Hello. Asterisk 1.6.2.5 has been released. It's just a minor release which fixes a security issue. AST-2010-002: Invalid parsing of ACL rules can compromise security cheers t. Reproducible: Always
I do apologise, this bug got overlooked. The ebuild you asked for was added: *asterisk-1.6.2.5 (01 Mar 2010) *asterisk-1.6.1.17 (01 Mar 2010) 01 Mar 2010; <chainsaw@gentoo.org> -asterisk-1.6.1.16.ebuild, +asterisk-1.6.1.17.ebuild, -asterisk-1.6.2.4.ebuild, +asterisk-1.6.2.5.ebuild: Security update AST-2010-003 on the 1.6.1 & 1.6.2 branches. This addresses invalid parsing of ACL rules. Removed vulnerable ebuilds. And then removed again because of a newer security vulnerability: 06 Apr 2010; <chainsaw@gentoo.org> -asterisk-1.6.1.17.ebuild, -asterisk-1.6.2.5.ebuild: Removing vulnerable ebuilds for CVE-2010-1224 / AST-2010-003 (Remote host access control bypass) as requested by Stefan "Craig" Behte <craig@gentoo.org> in security bug #313341.