FEDORA-EPEL-2011-2891 created by jcollie 10 years ago for Fedora EPEL 6
stable

The Asterisk Development Team has announced security releases for Asterisk branches 1.6.1, 1.6.2, and 1.8. The available security releases are released as versions 1.6.1.24, 1.6.2.17.2, and 1.8.3.2. These releases are available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/releases ** This is a re-release of Asterisk 1.6.1.23, 1.6.2.17.1 and 1.8.3.1 which contained a bug which caused duplicate manager entries (issue #18987). The releases of Asterisk 1.6.1.24, 1.6.2.17.2, and 1.8.3.2 resolve two issues: * Resource exhaustion in Asterisk Manager Interface (AST-2011-003) * Remote crash vulnerability in TCP/TLS server (AST-2011-004) The issues and resolutions are described in the AST-2011-003 and AST-2011-004 security advisories. For more information about the details of these vulnerabilities, please read the security advisories AST-2011-003 and AST-2011-004, which were released at the same time as this announcement. For a full list of changes in the current releases, please see the ChangeLog: http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.1.24 http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.17.2 http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.3.2 Security advisory AST-2011-003 and AST-2011-004 are available at: http://downloads.asterisk.org/pub/security/AST-2011-003.pdf http://downloads.asterisk.org/pub/security/AST-2011-004.pdf

This update has been submitted for testing by jcollie.

10 years ago

This update has been pushed to testing

10 years ago

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

10 years ago

This update has been submitted for stable by jcollie.

10 years ago

This update has been pushed to stable

10 years ago

Please login to add feedback.

Metadata
Type
security
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
10 years ago
in testing
10 years ago
in stable
10 years ago
BZ#688675 CVE-2011-1174 asterisk: resource exhaustion in Asterisk Manager Interface (AST-2011-003)
0
0
BZ#688678 CVE-2011-1175 asterisk: DoS in TCP/TLS server due to NULL ptr deref (AST-2011-004)
0
0

Automated Test Results