[Pkg-voip-commits] r9763 - in /asterisk/branches/squeeze/debian/patches: AST-2012-007 AST-2012-008

tzafrir at alioth.debian.org tzafrir at alioth.debian.org
Tue Jun 5 09:14:45 UTC 2012 

Author: tzafrir
Date: Tue Jun  5 09:14:45 2012
New Revision: 9763

URL: http://svn.debian.org/wsvn/pkg-voip/?sc=1&rev=9763
Log:
More information about the advisories

Modified:
    asterisk/branches/squeeze/debian/patches/AST-2012-007
    asterisk/branches/squeeze/debian/patches/AST-2012-008

Modified: asterisk/branches/squeeze/debian/patches/AST-2012-007
URL: http://svn.debian.org/wsvn/pkg-voip/asterisk/branches/squeeze/debian/patches/AST-2012-007?rev=9763&op=diff
==============================================================================
--- asterisk/branches/squeeze/debian/patches/AST-2012-007 (original)
+++ asterisk/branches/squeeze/debian/patches/AST-2012-007 Tue Jun  5 09:14:45 2012
@@ -18,6 +18,10 @@
 When these conditions are true, Asterisk will attempt to use an invalid
 pointer to a music-on-hold class name. Use of the invalid pointer will
 either cause a crash or the music-on-hold class name will be garbage.
+
+A music-on-hold class is created in the default configuration if proper
+sound files exist in /usr/share/asterisk/moh . As of Wheezy the package
+also Recommends a set of such sound files.
 
 Patch copied as-is from branch 1.8.
 

Modified: asterisk/branches/squeeze/debian/patches/AST-2012-008
URL: http://svn.debian.org/wsvn/pkg-voip/asterisk/branches/squeeze/debian/patches/AST-2012-008?rev=9763&op=diff
==============================================================================
--- asterisk/branches/squeeze/debian/patches/AST-2012-008 (original)
+++ asterisk/branches/squeeze/debian/patches/AST-2012-008 Tue Jun  5 09:14:45 2012
@@ -13,6 +13,11 @@
 The patches prevent this from occurring by checking the line's pointer
 in message handlers and channel callbacks that can fire after an
 unregistration attempt.
+
+Issue is only expoitable if you have an active Skinny (Cisco SCCP)
+session. This implies you have a configured SCCP. If you have no idea
+what this means: you don't. The default settings in Debian have no
+configured Skinny devices.
 
 See also: http://downloads.asterisk.org/pub/security/AST-2012-008.html

More information about the Pkg-voip-commits mailing list