Bug 164217

Summary:	net-misc/asterisk security cleanup needed
Product:	Gentoo Linux	Reporter:	Jakub Moc (RETIRED) <jakub>
Component:	New packages	Assignee:	voip herd (OBSOLETE) <voip+disabled>
Status:	RESOLVED FIXED
Severity:	normal
Priority:	High
Version:	2006.1
Hardware:	All
OS:	Linux
Whiteboard:
Package list:		Runtime testing required:	---

Description Jakub Moc (RETIRED) gentoo-dev

2007-01-28 11:18:24 UTC

net-misc/asterisk-1.0.11_p1: vulnerable via glsa(200610-15) ( ver < 1.2.13 ), affects ('amd64', 'hppa', 'ppc', 'sparc', 'x86')
net-misc/asterisk-1.0.12: vulnerable via glsa(200610-15) ( ver < 1.2.13 ), affects ('ppc', 'x86')
net-misc/asterisk-1.2.12.1: vulnerable via glsa(200610-15) ( ver < 1.2.13 ), affects ('alpha', 'amd64', 'hppa', 'ppc', 'sparc', 'x86')

Please, clean up the above. Thanks. :)

Comment 1 Rajiv Aaron Manglani (RETIRED) gentoo-dev

2007-01-29 07:18:09 UTC

asterisk-1.0.11_p1 removed.

asterisk-1.0.12 is not vulnerable. see bug #154136. the glsa needs to be updated. security, can you take care of that?

Comment 2 Rajiv Aaron Manglani (RETIRED) gentoo-dev

2007-01-30 23:14:46 UTC

glsa 200610-15 updated by falco to show 1.0.12 as not vulnerable. thanks.

Comment 3 Raphael Marichez (Falco) (RETIRED) gentoo-dev

2007-02-10 21:35:00 UTC

jakub, time to close? Feel free to reopen if i'm wrong.

Comment 4 Rajiv Aaron Manglani (RETIRED) gentoo-dev

2007-02-11 00:20:48 UTC

net-misc/asterisk-1.2.12.1 still in portage. voip folks, any reason not to remove this version?

Comment 5 Rajiv Aaron Manglani (RETIRED) gentoo-dev

2007-02-11 07:46:32 UTC

net-misc/asterisk-1.2.12.1 removed. all done.