Bug#610487: asterisk: AST-2011-001: buffer overflow in caller ID URI encoding

Moritz Mühlenhoff jmm at inutil.org
Thu Feb 10 22:01:54 UTC 2011


On Thu, Feb 10, 2011 at 08:02:48PM +0200, Faidon Liambotis wrote:
> Faidon Liambotis wrote:
> >I can do the uploads (lenny hasn't been uploaded either, right?) but I'm
> >afraid it'll be with minimal testing. Moritz, is that acceptable?
> >Certainly better than having a remote exploitable hole...
> >
> >I'm pondering whether I should remove my name from maintainer as well.
> >Tzafrir, perhaps you should do an RFH (or even O!) in e.g. debian-devel?
> 
> Since Tzafrir seems to be MIA(?), I've prepared updates for both
> lenny and squeeze. These are with minimal testing but changes are
> small and backported from upstream.
> 
> Should I upload to security-master?

Excellent, thanks for taking care. Please upload (remember that stable-security
needs to be build with -sa, since it's new in Squeeze)

Cheers,
        Moritz






More information about the Pkg-voip-maintainers mailing list