Debian has issued an advisory on April 9: https://www.debian.org/security/2018/dsa-4170 It looks like the issues are fixed upstream in 2.7.2. Upstream advisories for two of the issues are here: http://downloads.asterisk.org/pub/security/AST-2018-002.html http://downloads.asterisk.org/pub/security/AST-2018-003.html Mageia 5 and Mageia 6 are also affected.
Whiteboard: (none) => MGA6TOO
Assigning to the registered maintainer.
CC: (none) => marja11Assignee: bugsquad => rverschelde
Status comment: (none) => Fixed upstream in 2.7.2
I looked into updating this, but couldn't because of the rfc patch Jani added. One hunk of it doesn't apply because the code changed, and it's not obvious how to fix it.
CC: (none) => jani.valimaa
pjproject-2.7.2-1.mga7 uploaded for Cauldron by Jani.
Version: Cauldron => 6Whiteboard: MGA6TOO => (none)
Mageia 6 is EOL.
Status: NEW => RESOLVEDResolution: (none) => OLDCC: (none) => mrambo