Summary: | net-misc/asterisk-1.6.2.5 version bump request | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Thomas Stein <himbeere> |
Component: | Current packages | Assignee: | Tony Vroon (RETIRED) <chainsaw> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | voip+disabled |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.5 | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Thomas Stein
2010-03-01 07:54:19 UTC
I do apologise, this bug got overlooked. The ebuild you asked for was added: *asterisk-1.6.2.5 (01 Mar 2010) *asterisk-1.6.1.17 (01 Mar 2010) 01 Mar 2010; <chainsaw@gentoo.org> -asterisk-1.6.1.16.ebuild, +asterisk-1.6.1.17.ebuild, -asterisk-1.6.2.4.ebuild, +asterisk-1.6.2.5.ebuild: Security update AST-2010-003 on the 1.6.1 & 1.6.2 branches. This addresses invalid parsing of ACL rules. Removed vulnerable ebuilds. And then removed again because of a newer security vulnerability: 06 Apr 2010; <chainsaw@gentoo.org> -asterisk-1.6.1.17.ebuild, -asterisk-1.6.2.5.ebuild: Removing vulnerable ebuilds for CVE-2010-1224 / AST-2010-003 (Remote host access control bypass) as requested by Stefan "Craig" Behte <craig@gentoo.org> in security bug #313341. |