CVE-2014-8418 CVE-2014-8412 CVE-2014-8414 CVE-2014-8417

Debian Bug report logs - #771463
CVE-2014-8418 CVE-2014-8412 CVE-2014-8414 CVE-2014-8417

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Moritz Muehlenhoff <jmm@debian.org>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: CVE-2014-8418 CVE-2014-8412 CVE-2014-8414 CVE-2014-8417

Date: Sat, 29 Nov 2014 22:33:31 +0100

Source: asterisk
Severity: grave
Tags: security

Please see
http://downloads.digium.com/pub/security/AST-2014-018.html
http://downloads.digium.com/pub/security/AST-2014-017.html
http://downloads.digium.com/pub/security/AST-2014-014.html
http://downloads.digium.com/pub/security/AST-2014-012.html

Cheers,
        Moritz

Message #10 received at 771463@bugs.debian.org (full text, mbox, reply):

From: Daniel Pocock <daniel@pocock.pro>

To: Moritz Muehlenhoff <jmm@debian.org>, 771463@bugs.debian.org

Subject: Re: Bug#771463: CVE-2014-8418 CVE-2014-8412 CVE-2014-8414 CVE-2014-8417

Date: Sun, 07 Dec 2014 20:07:48 +0100

On 29/11/14 22:33, Moritz Muehlenhoff wrote:
> Source: asterisk
> Severity: grave
> Tags: security
> 
> Please see
> http://downloads.digium.com/pub/security/AST-2014-018.html
> http://downloads.digium.com/pub/security/AST-2014-017.html
> http://downloads.digium.com/pub/security/AST-2014-014.html
> http://downloads.digium.com/pub/security/AST-2014-012.html
> 


Could you comment on why these are grouped together and why it is a
grave issue?

For people running Asterisk on private LANs and VPNs or not using some
of these features these issues may not have any impact.

Personally, I do not connect Asterisk directly to the public Internet,
it is always behind a secure SIP proxy.  This makes the problems in
Asterisk acceptable for my own purposes.

Message #15 received at 771463@bugs.debian.org (full text, mbox, reply):

From: Tzafrir Cohen <tzafrir.cohen@xorcom.com>

To: 771463@bugs.debian.org

Subject: Re: Bug#771463: CVE-2014-8418 CVE-2014-8412 CVE-2014-8414 CVE-2014-8417

Date: Mon, 8 Dec 2014 07:36:11 +0200

On Sat, Nov 29, 2014 at 10:33:31PM +0100, Moritz Muehlenhoff wrote:
> Source: asterisk
> Severity: grave
> Tags: security
> 
> Please see
> http://downloads.digium.com/pub/security/AST-2014-018.html
> http://downloads.digium.com/pub/security/AST-2014-017.html
> http://downloads.digium.com/pub/security/AST-2014-014.html
> http://downloads.digium.com/pub/security/AST-2014-012.html

012 was already "fixed" (in a version uploaded to Unstable, but didn't
stay there long enough). Sadly Unstable has Asterisk 13, and thus those
need to be pushed directly to Jessie.

I created a Jessie branch in git with those fixes. Sadly I didn't have
the time to properly document them.

Feel free to upload it.

For Unstable, I guess a new upstream release is needed (due to the same
security issues. And even more: many issues in chan_pjsip).

-- 
               Tzafrir Cohen
icq#16849755              jabber:tzafrir.cohen@xorcom.com
+972-50-7952406           mailto:tzafrir.cohen@xorcom.com
http://www.xorcom.com

Message #20 received at 771463@bugs.debian.org (full text, mbox, reply):

From: Geert Stappers <stappers@stappers.nl>

To: 771463@bugs.debian.org

Subject: Re: Bug#771463: CVE-2014-8418 CVE-2014-8412 CVE-2014-8414 CVE-2014-8417

Date: Sun, 14 Dec 2014 15:51:03 +0100

On Mon, Dec 08, 2014 at 07:36:11AM +0200, Tzafrir Cohen wrote:
> On Sat, Nov 29, 2014 at 10:33:31PM +0100, Moritz Muehlenhoff wrote:
> > Source: asterisk
> > Severity: grave
> > Tags: security
> > 
> > Please see
> > http://downloads.digium.com/pub/security/AST-2014-018.html
> > http://downloads.digium.com/pub/security/AST-2014-017.html
> > http://downloads.digium.com/pub/security/AST-2014-014.html
> > http://downloads.digium.com/pub/security/AST-2014-012.html
> 
> 012 was already "fixed" (in a version uploaded to Unstable, but didn't
> stay there long enough). Sadly Unstable has Asterisk 13, and thus those
> need to be pushed directly to Jessie.
> 
> I created a Jessie branch in git with those fixes.

Thanks


> Sadly I didn't have the time to properly document them.

What kind of documentation should be added?

In debian/patches/AST-2014-014.patch is 

 From 90cdc0d1c75ac44837da9ff4a6cecf754d99e4f9 Mon Sep 17 00:00:00 2001
 From: Joshua Colp <jcolp@digium.com>
 Date: Thu, 20 Nov 2014 14:20:08 +0000
 Subject: [PATCH 1/3] AST-2014-014: Fix race condition where channels may get stuck in ConfBridge under load.

 Under load it was possible for the bridging API, and thus ConfBridge, to get
 channels that may have hung up stuck in it. This is because handling of state
 transitions for a bridged channel within a bridge was not protected and simply
 set the new state without regard to the existing state. If the existing state
 had been hung up this would get overwritten.

 This change adds locking to protect changing of the state and also
 takes into consideration the existing state.

 ASTERISK-24440 #close
 Reported by: Ben Klang

 Review: https://reviewboard.asterisk.org/r/4173/


 git-svn-id: http://svn.asterisk.org/svn/asterisk/branches/11@428299 f38db490-d61c-443f-a65b-d21fe96a405b
 ---
  main/bridging.c | 26 +++++++++++++++++++++-----
  1 file changed, 21 insertions(+), 5 deletions(-)

 diff --git a/main/bridging.c b/main/bridging.c
 index a36ccf9..0f8f4e8 100644
 --- a/main/bridging.c
 +++ b/main/bridging.c



Groeten
Geert Stappers
-- 
Leven en laten leven

Message #25 received at 771463-close@bugs.debian.org (full text, mbox, reply):

From: Tzafrir Cohen <tzafrir@debian.org>

To: 771463-close@bugs.debian.org

Subject: Bug#771463: fixed in asterisk 1:13.1.0~dfsg-1

Date: Wed, 31 Dec 2014 22:03:55 +0000

Source: asterisk
Source-Version: 1:13.1.0~dfsg-1

We believe that the bug you reported is fixed in the latest version of
asterisk, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 771463@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Tzafrir Cohen <tzafrir@debian.org> (supplier of updated asterisk package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 31 Dec 2014 14:58:53 +0200
Source: asterisk
Binary: asterisk asterisk-modules asterisk-dahdi asterisk-vpb asterisk-voicemail asterisk-voicemail-imapstorage asterisk-voicemail-odbcstorage asterisk-ooh423 asterisk-mp3 asterisk-mysql asterisk-mobile asterisk-doc asterisk-dev asterisk-dbg asterisk-config
Architecture: source amd64 all
Version: 1:13.1.0~dfsg-1
Distribution: unstable
Urgency: high
Maintainer: Debian VoIP Team <pkg-voip-maintainers@lists.alioth.debian.org>
Changed-By: Tzafrir Cohen <tzafrir@debian.org>
Description:
 asterisk   - Open Source Private Branch Exchange (PBX)
 asterisk-config - Configuration files for Asterisk
 asterisk-dahdi - DAHDI devices support for the Asterisk PBX
 asterisk-dbg - Debugging symbols for Asterisk
 asterisk-dev - Development files for Asterisk
 asterisk-doc - Source code documentation for Asterisk
 asterisk-mobile - Bluetooth phone support for the Asterisk PBX
 asterisk-modules - loadable modules for the Asterisk PBX
 asterisk-mp3 - MP3 playback support for the Asterisk PBX
 asterisk-mysql - MySQL database protocol support for the Asterisk PBX
 asterisk-ooh423 - H.323 protocol support for the Asterisk PBX - ooH323c
 asterisk-voicemail - simple voicemail support for the Asterisk PBX
 asterisk-voicemail-imapstorage - IMAP voicemail storage support for the Asterisk PBX
 asterisk-voicemail-odbcstorage - ODBC voicemail storage support for the Asterisk PBX
 asterisk-vpb - VoiceTronix devices support for the Asterisk PBX
Closes: 742783 760032 771463 772469 773230
Changes:
 asterisk (1:13.1.0~dfsg-1) unstable; urgency=high
 .
   [ Tzafrir Cohen ]
   * New upstream release, fixes various security holes (Closes: #771463):
     - AST-2014-012 (CVE-2014-8412): Mixed IP address families in ACLs
       may permit unwanted traffic
     - AST-2014-013 (CVE-2014-8413): PJSIP ACLs not loaded at startup
     - AST-2014-014 (CVE-2014-8414): High call load may result in hung
       channels in ConfBridge
     - AST-2014-015 (CVE-2014-8415): Remote Crash Vulnerability in PJSIP
       channel driver
     - AST-2014-016 (CVE-2014-8416): Remote Crash Vulnerability in PJSIP
       channel driver
     - AST-2014-017 (CVE-2014-8417): Mark CONFBRIDGE as a sensitive
       function for external APIs
     - AST-2014-018 (CVE-2014-8418): Mark DB as a sensitive function for
       external APIs
     - AST-2014-019.patch (CVE-2014-9374): Remote Crash Vulnerability in
     WebSocket Server (Closes: #773230).
   * The key file better be ascii-armoured, indeed
   * init script: kill with PID (Closes: #742783)
   * Describe patch astdatadir
 .
   [ Stappers Geert ]
   * new file: debian/README.source (Closes: #772469).
   * asterisk-config-custom (Closes: #760032)
Checksums-Sha1:
 95c7e8237442a9e78ffdad7bb8d5ce058e1c76bb 3888 asterisk_13.1.0~dfsg-1.dsc
 8c6465147bca919851d5072a83ef52172cde86f0 7972063 asterisk_13.1.0~dfsg.orig.tar.gz
 c3e9a110d410fa2f98d4437faf05f26db92b05c3 100844 asterisk_13.1.0~dfsg-1.debian.tar.xz
 5487a8d311203acb54fee710ca33ae624e5e3f04 1754796 asterisk_13.1.0~dfsg-1_amd64.deb
 ee4aa640f20bd281841242b301dbcb5f754b878d 2453082 asterisk-modules_13.1.0~dfsg-1_amd64.deb
 664ed5f1ff144093083585ef1229114fbedf8d39 557162 asterisk-dahdi_13.1.0~dfsg-1_amd64.deb
 705c7db4c2161e1352310a1c45b5cd3020749d5b 368776 asterisk-vpb_13.1.0~dfsg-1_amd64.deb
 9926ec320a3a97a9967b37a2ef201b24200a4a9c 428264 asterisk-voicemail_13.1.0~dfsg-1_amd64.deb
 ff7815853425f1d3ef153334e8eb4f924250aef2 444632 asterisk-voicemail-imapstorage_13.1.0~dfsg-1_amd64.deb
 0e54ba4a19a246ab35b5a4fe85b7bef6bccef678 434422 asterisk-voicemail-odbcstorage_13.1.0~dfsg-1_amd64.deb
 b38b5f787b5d1f5808fa757d1b4a9039cbcdd387 681464 asterisk-ooh423_13.1.0~dfsg-1_amd64.deb
 f472c3a82f8b51311e877ec5582334a3c5337eb6 365682 asterisk-mp3_13.1.0~dfsg-1_amd64.deb
 ae49afc64ec370b00a92aa5df8289779ef5c0603 383876 asterisk-mysql_13.1.0~dfsg-1_amd64.deb
 979373ff8728af59d2f90979e6a30a7fa9a95134 376734 asterisk-mobile_13.1.0~dfsg-1_amd64.deb
 3da8daf12a40872d080afd95b1c48ba0ffe326f1 1052666 asterisk-doc_13.1.0~dfsg-1_all.deb
 75858a0c75df3619c34751cf4521c52a2bda4c62 757204 asterisk-dev_13.1.0~dfsg-1_all.deb
 9bfd24927f87edbd82778d32477cd58b16be4999 12044190 asterisk-dbg_13.1.0~dfsg-1_amd64.deb
 d6e8c37f32762e0c3cdb2862573509a006dbefb7 722092 asterisk-config_13.1.0~dfsg-1_all.deb
Checksums-Sha256:
 556ae663b73aad52d0566f1865d4698be57df016f248091941092d6c7cebebc7 3888 asterisk_13.1.0~dfsg-1.dsc
 b6369313d180e4e358bede94f34fbb2dbe164d4e263fb76d920d636a4f6d5048 7972063 asterisk_13.1.0~dfsg.orig.tar.gz
 f3d431261109e4df82764dca61164dde20a0c6bba2d2eccc65ea4912b37b7f39 100844 asterisk_13.1.0~dfsg-1.debian.tar.xz
 dfd7e73567c8e5475bc500624c8f96b80c0982323845a57a1f5faa242774da62 1754796 asterisk_13.1.0~dfsg-1_amd64.deb
 a1f321ce6dafd29cbf82188dec5a813f20e1dee75ae1c6e04cb2e9dad4103827 2453082 asterisk-modules_13.1.0~dfsg-1_amd64.deb
 0dfd62805c8ea19bb8b386589fb70f47c25efaf4fd17df7a8cd1a84b46852b74 557162 asterisk-dahdi_13.1.0~dfsg-1_amd64.deb
 3e4f359855741d257956be1aefcdd36378f1f27c5a932e6b413b4fa15f4b1d39 368776 asterisk-vpb_13.1.0~dfsg-1_amd64.deb
 efefd418fe87c0b40a978b7fdd4620a6e1f59dc3f452aa160017ff9e6275d31a 428264 asterisk-voicemail_13.1.0~dfsg-1_amd64.deb
 5cc19987fdc28a5e0b5877630ab98b8ea4253945df471fcd976a59eca02f782e 444632 asterisk-voicemail-imapstorage_13.1.0~dfsg-1_amd64.deb
 19c70f64056018f53fa6dbf2cfa9e151cae197ddc63c9a7a66032455e88f79a4 434422 asterisk-voicemail-odbcstorage_13.1.0~dfsg-1_amd64.deb
 35272046ac3bae2be4b51cff568434dc3ec02dcb749aef84e03385df6019fce9 681464 asterisk-ooh423_13.1.0~dfsg-1_amd64.deb
 16a742152ebf7aa6e67617ae0bdbe4296ea5e6a0b5161248314ae893ea3ecc5a 365682 asterisk-mp3_13.1.0~dfsg-1_amd64.deb
 0b4174570bcd89ddccbae862811f08c3ab2a27e79dc6c945c2d1c22fd31d1c6d 383876 asterisk-mysql_13.1.0~dfsg-1_amd64.deb
 a5b25eb9b6cf2d0b637bf2b305f4f189a99f703e87737ae0fee4c33199675230 376734 asterisk-mobile_13.1.0~dfsg-1_amd64.deb
 7901beae9b05ce5a317c378e9c4942ea0172a1ebde3573a14133aae3b74e923f 1052666 asterisk-doc_13.1.0~dfsg-1_all.deb
 0d4547debc2605479d968cf3501423c66de38c91f2398ce87d8622a671e7e6af 757204 asterisk-dev_13.1.0~dfsg-1_all.deb
 cea9b1bc49be8ae03cd6dfe5842fe05c37dd002c8475e8111c48dad5e73062e7 12044190 asterisk-dbg_13.1.0~dfsg-1_amd64.deb
 8916dba06ff7dd0bdb9504550d504e73f1124fec613e4fcb7aa9ed40eb1049f9 722092 asterisk-config_13.1.0~dfsg-1_all.deb
Files:
 1f282b8fc17636fafdcf78c580719893 3888 comm optional asterisk_13.1.0~dfsg-1.dsc
 0193e66ff8a6e6006536e61971edf8bb 7972063 comm optional asterisk_13.1.0~dfsg.orig.tar.gz
 28089944b68896837db1f62c1452dd48 100844 comm optional asterisk_13.1.0~dfsg-1.debian.tar.xz
 41d03fe59e205faeba4a3e59b288d392 1754796 comm optional asterisk_13.1.0~dfsg-1_amd64.deb
 f642b434369180cbbac3b7fdeab17d44 2453082 libs optional asterisk-modules_13.1.0~dfsg-1_amd64.deb
 dc12b1ac478e6959beb87b5264cf6d52 557162 comm optional asterisk-dahdi_13.1.0~dfsg-1_amd64.deb
 081d445861d1a89d9833b6f4e47d0dfb 368776 comm optional asterisk-vpb_13.1.0~dfsg-1_amd64.deb
 24d5ded3e7ea8022e2024585773bc4d2 428264 comm optional asterisk-voicemail_13.1.0~dfsg-1_amd64.deb
 b561c49790c73c35d7374ea2e06a0221 444632 comm optional asterisk-voicemail-imapstorage_13.1.0~dfsg-1_amd64.deb
 a470c26a9fab930644628f09bf18a879 434422 comm optional asterisk-voicemail-odbcstorage_13.1.0~dfsg-1_amd64.deb
 2827416d578a4c4df26c3074a0244ef2 681464 comm optional asterisk-ooh423_13.1.0~dfsg-1_amd64.deb
 b46906473d4a03eb9c8c1c0691ed65ff 365682 comm optional asterisk-mp3_13.1.0~dfsg-1_amd64.deb
 54dc69b8610b0113ca046000e222b182 383876 comm optional asterisk-mysql_13.1.0~dfsg-1_amd64.deb
 458038cfedc9e65f6422c098eb8988e0 376734 comm optional asterisk-mobile_13.1.0~dfsg-1_amd64.deb
 1046c3f3151881e9c06c2e7557b15eeb 1052666 doc extra asterisk-doc_13.1.0~dfsg-1_all.deb
 dadbdf96a08fbdeefdb224b02de74638 757204 devel extra asterisk-dev_13.1.0~dfsg-1_all.deb
 9d9da9789158464cbb41b88f91aa4d91 12044190 debug extra asterisk-dbg_13.1.0~dfsg-1_amd64.deb
 7d64278105023efe9dba31536ad13e2c 722092 comm optional asterisk-config_13.1.0~dfsg-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQGcBAEBCAAGBQJUpG3lAAoJEI79TC8DJaDOjegMAJ0OOjjCeQgplR6KBkQ3UItr
DL0LL0mlwAwsUv8t0hYSFPbuoz7lmgLXNSRjFmTgXwmIHBstekDbzTXSTfPsrA6+
FVhaE5RlThvnud//aKijXeCFd9oOPC2g27z47XI+EkBcCtLBgSGaUpjcaRAqQye2
fCXwJXb304mVGCHPmopoKUOroHSlFVKxNHhhXFXuhd+OsUr8xuCh8NsSagPh4K3W
4dOXk3dntfv4Ghq2/IKZjFRTEEgWYh44f8sLkUxxBpqSkk4KyK0fKg3FduJD/OQ1
uwxBcpMaJhObEA+FVA/CkrkaOHH+sbPTU/AyH8TWazamYKGVpm5jBPuITUHwqqiK
kso++zmiMumuIb9M83nJeZ0L37egrNz5fnUZRVvzdwRFin9c/09CIFIDNlEipJVc
WCyDue1lRP9S32diXLofukjRmLZoOZiM/u6LamtawvAmLe/qgiM720mvCR47sfNc
rs/kgsnFK1pMjyiPDXPkrV2uqF5LgYRKCPFuPSsPWQ==
=Jahp
-----END PGP SIGNATURE-----

Message #30 received at 771463-close@bugs.debian.org (full text, mbox, reply):

From: Tzafrir Cohen <tzafrir@debian.org>

To: 771463-close@bugs.debian.org

Subject: Bug#771463: fixed in asterisk 1:11.13.1~dfsg-2

Date: Thu, 01 Jan 2015 00:03:54 +0000

Source: asterisk
Source-Version: 1:11.13.1~dfsg-2

We believe that the bug you reported is fixed in the latest version of
asterisk, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 771463@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Tzafrir Cohen <tzafrir@debian.org> (supplier of updated asterisk package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 01 Jan 2015 01:25:11 +0200
Source: asterisk
Binary: asterisk asterisk-modules asterisk-dahdi asterisk-vpb asterisk-voicemail asterisk-voicemail-imapstorage asterisk-voicemail-odbcstorage asterisk-ooh423 asterisk-mp3 asterisk-mysql asterisk-mobile asterisk-doc asterisk-dev asterisk-dbg asterisk-config
Architecture: source amd64 all
Version: 1:11.13.1~dfsg-2
Distribution: testing-proposed-updates
Urgency: high
Maintainer: Debian VoIP Team <pkg-voip-maintainers@lists.alioth.debian.org>
Changed-By: Tzafrir Cohen <tzafrir@debian.org>
Description:
 asterisk   - Open Source Private Branch Exchange (PBX)
 asterisk-config - Configuration files for Asterisk
 asterisk-dahdi - DAHDI devices support for the Asterisk PBX
 asterisk-dbg - Debugging symbols for Asterisk
 asterisk-dev - Development files for Asterisk
 asterisk-doc - Source code documentation for Asterisk
 asterisk-mobile - Bluetooth phone support for the Asterisk PBX
 asterisk-modules - loadable modules for the Asterisk PBX
 asterisk-mp3 - MP3 playback support for the Asterisk PBX
 asterisk-mysql - MySQL database protocol support for the Asterisk PBX
 asterisk-ooh423 - H.323 protocol support for the Asterisk PBX - ooH323c
 asterisk-voicemail - simple voicemail support for the Asterisk PBX
 asterisk-voicemail-imapstorage - IMAP voicemail storage support for the Asterisk PBX
 asterisk-voicemail-odbcstorage - ODBC voicemail storage support for the Asterisk PBX
 asterisk-vpb - VoiceTronix devices support for the Asterisk PBX
Closes: 771463 773230
Changes:
 asterisk (1:11.13.1~dfsg-2) testing-proposed-updates; urgency=high
 .
   * New upstream release: fixes AST-2014-011 (CVE-2014-3566, POODLE).
   * Add a local gbp.conf for branch jessie
   * New patches for recent security issues (Closes: #771463):
     - AST-2014-012 (CVE-2014-8412): Mixed IP address families in ACLs
       may permit unwanted traffic
     - AST-2014-014 (CVE-2014-8414): High call load may result in hung
       channels in ConfBridge
     - AST-2014-017 (CVE-2014-8417): Mark CONFBRIDGE as a sensitive
       function for external APIs
     - AST-2014-018 (CVE-2014-8418): Mark DB as a sensitive function for
       external APIs
   * AST-2014-019.patch (CVE-2014-9374): Remote Crash Vulnerability in
     WebSocket Server (Closes: #773230).
   * sanity check to avoid changing the ABI hash.
Checksums-Sha1:
 1aeb994100d66e0ae77e0af0b1f3cda5415c6970 3812 asterisk_11.13.1~dfsg-2.dsc
 b92cbc689bcdac2741e0b454659f9ee814db75c0 8272825 asterisk_11.13.1~dfsg.orig.tar.gz
 520646ee880b970a216301f8887774e5c9780bde 105072 asterisk_11.13.1~dfsg-2.debian.tar.xz
 86d9f07a1f5d3e7cc260aba12b2564b4f7715c26 1663046 asterisk_11.13.1~dfsg-2_amd64.deb
 d5a7ab07064cd8c9e6bd289ed88486c42ecdc742 2129724 asterisk-modules_11.13.1~dfsg-2_amd64.deb
 80aeb0fc6227366f0c582bb18b3a1fe3e568f29a 704158 asterisk-dahdi_11.13.1~dfsg-2_amd64.deb
 12b49c6797192dfe6af4e58a4000f3169c717fc8 508036 asterisk-vpb_11.13.1~dfsg-2_amd64.deb
 a8f5b3d18daf432bf8fcfc49de72b2ac14679bde 563736 asterisk-voicemail_11.13.1~dfsg-2_amd64.deb
 bdbf9ef9ff01caaba01e4e0f1dfaaf6dc3a0f0df 579766 asterisk-voicemail-imapstorage_11.13.1~dfsg-2_amd64.deb
 468f2290d7bbc3519274f37dbd692bee4c9fa8b2 569862 asterisk-voicemail-odbcstorage_11.13.1~dfsg-2_amd64.deb
 6ad4a11519b16b05fb0b2f6da39b496c0b5f8563 818740 asterisk-ooh423_11.13.1~dfsg-2_amd64.deb
 44ce6f1a78ce831ebfabd38e2dffd78d78033948 503730 asterisk-mp3_11.13.1~dfsg-2_amd64.deb
 0e9da946229ec02243481923c8c801e8d745e80d 521754 asterisk-mysql_11.13.1~dfsg-2_amd64.deb
 a5241e4e7ca3ff93bebbea3d197138b069059d54 513984 asterisk-mobile_11.13.1~dfsg-2_amd64.deb
 877e716f21ec890a8beaa00e4908206a56f21fcb 2357822 asterisk-doc_11.13.1~dfsg-2_all.deb
 03dcd57368ecf7a46f2c996c93d9fb5903bf1d77 791342 asterisk-dev_11.13.1~dfsg-2_all.deb
 f73c70b840f40ec54842c4c62f44c8f7e23e8bd7 6475740 asterisk-dbg_11.13.1~dfsg-2_amd64.deb
 1d75d0a5499277d46417f05e9c0c8d2fedef0022 837472 asterisk-config_11.13.1~dfsg-2_all.deb
Checksums-Sha256:
 4c0ea63b08ff646baf4bb0309120335ba4d48ee9dc5c3a9343490318caf758dc 3812 asterisk_11.13.1~dfsg-2.dsc
 1dc9c544f10f1e54bb5264d0a64d7d0648d4ebf1200d7c494bd8beddbb8d30ef 8272825 asterisk_11.13.1~dfsg.orig.tar.gz
 9a1914d4d959296a3b4d2c6446391a48548d4ccd582287617e0d80f883acefaf 105072 asterisk_11.13.1~dfsg-2.debian.tar.xz
 7c9d9d09ed1541684193e9c07db24ba2313f8a65dcc77bfb21ba225175936881 1663046 asterisk_11.13.1~dfsg-2_amd64.deb
 e2f78e33ed1251e0830b734c3061f523aff9f8789d81c2b01c8ea20733e3f6fc 2129724 asterisk-modules_11.13.1~dfsg-2_amd64.deb
 9b0a0dc87c29a80b2bd513ced07eab149e64413eb7994205d77027f2e180757e 704158 asterisk-dahdi_11.13.1~dfsg-2_amd64.deb
 af7be968080ea8dbcc4d50de61e2025a7e5bc9d851d094ab2f0047424e0e4002 508036 asterisk-vpb_11.13.1~dfsg-2_amd64.deb
 8f3f1b6c2ac07c17e4bd65341ec275d31c16cebf4670111fd53ae3f08715e7a6 563736 asterisk-voicemail_11.13.1~dfsg-2_amd64.deb
 78d7e5382177aea53270fb80f5a3bfe8600482aeefb54ae999235917bd25cbec 579766 asterisk-voicemail-imapstorage_11.13.1~dfsg-2_amd64.deb
 8b2fc272b6b1257e2713380ac4615b2fcfaf95d3c5294369abf33a99a71f1b87 569862 asterisk-voicemail-odbcstorage_11.13.1~dfsg-2_amd64.deb
 42c2694ae49b9b9dd4b9352084000c56ca56b1f3e2163d1dc2f01fd4c41b7851 818740 asterisk-ooh423_11.13.1~dfsg-2_amd64.deb
 2425e522f5658b7030b8fbf009b26c21508a4d06b6ab2bcb105b4457ffa65f33 503730 asterisk-mp3_11.13.1~dfsg-2_amd64.deb
 7e1473c149dbdaf087cd2ca93bc34b118db37c52ea2184c846e6823f4f02b4ac 521754 asterisk-mysql_11.13.1~dfsg-2_amd64.deb
 18d08fda847d042353790a1433eb3d1f9730a5f12cfa94a3eb188fa8669bf5f5 513984 asterisk-mobile_11.13.1~dfsg-2_amd64.deb
 309939f214b6096be39ebd35765658af2152c8af24a5fc4399b56553a5c5bd1a 2357822 asterisk-doc_11.13.1~dfsg-2_all.deb
 613c7115b53a14054408ac60fedce79144aaa46f4ac98e259e5355b0f59c39a6 791342 asterisk-dev_11.13.1~dfsg-2_all.deb
 7ebcf5538c5269edd429eae185e29a923d1a17c6a411beba57683a89608b4966 6475740 asterisk-dbg_11.13.1~dfsg-2_amd64.deb
 888fdacc1f1412e16c9edffbe9d2761748d88f0f19c0fec6e57081c65936337d 837472 asterisk-config_11.13.1~dfsg-2_all.deb
Files:
 abf4d8f17a727147b18c833c9712ed0c 3812 comm optional asterisk_11.13.1~dfsg-2.dsc
 8bb1f117c65b7ef28ec466ae4015a0ea 8272825 comm optional asterisk_11.13.1~dfsg.orig.tar.gz
 a2ddad140f0cb05e60f7d88895941c1f 105072 comm optional asterisk_11.13.1~dfsg-2.debian.tar.xz
 63c8af1a6536791050f3b0a02a77963f 1663046 comm optional asterisk_11.13.1~dfsg-2_amd64.deb
 f4422001c58c1ca3e5ad94a72a1edc7e 2129724 libs optional asterisk-modules_11.13.1~dfsg-2_amd64.deb
 32c5aa9f1c8db5ba96f037a4f7710e78 704158 comm optional asterisk-dahdi_11.13.1~dfsg-2_amd64.deb
 3761d71edeb76f7f5f136e893a4c3783 508036 comm optional asterisk-vpb_11.13.1~dfsg-2_amd64.deb
 72bd2ea1d5d62daaa6b233ce33a90e8b 563736 comm optional asterisk-voicemail_11.13.1~dfsg-2_amd64.deb
 2770bac2aac20b90ca8c136b47f02aa9 579766 comm optional asterisk-voicemail-imapstorage_11.13.1~dfsg-2_amd64.deb
 a6c38b4f4002d52a789168b3f459ac02 569862 comm optional asterisk-voicemail-odbcstorage_11.13.1~dfsg-2_amd64.deb
 7fae2f6cab644e768527293ba5c5696f 818740 comm optional asterisk-ooh423_11.13.1~dfsg-2_amd64.deb
 7ea3c021a7dd5c4a584d040e55e7886f 503730 comm optional asterisk-mp3_11.13.1~dfsg-2_amd64.deb
 f9859786d68cf4b03e94598f164d7378 521754 comm optional asterisk-mysql_11.13.1~dfsg-2_amd64.deb
 e203846df505eeceb0776249f2eddd3c 513984 comm optional asterisk-mobile_11.13.1~dfsg-2_amd64.deb
 ee4745439d513ff47345de9a3c66ee55 2357822 doc extra asterisk-doc_11.13.1~dfsg-2_all.deb
 328a50ccf7666d591f506db6c9d8c7da 791342 devel extra asterisk-dev_11.13.1~dfsg-2_all.deb
 8d1998716eb450589f17b79455db59da 6475740 debug extra asterisk-dbg_11.13.1~dfsg-2_amd64.deb
 e08cebbf483f1a08e467c771e96627bf 837472 comm optional asterisk-config_11.13.1~dfsg-2_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQGcBAEBCAAGBQJUpIiaAAoJEI79TC8DJaDOe9AL/jBnqxZ0JJGEJ2nnetT/IoB4
NuFwJLeYpenelLHYfanvjbGfHifsfFVWHwYPSW6MgNaLGxlImq/QuAaffFvdpSJP
KZ24vmoigY/jozzu/R+/ioHkmgLQpw0VKRjuj+XOk3mZ2/L7HXOJYcckrLO5gB1L
ZqMc5T4UUKUvIA+gcI+bjked5zhtOymaKr6vGRd5KSoeACOOyWbf4IEfQTgGX2i/
2E1JZpxpH80txUmgSlEopflYdL6lDcDtCrprXaWyTqoU085Zfx24PxRfEJC/m5M5
t/LpUscd2LYlC4MqYTbckqHLqKivEuBw0WShIMc1iBdWDVL5url/w7tUSrB1cCvU
z5RzrK+Z4n+ACMJgu08fToWfoota1j7vH04+VX+5fiXZpwhNYcVZnDSyY41NQcFb
Zri68pmoXSJsNcEgsNRXZTk+U5d4g5JBxpo9zoBEwFeM59722gwW/viOtV3B2XpH
zibFUBZb6i2K+tE6MvSKChrk2WU1n07jKo12lVHfMg==
=Q5V7
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.