Version in base suite: 16.28.0~dfsg-0+deb11u2

Base version: asterisk_16.28.0~dfsg-0+deb11u2
Target version: asterisk_16.28.0~dfsg-0+deb11u3
Base file: /srv/ftp-master.debian.org/ftp/pool/main/a/asterisk/asterisk_16.28.0~dfsg-0+deb11u2.dsc
Target file: /srv/ftp-master.debian.org/policy/pool/main/a/asterisk/asterisk_16.28.0~dfsg-0+deb11u3.dsc

 /srv/release.debian.org/tmp/TzwIC_ccY5/asterisk-16.28.0~dfsg/debian/pjproject_2.12.1~dfsg.orig.tar.bz2 |binary
 asterisk-16.28.0~dfsg/debian/changelog                                                                 |   14 ++++++++++
 2 files changed, 14 insertions(+)

diff -Nru asterisk-16.28.0~dfsg/debian/changelog asterisk-16.28.0~dfsg/debian/changelog
--- asterisk-16.28.0~dfsg/debian/changelog	2023-02-22 22:11:00.000000000 +0000
+++ asterisk-16.28.0~dfsg/debian/changelog	2023-06-22 12:47:22.000000000 +0000
@@ -1,3 +1,17 @@
+asterisk (1:16.28.0~dfsg-0+deb11u3) bullseye-security; urgency=high
+
+  * Non-maintainer upload.
+  * Fix CVE-2023-27585:
+    A flaw was found in Asterisk, an Open Source Private Branch Exchange. A
+    buffer overflow vulnerability affects users that use PJSIP DNS resolver.
+    This vulnerability is related to CVE-2022-24793. The difference is that
+    this issue is in parsing the query record `parse_query()`, while the issue
+    in CVE-2022-24793 is in `parse_rr()`. A workaround is to disable DNS
+    resolution in PJSIP config (by setting `nameserver_count` to zero) or use
+    an external resolver implementation instead.
+
+ -- Markus Koschany <apo@debian.org>  Thu, 22 Jun 2023 14:47:22 +0200
+
 asterisk (1:16.28.0~dfsg-0+deb11u2) bullseye-security; urgency=high
 
   * Non-maintainer upload by the LTS team.
Binary files /srv/release.debian.org/tmp/PxUt668PIS/asterisk-16.28.0~dfsg/debian/pjproject_2.12.1~dfsg.orig.tar.bz2 and /srv/release.debian.org/tmp/TzwIC_ccY5/asterisk-16.28.0~dfsg/debian/pjproject_2.12.1~dfsg.orig.tar.bz2 differ