Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted asterisk 1:20.9.3~dfsg+~cs6.14.60671435-1 (source) into unstable
Date: Sat, 07 Sep 2024 21:04:48 +0000
Signed by: Jonas Smedegaard <js@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 07 Sep 2024 22:14:21 +0200
Source: asterisk
Architecture: source
Version: 1:20.9.3~dfsg+~cs6.14.60671435-1
Distribution: unstable
Urgency: high
Maintainer: Debian VoIP Team <pkg-voip-maintainers@lists.alioth.debian.org>
Changed-By: Jonas Smedegaard <dr@jones.dk>
Closes: 1078574
Changes:
 asterisk (1:20.9.3~dfsg+~cs6.14.60671435-1) unstable; urgency=high
 .
   [ upstream ]
   * new release(s)
     + add entries to Originate blacklist;
       CVE-2024-42365;
       closes: bug#1078574, thanks to Salvatore Bonaccorso
     + test for NULL ub_result in unbound_resolver_callback;
       CVE-2024-42491
 .
   [ Jonas Smedegaard ]
   * fix minor privilege escalation; thanks to Niels Galjaard
   * update watch file: track mp3 component from git clone
   * unfuzz patch 2012
   * set urgency=high due to security-related bugfixes
Checksums-Sha1:
 3fe5e9180f43555bec8ca7c5cae590a689975617 5350 asterisk_20.9.3~dfsg+~cs6.14.60671435-1.dsc
 450b21cbdd4f92f333b02d202e445b443acb0b2a 11268 asterisk_20.9.3~dfsg+~cs6.14.60671435.orig-Xamr.tar.xz
 3d0a0b6cd89a39935fd096e2ef6e79ba8302c8eb 22024 asterisk_20.9.3~dfsg+~cs6.14.60671435.orig-Xmp3.tar.xz
 efd36da4be8883797c8ccb0ca1a41b933c1f19c9 22548 asterisk_20.9.3~dfsg+~cs6.14.60671435.orig-Xopus.tar.xz
 cb340d770d39567f887f0a81e96d35e43360b5ed 6343840 asterisk_20.9.3~dfsg+~cs6.14.60671435.orig-Xpjproject.tar.xz
 9c15c81d8106a5f95d1463034b155ba67c6cdccc 7362692 asterisk_20.9.3~dfsg+~cs6.14.60671435.orig.tar.xz
 45cada41712eec20574c000e06153ec8fe958ee4 136192 asterisk_20.9.3~dfsg+~cs6.14.60671435-1.debian.tar.xz
 ad1772535c2e72ce90d03701f042286d02c89f1a 25080 asterisk_20.9.3~dfsg+~cs6.14.60671435-1_amd64.buildinfo
Checksums-Sha256:
 768fc371867d258cbf1f2eb2978d09795ae6fb9777d6dae0b6231f0faf674756 5350 asterisk_20.9.3~dfsg+~cs6.14.60671435-1.dsc
 ba0e753d9e008ad4d55c112dd0dd628fa3ce57e85f7ca5ff117fdc47e90021d8 11268 asterisk_20.9.3~dfsg+~cs6.14.60671435.orig-Xamr.tar.xz
 a5316a4cf442be734e050d6fcd28ee23d7057d0cc546413aa75872b84e979f21 22024 asterisk_20.9.3~dfsg+~cs6.14.60671435.orig-Xmp3.tar.xz
 1dc2659ade0eb9207a5d22df188690d1528e74374f1e0dbef4a74d824c90c9cf 22548 asterisk_20.9.3~dfsg+~cs6.14.60671435.orig-Xopus.tar.xz
 faa3dcf960be6d0b96c21d46d2135e4cf047802bc39004b042c51fd6d41070e1 6343840 asterisk_20.9.3~dfsg+~cs6.14.60671435.orig-Xpjproject.tar.xz
 800f6352418d13be892114d7e111034952e6c45f7d5ef31c1fc3738357fbccb5 7362692 asterisk_20.9.3~dfsg+~cs6.14.60671435.orig.tar.xz
 0049e3dc4ebe06b7e6cfba7d04d5b7b0250899b00fbee91d115acb8ae5dd0fa1 136192 asterisk_20.9.3~dfsg+~cs6.14.60671435-1.debian.tar.xz
 d43ec3f4c9edfe3a8cbe9e68377217dcc0dbfd859199b8056ad9970eb0831854 25080 asterisk_20.9.3~dfsg+~cs6.14.60671435-1_amd64.buildinfo
Files:
 90b2bd72589620b16c8891f2fa4268ae 5350 comm optional asterisk_20.9.3~dfsg+~cs6.14.60671435-1.dsc
 2f288da7d163b555955e1351203cb972 11268 comm optional asterisk_20.9.3~dfsg+~cs6.14.60671435.orig-Xamr.tar.xz
 5bdeadbbd8e5b6cc2f65a846e6859b7e 22024 comm optional asterisk_20.9.3~dfsg+~cs6.14.60671435.orig-Xmp3.tar.xz
 a28346e11689859feea371218e977f53 22548 comm optional asterisk_20.9.3~dfsg+~cs6.14.60671435.orig-Xopus.tar.xz
 d97bc16dd8abacb0bcf4b816da13573e 6343840 comm optional asterisk_20.9.3~dfsg+~cs6.14.60671435.orig-Xpjproject.tar.xz
 96d1fb65177e1dcce29eea9d348736bf 7362692 comm optional asterisk_20.9.3~dfsg+~cs6.14.60671435.orig.tar.xz
 7aa37871dccc0244db26197b383ed076 136192 comm optional asterisk_20.9.3~dfsg+~cs6.14.60671435-1.debian.tar.xz
 aa39013d223d893886cd1a9680e3dad9 25080 comm optional asterisk_20.9.3~dfsg+~cs6.14.60671435-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJABAEBCgAqFiEEn+Ppw2aRpp/1PMaELHwxRsGgASEFAmbcuioMHGRyQGpvbmVz
LmRrAAoJECx8MUbBoAEhiv8P/1b1IuZyMV+crokpTsB/AkuUHZYkVO43vaaCjYb8
Qx8q6oGNjobpBIkyucfNM+0KrXv79noFqvFRC87dnSmQuy196TtZH8XKA/6ZmZPT
Uvg4gWB+OPgWcPqfBlkfbdwha942t520muRl5qIzHPrEmunW0Xv7yCwLRRbacpWt
LxIiv1aEXjeOd4ZE31jLpFbH17DDLndsL7U0zeRM0rnkmXdpORnirDASKZzPLp2W
wS0pPyD9dp07vwyvldgi1xSdmOxZLOsdvZnh8/meXqdA+YPCMyU801pNuDcHMfa4
vUDe5tk/rjhfBKwWe2lEU+AycgOIYWQfuhbT4Qh49q6ZBHzsGUrUaHsVwRQRacX1
4J17jpgv9XrVX66yN3pCEoofLCzaYg+GFf6JL9Z34syvJ4YJdbILObISWRHSCOr6
dQiqqWIvJEjlM9NjX6WYO0ngv08RYHDiuyjwaKAKNf8zsY9kwP4HhLoa0UFXzv49
RjQlYvVEMFlzdJ2G62oiJSVjoUOYd0xQ8+CFS8acDjwaWYyXA3f7E7eJ8BlSQI+m
S/GArxC1/IQBvGbsRUXtPZsdUU2U2kBoz/CzFu/zWK2VttfHRHehnJaCyUslx2o3
ODfXAx+HNaTg+7+Hr7oJvc5h8MtLeiM8wRA2SvJfiyNFjineWexARahRfxCJr5wb
4bBA
=LP/8
-----END PGP SIGNATURE-----
News for package asterisk
