Bug#876328 Proposed diffs for asterisk CVE-2017-14603
Bernhard Schmidt
berni at debian.org
Sat Sep 30 20:24:58 UTC 2017
On 23.09.2017 22:27, Bernhard Schmidt wrote:
Hi,
> please find attached the proposed debdiffs for CVE-2017-14603 for both
> Jessie and Stretch.
>
> Unfortunately I'm going on vacation tomorrow and I did not have much
> time to test the resulting packages yet. They have been loaded onto my
> employers PBX and I hope it won't explode.
>
> For jessie two small context fixups in the patch provided upstream were
> necessary, but they were quite straight forward. This is a seperate
> commit in git
>
> https://anonscm.debian.org/cgit/pkg-voip/asterisk.git/commit/?h=jessie&id=a0ab9219574dffe30961656127efdaf60ed23e69
>
> For stretch I'd like to include a small non-security fix for one-way
> audio with chan_sip. This has been acked by the SRM in Bug#875604
>
> Both versions are ready to be uploaded in the git repository. I can
> either take care of this next weekend or someone else does the upload.
I'm back from vacation and am ready to do the upload. Has anyone
reviewed the diffs?
I have not received any complaints from my employer for the week it has
been running there, so I hope it should be fine.
Bernhard
More information about the Pkg-voip-maintainers
mailing list