[SECURITY] [DLA 2729-1] asterisk security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 2729-1] asterisk security update
From: "Chris Lamb" <lamby@debian.org>
Date: Wed, 4 Aug 2021 06:06:59 -0400 (EDT)
Message-id: <[🔎] 162807157381.91798.13393955170364610726@copycat>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2729-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                           Chris Lamb
August 04, 2021                               https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : asterisk
Version        : 1:13.14.1~dfsg-2+deb9u5
CVE ID         : CVE-2021-32558
Debian Bug     : #991710

It was discovered that there was an issue in the Asterisk telephony
system. If the IAX2 channel driver received a packet that contained
an unsupported media format, a crash could have occured.

For Debian 9 "Stretch", this problem has been fixed in version
1:13.14.1~dfsg-2+deb9u5.

We recommend that you upgrade your asterisk packages.

For the detailed security status of asterisk please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/asterisk

In addition, Asterisk are tracking this issue as "AST-2021-008".

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmEKZpAACgkQHpU+J9Qx
HlhhEhAAlcjpCSQLxxyLjE6KNGAutZtPmrYi/Rq8vLQBGlgwZObddZhPfZwJsUaz
lDwn+8EHyB8bfEbO7NlLcfYDBBeNAW4/hppXYFrh6CMvXiPRfWbZmaGeuFfatNcs
Bggrfyp1gGjjZiFZHA2na7BgYMAoLF5z0OJ0Bp2WXvyUN6trKAhUXEc07WTSplDt
c/gEWvw7rPvrDr7EKSaVJov1nVLMIWO3S9jfWrd3nllUyIPCwEQYhZo17akttaox
e+yxOPHesC0gojbl8zeOwkH9x7gVDrHGc2ZLcB2Q2+o3s4n96+HwDFSeS+FhYEyo
ZwGbEwKGJiVKzZ8zm5WiDmyaQ/5gQoCsbewr6icH8Fs9liPDBovawy2r/fWfjb07
dHCU3iKMXem1l3U8qexyESh0H4skGNF6yTqX9BLMavHMUslPz/hYKC+y94s464GL
CKLuPGJETzphNE4gQyF2+t0KxLy1FzW1oSCC0RaST9xPjvth99wc6ZYIbHfdhvS5
5paFZOQkXZgOFCKcZH1xgX/V9Ah6OUn21F4HD4s7ADkRZTBfVKDAzLNV8JMB9Dy6
ohU+U9K0qV53z+TWz2Ktsm1HMk2mcx4pXQokHIsKM3hsF5zXs/p7i6Tl5KDUzOQ8
aXlPVYxTeRI5Cb9H17q5SQKmNSrSExTXh0IFDi2Qcg5n8UaqtLg=
=bcqj
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 2728-1] vlc security update
Next by Date: [SECURITY] [DLA 2730-1] libpam-tacplus security update
Previous by thread: [SECURITY] [DLA 2728-1] vlc security update
Next by thread: [SECURITY] [DLA 2730-1] libpam-tacplus security update
Index(es):
- Date
- Thread