+QKcj5jRMo0eGi/cl5voTTm7POUXdq6z+Cnou01EQ2RUmNEVL/JSHqeFlI6K8ULY
wGDeUV+gLzZ6oZOLNaPrg+HcHGM1+JR7xYKDcBZ9pJZuo/aR5m/n6EkzuyCsXRHf
C6FNc9sKmBg01iHPr+t1N0+8GCZXCUi0+29MqGDG7B3qgPuY5eMylRfqE8BHDeHv
SvrGS9ixKO33aJseRSMCgtrJl8XVFq6HW8lD8vW3QcATI9g3G3Dx+gP08asV6GMt
1YaxnFK1hUMlbgt+pnBvxVMmOf/f+kGm1IXWSYYI/RI85VvRHc319A7CE+8Gl36j
vGdJTa/TcXEvcx7JpPR49RvStoHlkesiXVcPWDUPiabwKamiKVYj3pfFwXi93NKe
rrLduDap
=vbmM
-----END PGP SIGNATURE-----

<span id="changes">Changes:</span>
asterisk (1:13.14.1~dfsg-2+deb9u3) stretch-security; urgency=medium

  [ Tzafrir Cohen ]
  * AST-2017-009: ignored for the record.
  * AST-2017-010 / CVE-2017-16671: Buffer overflow in CDRs (call logs)
    (Closes: #881257)
  * AST-2017-011 / CVE-2017-16672: Memory/File Descriptor/RTP leak in
    pjsip session resource (Closes: #881256)
  * AST-2017-012 / CVE-2017-17664: Remote Crash Vulnerability in RTCP Stack
    (Closes: #884345)
  * AST-2017-013 / CVE-2017-17090: DoS (memory leak) in chan_skinny
    (Closes: #883342)
  * ASTERISK-26606.patch: fix openssl error reporting (Closes: #883767)
  * debian/.gitignore: typo
  * gbp.conf: set branch name

  [ Bernhard Schmidt ]
  * Drop duplicate filter line from d/gbp.conf

 -- Tzafrir Cohen <tzafrir@debian.org>  Fri, 29 Dec 2017 16:27:08 +0200