-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 22 Jun 2023 14:47:22 +0200 Source: asterisk Binary: asterisk asterisk-dahdi asterisk-dahdi-dbgsym asterisk-dbgsym asterisk-mobile asterisk-mobile-dbgsym asterisk-modules asterisk-modules-dbgsym asterisk-mp3 asterisk-mp3-dbgsym asterisk-mysql asterisk-mysql-dbgsym asterisk-ooh323 asterisk-ooh323-dbgsym asterisk-tests asterisk-tests-dbgsym asterisk-voicemail asterisk-voicemail-dbgsym asterisk-voicemail-imapstorage asterisk-voicemail-imapstorage-dbgsym asterisk-voicemail-odbcstorage asterisk-voicemail-odbcstorage-dbgsym asterisk-vpb asterisk-vpb-dbgsym Architecture: ppc64el Version: 1:16.28.0~dfsg-0+deb11u3 Distribution: bullseye-security Urgency: high Maintainer: ppc64el Build Daemon (ppc64el-osuosl-01) Changed-By: Markus Koschany Description: asterisk - Open Source Private Branch Exchange (PBX) asterisk-dahdi - DAHDI devices support for the Asterisk PBX asterisk-mobile - Bluetooth phone support for the Asterisk PBX asterisk-modules - loadable modules for the Asterisk PBX asterisk-mp3 - MP3 playback support for the Asterisk PBX asterisk-mysql - MySQL database protocol support for the Asterisk PBX asterisk-ooh323 - H.323 protocol support for the Asterisk PBX - ooH323c asterisk-tests - internal test modules of the Asterisk PBX asterisk-voicemail - simple voicemail support for the Asterisk PBX asterisk-voicemail-imapstorage - IMAP voicemail storage support for the Asterisk PBX asterisk-voicemail-odbcstorage - ODBC voicemail storage support for the Asterisk PBX asterisk-vpb - VoiceTronix devices support for the Asterisk PBX Changes: asterisk (1:16.28.0~dfsg-0+deb11u3) bullseye-security; urgency=high . * Non-maintainer upload. * Fix CVE-2023-27585: A flaw was found in Asterisk, an Open Source Private Branch Exchange. A buffer overflow vulnerability affects users that use PJSIP DNS resolver. This vulnerability is related to CVE-2022-24793. The difference is that this issue is in parsing the query record `parse_query()`, while the issue in CVE-2022-24793 is in `parse_rr()`. A workaround is to disable DNS resolution in PJSIP config (by setting `nameserver_count` to zero) or use an external resolver implementation instead. Checksums-Sha1: 7c4f2a251ffdcb4fe25c4a0d713f56222e44067a 668036 asterisk-dahdi-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb d0b42d4f7f5bfa8aa2c1098c7c9c516d36db1f2c 1578500 asterisk-dahdi_16.28.0~dfsg-0+deb11u3_ppc64el.deb 39afb1743f03bcd304ae63312ae9d38858b36989 6624040 asterisk-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb 24b66034cd98fa9f66051953ae7548e264adbeb5 90720 asterisk-mobile-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb 26a4122a8fb09ffd731e8b555f4181424a3594fd 1375240 asterisk-mobile_16.28.0~dfsg-0+deb11u3_ppc64el.deb f81e22cbdc9bea9044df38ccceea3ddbe7768931 10458228 asterisk-modules-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb 7970521e612a3e560eda7cc88183e1e15ac43cdb 4082064 asterisk-modules_16.28.0~dfsg-0+deb11u3_ppc64el.deb b3feede25332e06ccb79b313e19a68537a90338c 53400 asterisk-mp3-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb f520935795aaef05ffc2e0393e457facaa604c27 1362240 asterisk-mp3_16.28.0~dfsg-0+deb11u3_ppc64el.deb fae2a27463a297352dde3c0c7099a54cb54dab1d 139692 asterisk-mysql-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb 2713826859942d4c2e2f3a89acd107f5c911518f 1378372 asterisk-mysql_16.28.0~dfsg-0+deb11u3_ppc64el.deb 074662ff12588204459fee27cab8cee7d3b24d74 1488952 asterisk-ooh323-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb da0e4e5ab8bc7cdb7fc887f98019d03b380b1796 1679808 asterisk-ooh323_16.28.0~dfsg-0+deb11u3_ppc64el.deb b1ba9a310e8a1f9112d054156d8ba39332eae00f 1433948 asterisk-tests-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb b38bcdcb6daa6c23c45da2a44d684c1d94d95390 1802900 asterisk-tests_16.28.0~dfsg-0+deb11u3_ppc64el.deb 4d356d9fb6186f786f3aa1e0823f0b7379d57eb9 279780 asterisk-voicemail-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb 29e7ddb719472d8442748464e68ec957a9b5beb8 328928 asterisk-voicemail-imapstorage-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb fb2321c17ac00a9d83042ddc57e9c52df43bcf51 1455012 asterisk-voicemail-imapstorage_16.28.0~dfsg-0+deb11u3_ppc64el.deb e45dfcc3a7c46790a1a4707b180b47c71898b446 292760 asterisk-voicemail-odbcstorage-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb c1a1b96e092b621fbf46a8c25414aa680cc4c9dd 1442388 asterisk-voicemail-odbcstorage_16.28.0~dfsg-0+deb11u3_ppc64el.deb 2c2536faeff8ecf921c69b9ac1e9bb10426758a5 1437856 asterisk-voicemail_16.28.0~dfsg-0+deb11u3_ppc64el.deb aea43445889a4704005954ce6b162dfa69247e6f 71492 asterisk-vpb-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb 3eb8d2ba49e70cdbc825cbfc8ad5ccb552d47683 1362920 asterisk-vpb_16.28.0~dfsg-0+deb11u3_ppc64el.deb ee8576d61ce25d5593072829a95e2eeb184e5618 27776 asterisk_16.28.0~dfsg-0+deb11u3_ppc64el-buildd.buildinfo 314f346609e94ae85626190c8ad899b0013db774 2468372 asterisk_16.28.0~dfsg-0+deb11u3_ppc64el.deb Checksums-Sha256: c469d04aeb36baa76195d405d27402f64281561a366347f5c3c5b4d8c587b54c 668036 asterisk-dahdi-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb 8c59a3a066b65bf406dc72eab2d58df0aebd19857ecce4c038092b33d775d574 1578500 asterisk-dahdi_16.28.0~dfsg-0+deb11u3_ppc64el.deb 1350aad19e9ef8c42cfc3753cf3ec1f1061da60c6b70d09881d93ea84e00d116 6624040 asterisk-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb 4eaa31a188d7b56f2732a66a4dd218625b5096c0299081904ff3e4918ca480ad 90720 asterisk-mobile-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb 24075031f36851885e6824ceb0c7b36c83e71a2fb28fc585f645057e8126326b 1375240 asterisk-mobile_16.28.0~dfsg-0+deb11u3_ppc64el.deb b1f12c503b81f564bbfdbae0c0c1aae4afd743cc1690fdb12fa18a7ea66681dd 10458228 asterisk-modules-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb d27472a38a6c67b10f7baa1fb6d86ed9cc45874eea00474d555309e88b83ff4e 4082064 asterisk-modules_16.28.0~dfsg-0+deb11u3_ppc64el.deb 54695e1f07e4caf58177306ee9a1dcd4ee7a44d3e81d5f682b539e72eed81dce 53400 asterisk-mp3-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb b70bca0e8b0a9fa97a4c538040d1de75f20cec9f02228ad97589eba1759f22ed 1362240 asterisk-mp3_16.28.0~dfsg-0+deb11u3_ppc64el.deb 57eb48692a96ed89195163c8462acf0482b8c3bf739786d4df5e1284a7d3bd4b 139692 asterisk-mysql-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb 50b5dc6cdfc5fedd01bf9c21326431bf2a1b1c56908f5557ca308bbcde0b7395 1378372 asterisk-mysql_16.28.0~dfsg-0+deb11u3_ppc64el.deb f92109fd64fb9f9f3de34f6c98135af087cea34055afa10be6f1ba27e0d7844c 1488952 asterisk-ooh323-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb d1cc0acf0fee2e1551f510d322511fcd3a3271e087c51397f6398c87666acbd8 1679808 asterisk-ooh323_16.28.0~dfsg-0+deb11u3_ppc64el.deb bd7a95a42e5eb85c40a11601e94cb9d14195375100ff3ec8ff8f94786f5d186c 1433948 asterisk-tests-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb 2ccd3ef08522e8b5a33d241cfef83ed76323c877007d7009a59bd3b58ddb83e3 1802900 asterisk-tests_16.28.0~dfsg-0+deb11u3_ppc64el.deb 138d1f6ca77334b51074b38d4b66381b8e9adbb579fb907e7b6c7e11c275aec2 279780 asterisk-voicemail-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb fd89e7999bde751b89c608ad9aed674cc8e71d6e47348f38c2c7f0c0bab80447 328928 asterisk-voicemail-imapstorage-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb 73b401dd406199fd54be8673379aa23ed931bdaddaf72485c77d16986c4f3ae3 1455012 asterisk-voicemail-imapstorage_16.28.0~dfsg-0+deb11u3_ppc64el.deb 14f3f564253d2e0ad9f9b2a63d224ac11d56ca6d7b253bcbaaedd9dc23a447b6 292760 asterisk-voicemail-odbcstorage-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb 36c366ea9a0190416f70338ab4f56f53ec0b1c8fcd73aca10638f254f630c591 1442388 asterisk-voicemail-odbcstorage_16.28.0~dfsg-0+deb11u3_ppc64el.deb 5e79cea8c0a10d7cfb911c4d9b0fb6125e2298e2460442102779791a4fa46f8b 1437856 asterisk-voicemail_16.28.0~dfsg-0+deb11u3_ppc64el.deb 201a9c0535e87d7ccc4f5e29c42c3a78e69d676d8bf447b28a564b0e6684553e 71492 asterisk-vpb-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb 57be8c88de89c1987247c4e8511a1a9b66c714e3b759273b6bd47c5f0467a3bd 1362920 asterisk-vpb_16.28.0~dfsg-0+deb11u3_ppc64el.deb c83db42ebf6d9255bf13124760f6f37ff6bd68a95fc6ecd6627ce0d7fec6ea65 27776 asterisk_16.28.0~dfsg-0+deb11u3_ppc64el-buildd.buildinfo 5bdb8f6ec5b4a385bf8605980f9865eb7d262f1604a6d886f0b110e7d602382f 2468372 asterisk_16.28.0~dfsg-0+deb11u3_ppc64el.deb Files: b19ae809ed920477203998c67c1c0ee4 668036 debug optional asterisk-dahdi-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb 87ed273c4d74e046a5109872b48ff4a1 1578500 comm optional asterisk-dahdi_16.28.0~dfsg-0+deb11u3_ppc64el.deb 9358c49589a3bdc58ed143e59a26a9a6 6624040 debug optional asterisk-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb 110534953d31462568f39ded1691ba28 90720 debug optional asterisk-mobile-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb 12cbe9fcbdd03ba77d94d30ef576e031 1375240 comm optional asterisk-mobile_16.28.0~dfsg-0+deb11u3_ppc64el.deb 84ddcd5a255f01e250f7a26c91af54bc 10458228 debug optional asterisk-modules-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb bfbfc8165ed8ce44739f70a76a737008 4082064 libs optional asterisk-modules_16.28.0~dfsg-0+deb11u3_ppc64el.deb 3d69b02544e98b19071bf63e76665914 53400 debug optional asterisk-mp3-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb 7ed984d8f78b81b272fd7a3c4a209850 1362240 comm optional asterisk-mp3_16.28.0~dfsg-0+deb11u3_ppc64el.deb 7e11ad1f88573a1d3f3b1ddb5bac5042 139692 debug optional asterisk-mysql-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb 6aba6c29247bac31610066ee9209ec6d 1378372 comm optional asterisk-mysql_16.28.0~dfsg-0+deb11u3_ppc64el.deb 295bf82f04d93bc35672efff5a8a8741 1488952 debug optional asterisk-ooh323-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb 69783bcbd8572b42e8fddf88f0ef9874 1679808 comm optional asterisk-ooh323_16.28.0~dfsg-0+deb11u3_ppc64el.deb 37d0385736556e8d4db605a384664e85 1433948 debug optional asterisk-tests-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb c3acae6802b019a9ae598d637d4ae491 1802900 comm optional asterisk-tests_16.28.0~dfsg-0+deb11u3_ppc64el.deb 9d95a57b8b94f1be982f0577f9b58308 279780 debug optional asterisk-voicemail-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb 7d1c3697e396181af8258a34f277d993 328928 debug optional asterisk-voicemail-imapstorage-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb 56b0501858163c706c0f24e2d3ffa56c 1455012 comm optional asterisk-voicemail-imapstorage_16.28.0~dfsg-0+deb11u3_ppc64el.deb 9bde7df9579ff4d861ad99a5921d6e55 292760 debug optional asterisk-voicemail-odbcstorage-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb 09f8e8aeb4abec5228c1191a6ae7661d 1442388 comm optional asterisk-voicemail-odbcstorage_16.28.0~dfsg-0+deb11u3_ppc64el.deb 3aca07c51a730ba2d83c0b6409840310 1437856 comm optional asterisk-voicemail_16.28.0~dfsg-0+deb11u3_ppc64el.deb c26289aef393c738428cbd74dc9217d4 71492 debug optional asterisk-vpb-dbgsym_16.28.0~dfsg-0+deb11u3_ppc64el.deb 8b0900a386d6f37a85d1336879cf1a58 1362920 comm optional asterisk-vpb_16.28.0~dfsg-0+deb11u3_ppc64el.deb a22b3235cbfaaf6a2346db1deb52aadf 27776 comm optional asterisk_16.28.0~dfsg-0+deb11u3_ppc64el-buildd.buildinfo 4158e8edddcc36739f9450d950ca91ab 2468372 comm optional asterisk_16.28.0~dfsg-0+deb11u3_ppc64el.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE5hbnFkJlczvLwwS0Y7DdE4sWZ/UFAmSUUeIACgkQY7DdE4sW Z/UE7A//RbVDCQBoJfEqZsFz1t8NxI7/BGG74BuL9eNHLSPiFGstnRxO8NwQDP8z z2bpnfpWuhSrUDSmHHlTCQvqO16LToG7pVdXyMRd5rlCA8uWeECK4E3msjLpq2xk 3AyFKa0jEZKy3grGpo3at7KsGNAA9MW0bJSRDI7R7j+pEdV6XZ62QUwJzB/V26rd cM491XzBwiavL7bWHRs0PrR6o2I/Kg67BWXuNb3VYtbv9/kFSNq9NpTSJ4/w72eC +Ae2oqbw676QgM9vQy1QOIpb9TknVYfJD4C9mBbudM/K0BCLdbjmCx36gWL/kdhG wqOxmL2pICFHE9pCb2qXTUUpjZpVVuoVnwqib2Z2oh/uSQvivWTSWq5cJfC9Pcpp NkBP0Qr4EYbqbowGta7+IJUwp/yRUjvmMpfJBd53sKLbFHkCVDsSOpj4cx9oxjLs Y0cAscTmht/ms7iJbiHidgB237oX50A6cmk+my5m6pXGQhA1Ko6bKV+iWPhFwRDb yPsS7nB8iRE42yLS/a9HCI/MQJom9nsUhqduRzqRXEdoDhXdPWQM2hMdQAxSsjGw WlfqxzEf4aZwC74eco83NSVOyezWIjA4IZWoAVgqP4MvfjtaAq1ndcGPzUQu+q4K NsoObww0htqty4+8LEsMAslHDMcKo6Ik0L91C/UkRZdTDXNJhOU= =jNAi -----END PGP SIGNATURE-----