RFT: asterisk lenny upload

[Faidon Liambotis]

Hi all,

I've prepared a stable upload for asterisk. Since there are multiple
changes, I'd appreciate some testing before uploading to s-p-u. The
changelog is as follows:

  asterisk (1:1.4.21.2~dfsg-3+lenny1) stable-proposed-updates; urgency=low
  .
    * Multiple security fixes:
      - "Information leak in IAX2 authentication", AST-2009-001, CVE-2009-0041.
      - "Remote Crash Vulnerability in SIP channel driver", AST-2009-002.
      - "SIP responses expose valid usernames", AST-2009-003, CVE-2008-3903.
        (Closes: #522528)
      - "SIP responses expose valid usernames", AST-2009-008, CVE-2009-3727.
        (Closes: #554487)
      - Stop shipping old static-http code in examples. Among other things, it
        includes a vulnerable version of the prototype Javascript library.
        AST-2009-009, CVE-2008-7220. (Closes: #554486)
    * Fix broken IAX2 sequence number generation, an upstream regression of
      AST-2008-010's fix, included in the previous release of ours.
    * Backport a patch that fixes severe problems when using IAX2 encryption.
      Thanks to Francois Marier. (Closes: #521641)
    * Fix a data loss bug in which recorded calls using MixMonitor() were
      recorded at high speed. (Closes: #535968)
    * bristuff: don't priority jump to n+201 if priority jumping is disabled.
      Thanks to Tim Retout. (Closes: #537055)
    * bristuff: fix uniqueid generation when system name is not defined.
      Thanks to Wolfgang Pichler. (Closes: #554820)
    * Create the /usr/share/asterisk/agi-bin directory. (Closes: #463983)

You can fetch the new release from:

http://people.debian.org/~paravoid/asterisk-lenny1/

Please test ASAP, as I intend to send the mail to debian-release the
latest by next week.

Thanks,
Faidon