-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 23 Nov 2020 13:19:33 +0100 Source: asterisk Architecture: source Version: 1:16.15.0~dfsg-1 Distribution: unstable Urgency: medium Maintainer: Debian VoIP Team <pkg-voip-maintainers@lists.alioth.debian.org> Changed-By: Bernhard Schmidt <berni@debian.org> Closes: 974712 974713 Changes: asterisk (1:16.15.0~dfsg-1) unstable; urgency=medium . * New upstream version 16.15.0~dfsg. fixes to CVEs - CVE-2020-28327 / AST-2020-001 (Closes: #974712) Remote crash in res_pjsip_session - CVE-2020-28242 / AST-2020-002 (Closes: #974713) Outbound INVITE loop on challenge with different nonce Checksums-Sha1: caa3c7eb55b2a155c29e6a17d93b29734b61e9ea 4201 asterisk_16.15.0~dfsg-1.dsc 0b5e6a6ecb5ac0982b19ce40fa43dc213af3640f 7055260 asterisk_16.15.0~dfsg.orig.tar.xz 80571a38653c22eeed04375fe2ec87a2518ccdf0 5948824 asterisk_16.15.0~dfsg-1.debian.tar.xz 21a4003384cc2350b5ab3966bd1fedb760e98769 27594 asterisk_16.15.0~dfsg-1_amd64.buildinfo Checksums-Sha256: 5381cf6d4291b2411d42cdd3d9fdf1d297e5d4c3862edb51cd0d2591b5c0120e 4201 asterisk_16.15.0~dfsg-1.dsc 5477053d914b7391c761d3b09c5cde6e79997fb2092258b13fdd30a5ac670f1f 7055260 asterisk_16.15.0~dfsg.orig.tar.xz 35f8ca546a746aceeaa5b015236d546feb2116ce6c7a8428ba83d23e356a8fbe 5948824 asterisk_16.15.0~dfsg-1.debian.tar.xz a69737a07b3aa84694792fff74ae5a711995b5ab94cbd31d7ee2dc25e24da218 27594 asterisk_16.15.0~dfsg-1_amd64.buildinfo Files: f4eb8479c11a52494a5ae1ae237860a6 4201 comm optional asterisk_16.15.0~dfsg-1.dsc f993a66d6161e506a4a6debfab64113f 7055260 comm optional asterisk_16.15.0~dfsg.orig.tar.xz fe2450936480b356e920763c0abaa0fb 5948824 comm optional asterisk_16.15.0~dfsg-1.debian.tar.xz ff0267f74f37b2f25b8d01cc166c0582 27594 comm optional asterisk_16.15.0~dfsg-1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQJFBAEBCgAvFiEE1uAexRal3873GVbTd1B55bhQvJMFAl+7r44RHGJlcm5pQGRl Ymlhbi5vcmcACgkQd1B55bhQvJN0yBAAiOR1qsvtiRh1S1J7qDouW0ImOmo0L8rK 9PDCYsBKtX2B8TEm89RG4M3b/OgTINkJR17VTT4mTUfJCMYhtFWMPdG7QlvaSooP D68YutPq3jNuUuCJp+B/C7EVppyusCePeTC86Ukdds000MIMVIHCRUVruLFijxHx Qjt4+ulLM5j/cNGI36Xq71rupS41Cq9+Xm6NNmOPcXWQRwpJuKXMxngLpZ0Nukl1 qZeFQV47oZLNfsHBWq2lPp0Oj9LSbyJb5cgSm6kZzIiHFQ/iIVdoLGRze51O7Ri2 ADPQTbcOanRIuOQnkuY6jlnH3iNJVcN3VZMoZEISPNUeEUza0/mxgv7sXPjbS1qC dnKNeTL43ed1E7rOGthXfZrAu8Ej+TZ9+i8UZPeNbG89CnWFzsMexxUfrkqbvRGo da02SKIrT8HLpkm5Wj0KSXF1o+feSx3cvSmXyeBzTLh8AFB8qAWH7kcP4VtNyVrH dV2zFzm+YCBkC/8IYy0v4ZogHXncwEUFHCriDX9JBjD/zGuUX00jrucsH2P26R6j ZDobloRFuPtYa3RFuUxzru/egfKTyP5itmCEpKYGMM6pb2TuRWFOiPWVpLy8FHQy IHnQaoY3Nzg/4FVoA5y5RCFVM1nCEr4fT8XAJvF9NRoKW2XM+2nO2E46swbxsNAp kV0NkPwwSY8= =AtT1 -----END PGP SIGNATURE-----