FEDORA-EPEL-2011-3141 created by jcollie 10 years ago for Fedora EPEL 6
stable

The Asterisk Development Team has announced security releases for Asterisk branches 1.4, 1.6.1, 1.6.2, and 1.8. The available security releases are released as versions 1.4.40.1, 1.6.1.25, 1.6.2.17.3, and 1.8.3.3.

These releases are available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/releases

The releases of Asterisk 1.4.40.1, 1.6.1.25, 1.6.2.17.3, and 1.8.3.3 resolve two issues:

  • File Descriptor Resource Exhaustion (AST-2011-005)
  • Asterisk Manager User Shell Access (AST-2011-006)

The issues and resolutions are described in the AST-2011-005 and AST-2011-006 security advisories.

For more information about the details of these vulnerabilities, please read the security advisories AST-2011-005 and AST-2011-006, which were released at the same time as this announcement.

For a full list of changes in the current releases, please see the ChangeLog:

http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.4.40.1 http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.1.25 http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.17.3 http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.3.3

Security advisory AST-2011-005 and AST-2011-006 are available at:

http://downloads.asterisk.org/pub/security/AST-2011-005.pdf http://downloads.asterisk.org/pub/security/AST-2011-006.pdf

This update has been submitted for testing by jcollie.

10 years ago

This update has been pushed to testing

10 years ago

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

10 years ago

This update has been submitted for stable by jcollie.

10 years ago

This update has been pushed to stable

10 years ago

Please login to add feedback.

Metadata
Type
security
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
10 years ago
in testing
10 years ago
in stable
10 years ago
BZ#698916 CVE-2011-1507 Asterisk: file descriptor resource exhaustion (AST-2011-005)
0
0
BZ#698917 CVE-2011-1599 Asterisk: Shell command execution via manager Originate action (AST-2011-006)
0
0
BZ#698918 CVE-2011-1507 CVE-2011-1599 asterisk various flaws [fedora-all]
0
0
BZ#698919 CVE-2011-1507 CVE-2011-1599 asterisk various flaws [epel-6]
0
0

Automated Test Results