[asterisk-users] Asterisk 13.19.0 Now Available
Joshua Colp
jcolp at digium.com
Fri Jan 12 13:27:50 CST 2018
On Fri, Jan 12, 2018, at 3:02 PM, Binarus wrote:
> Thanks for taking the time, but ...
>
> On 12.01.2018 12:04, Joshua Colp wrote:
>
> >> Could this be one of the rare cases where 13 and 15 needed security
> >> fixes, but 14 didn't?
> >
> > These are normal bug fix releases, not security releases. As such 14 did not receive a release.
> >
>
> Interesting. The announcements for 13.19.0 and 15.2.0 you have made here
> both list all issues which have been fixed in the section "Bugs fixed in
> this release". However,
>
> ASTERISK-27480
> ASTERISK-27452
> ASTERISK-27337
> ASTERISK-27319
>
> seem to be security related (according to the short explanation texts in
> the announcements) and have been fixed both in 15.2.0 and 13.19.0.
>
> I am wondering why 14 does not suffer from them, or -if it suffers from
> them- why they are not considered security related there.
>
> I highly respect your work and don't want to steal your time since I
> have probably seriously misunderstood something, but could you please
> shortly explain what the string "Security: " (aka "(Security)" and with
> other wordings) at the beginning of the short explanation text for an
> issue exactly means?
If you check those specific issues on JIRA you can see the specific releases they went into. They were also done in 14 as part of the past security releases so they were still fixed there. The script just may not have been run with the proper arguments to generate things correctly.
--
Joshua Colp
Digium, Inc. | Senior Software Developer
445 Jan Davis Drive NW - Huntsville, AL 35806 - US
Check us out at: www.digium.com & www.asterisk.org
More information about the asterisk-users
mailing list