-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 06 Aug 2021 15:35:20 +0200 Source: asterisk Architecture: source Version: 1:16.16.1~dfsg-2 Distribution: unstable Urgency: high Maintainer: Debian VoIP Team <pkg-voip-maintainers@lists.alioth.debian.org> Changed-By: Bernhard Schmidt <berni@debian.org> Closes: 991710 991931 Changes: asterisk (1:16.16.1~dfsg-2) unstable; urgency=high . * CVE-2021-32558 / AST-2021-008 (Closes: #991710) If the IAX2 channel driver receives a packet that contains an unsupported media format it can cause a crash to occur in Asterisk * CVE-2021-32686 / AST-2021-009 (Closes: #991931) pjproject/pjsip: crash when SSL socket destroyed during handshake Checksums-Sha1: fb0b4469160b4de496c70f11651d8200e78f54ed 4201 asterisk_16.16.1~dfsg-2.dsc 090a55a66d48f81af44ab87c05ff298f2f5b6904 5953392 asterisk_16.16.1~dfsg-2.debian.tar.xz 56f3f97ccdc63b567a1470e4e8177c73b87fc10d 27220 asterisk_16.16.1~dfsg-2_amd64.buildinfo Checksums-Sha256: 101fed7a56cd8ff8134a259ab9ace703ec668d3a3c49ccfe8642660678039d1c 4201 asterisk_16.16.1~dfsg-2.dsc e71bd3ba072e972fae139e4034b1cb754462d87e6497bf2110bdd20b8b8db75d 5953392 asterisk_16.16.1~dfsg-2.debian.tar.xz 21b31488ea06d219818303f3c9e8829b0a0d1c551c9276e00a24758548cfa89e 27220 asterisk_16.16.1~dfsg-2_amd64.buildinfo Files: 64f9639acc462fe9f4317ecd1fff4064 4201 comm optional asterisk_16.16.1~dfsg-2.dsc c9f8767a901f071ccc9cb1601b0d0716 5953392 comm optional asterisk_16.16.1~dfsg-2.debian.tar.xz 4f3170154c94066df1d4dea5f5ebb5a2 27220 comm optional asterisk_16.16.1~dfsg-2_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQJFBAEBCgAvFiEE1uAexRal3873GVbTd1B55bhQvJMFAmENQboRHGJlcm5pQGRl Ymlhbi5vcmcACgkQd1B55bhQvJO/vBAAlv3WzhViB/D4PT4kFgBe8bJRlqlQLj4A 4up4A5X03OBDipEe3XMK4U/h6zpVaJXxIjOQ5u8o8Y53GJhLwzp350AUKzruSH2w EThD+xdyUTJVmwxTr3mhUbtEW+yBkKB+zZitCWJFYQxzSrqfacISzszentOaba33 bjLtMrzb3HX9qn0BqGALm6o05Hc2AiU+zz3cwLr9dRo6njnxrGYgTAN0HT4erl9A n1hi7NctJ8qT0Ws093A0PvHmoCAFr51ap6vwfbAFbMXy8Ef/q9vCWqJRwkwWpBVc nOCNvwqAYKlduVeA+q06wLpwUNDWIpLo+irXfVsHubYXYpvnHFPfqrrhtxsI4+Z/ fPPCIu0sPZNx9/i6rQC4TQb3IgL4CjeOtv2YNwSbNCSsHvjyDYslL2jJphi18uai c7rwoL+MeF/5+XvgUSa3Vjc26kZSNBybxTHhyJn+fcFEOcgZUsK3IcL/dw8oPReZ giMguyPERAmlheeao2nl/vYeH29yu38ghlOFY6KUFHzwvGd8Su4vowDviCUO8Axm W6iAOxQtDKb87VW0uTLCSufwkQF1DLNkr2WsTrVQiKJ88Ugby2lW6hb8HGfxR9SZ gEUO150r5sfzqUFaz0Gj5l+dVfR/FmNRijZX5wx2BlQTBajTO38DiJ7pHIeAFSBE 3tluT8yVNG0= =jBZ0 -----END PGP SIGNATURE-----