User: Password:
|
|
Subscribe / Log in / New account

Fedora alert FEDORA-2014-3779 (asterisk)

From:  updates@fedoraproject.org
To:  package-announce@lists.fedoraproject.org
Subject:  [SECURITY] Fedora 19 Update: asterisk-11.8.1-1.fc19
Date:  Fri, 21 Mar 2014 09:29:33 +0000
Message-ID:  <20140321092933.5B9ED21CF3@bastion01.phx2.fedoraproject.org>

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2014-3779 2014-03-12 09:20:13 -------------------------------------------------------------------------------- Name : asterisk Product : Fedora 19 Version : 11.8.1 Release : 1.fc19 URL : http://www.asterisk.org/ Summary : The Open Source PBX Description : Asterisk is a complete PBX in software. It runs on Linux and provides all of the features you would expect from a PBX and more. Asterisk does voice over IP in three protocols, and can interoperate with almost all standards-based telephony equipment using relatively inexpensive hardware. -------------------------------------------------------------------------------- Update Information: The Asterisk Development Team has announced security releases for Certified Asterisk 1.8.15, 11.6, and Asterisk 1.8, 11, and 12. The available security releases are released as versions 1.8.15-cert5, 11.6-cert2, 1.8.26.1, 11.8.1, and 12.1.1. These releases are available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/rele... The release of these versions resolve the following issues: * AST-2014-001: Stack overflow in HTTP processing of Cookie headers. Sending a HTTP request that is handled by Asterisk with a large number of Cookie headers could overflow the stack. Another vulnerability along similar lines is any HTTP request with a ridiculous number of headers in the request could exhaust system memory. * AST-2014-002: chan_sip: Exit early on bad session timers request This change allows chan_sip to avoid creation of the channel and consumption of associated file descriptors altogether if the inbound request is going to be rejected anyway. Additionally, the release of 12.1.1 resolves the following issue: * AST-2014-003: res_pjsip: When handling 401/407 responses don't assume a request will have an endpoint. This change removes the assumption that an outgoing request will always have an endpoint and makes the authenticate_qualify option work once again. Finally, a security advisory, AST-2014-004, was released for a vulnerability fixed in Asterisk 12.1.0. Users of Asterisk 12.0.0 are encouraged to upgrade to 12.1.1 to resolve both vulnerabilities. These issues and their resolutions are described in the security advisories. For more information about the details of these vulnerabilities, please read security advisories AST-2014-001, AST-2014-002, AST-2014-003, and AST-2014-004, which were released at the same time as this announcement. For a full list of changes in the current releases, please see the ChangeLogs: http://downloads.asterisk.org/pub/telephony/certified-ast... http://downloads.asterisk.org/pub/telephony/asterisk/rele... http://downloads.asterisk.org/pub/telephony/certified-ast... http://downloads.asterisk.org/pub/telephony/asterisk/rele... http://downloads.asterisk.org/pub/telephony/asterisk/rele... The security advisories are available at: * http://downloads.asterisk.org/pub/security/AST-2014-001.pdf * http://downloads.asterisk.org/pub/security/AST-2014-002.pdf * http://downloads.asterisk.org/pub/security/AST-2014-003.pdf * http://downloads.asterisk.org/pub/security/AST-2014-004.pdf The Asterisk Development Team has announced the release of Asterisk 11.8.0. This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk The release of Asterisk 11.8.0 resolves several issues reported by the community and would have not been possible without your participation. Thank you! The following are the issues resolved in this release: Bugs fixed in this release: ----------------------------------- * ASTERISK-22544 - Italian prompt vm-options has advertisement in it (Reported by Rusty Newton) * ASTERISK-21383 - STUN Binding Requests Not Being Sent Back from Asterisk to Chrome (Reported by Shaun Clark) * ASTERISK-22478 - [patch]Can't use pound(hash) symbol for custom DTMF menus in ConfBridge (processed as directive) (Reported by Nicolas Tanski) * ASTERISK-12117 - chan_sip creates a new local tag (from-tag) for every register message (Reported by Pawel Pierscionek) * ASTERISK-20862 - Asterisk min and max member penalties not honored when set with 0 (Reported by Schmooze Com) * ASTERISK-22746 - [patch]Crash in chan_dahdi during caller id read (Reported by Michael Walton) * ASTERISK-22788 - [patch] main/translate.c: access to variable f after free in ast_translate() (Reported by Corey Farrell) * ASTERISK-21242 - Segfault when T.38 re-invite retransmission receives 200 OK (Reported by Ashley Winters) * ASTERISK-22590 - BufferOverflow in unpacksms16() when receiving 16 bit multipart SMS with app_sms (Reported by Jan Juergens) * ASTERISK-22905 - Prevent Asterisk functions that are 'dangerous' from being executed from external interfaces (Reported by Matt Jordan) * ASTERISK-23021 - Typos in code : "avaliable" instead of "available" (Reported by Jeremy Lainé) * ASTERISK-22970 - [patch]Documentation fix for QUOTE() (Reported by Gareth Palmer) * ASTERISK-21960 - ooh323 channels stuck (Reported by Dmitry Melekhov) * ASTERISK-22350 - DUNDI - core dump on shutdown - segfault in sqlite3_reset from /usr/lib/libsqlite3.so.0 (Reported by Birger "WIMPy" Harzenetter) * ASTERISK-22942 - [patch] - Asterisk crashed after Set(FAXOPT(faxdetect)=t38) (Reported by adomjan) * ASTERISK-22856 - [patch]SayUnixTime in polish reads minutes instead of seconds (Reported by Robert Mordec) * ASTERISK-22854 - [patch] - Deadlock between cel_pgsql unload and core_event_dispatcher taskprocessor thread (Reported by Etienne Lessard) * ASTERISK-22910 - [patch] - REPLACE() calls strcpy on overlapping memory when <replace-char> is empty (Reported by Gareth Palmer) * ASTERISK-22871 - cel_pgsql module not loading after "reload" or "reload cel_pgsql.so" command (Reported by Matteo) * ASTERISK-23084 - [patch]rasterisk needlessly prints the AST-2013-007 warning (Reported by Tzafrir Cohen) * ASTERISK-17138 - [patch] Asterisk not re-registering after it receives "Forbidden - wrong password on authentication" (Reported by Rudi) * ASTERISK-23011 - [patch]configure.ac and pbx_lua don't support lua 5.2 (Reported by George Joseph) * ASTERISK-22834 - Parking by blind transfer when lot full orphans channels (Reported by rsw686) * ASTERISK-23047 - Orphaned (stuck) channel occurs during a failed SIP transfer to parking space (Reported by Tommy Thompson) * ASTERISK-22946 - Local From tag regression with sipgate.de (Reported by Stephan Eisvogel) * ASTERISK-23010 - No BYE message sent when sip INVITE is received (Reported by Ryan Tilton) * ASTERISK-23135 - Crash - segfault in ast_channel_hangupcause_set - probably introduced in 11.7.0 (Reported by OK) Improvements made in this release: ----------------------------------- * ASTERISK-22728 - [patch] Improve Understanding Of 'Forcerport' When Running "sip show peers" (Reported by Michael L. Young) * ASTERISK-22659 - Make a new core and extra sounds release (Reported by Rusty Newton) * ASTERISK-22919 - core show channeltypes slicing (Reported by outtolunc) * ASTERISK-22918 - dahdi show channels slices PRI channel dnid on output (Reported by outtolunc) For a full list of changes in this release, please see the ChangeLog: http://downloads.asterisk.org/pub/telephony/asterisk/Chan... The Asterisk Development Team has announced the release of Asterisk 11.8.0. This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk The release of Asterisk 11.8.0 resolves several issues reported by the community and would have not been possible without your participation. Thank you! The following are the issues resolved in this release: Bugs fixed in this release: ----------------------------------- * ASTERISK-22544 - Italian prompt vm-options has advertisement in it (Reported by Rusty Newton) * ASTERISK-21383 - STUN Binding Requests Not Being Sent Back from Asterisk to Chrome (Reported by Shaun Clark) * ASTERISK-22478 - [patch]Can't use pound(hash) symbol for custom DTMF menus in ConfBridge (processed as directive) (Reported by Nicolas Tanski) * ASTERISK-12117 - chan_sip creates a new local tag (from-tag) for every register message (Reported by Pawel Pierscionek) * ASTERISK-20862 - Asterisk min and max member penalties not honored when set with 0 (Reported by Schmooze Com) * ASTERISK-22746 - [patch]Crash in chan_dahdi during caller id read (Reported by Michael Walton) * ASTERISK-22788 - [patch] main/translate.c: access to variable f after free in ast_translate() (Reported by Corey Farrell) * ASTERISK-21242 - Segfault when T.38 re-invite retransmission receives 200 OK (Reported by Ashley Winters) * ASTERISK-22590 - BufferOverflow in unpacksms16() when receiving 16 bit multipart SMS with app_sms (Reported by Jan Juergens) * ASTERISK-22905 - Prevent Asterisk functions that are 'dangerous' from being executed from external interfaces (Reported by Matt Jordan) * ASTERISK-23021 - Typos in code : "avaliable" instead of "available" (Reported by Jeremy Lainé) * ASTERISK-22970 - [patch]Documentation fix for QUOTE() (Reported by Gareth Palmer) * ASTERISK-21960 - ooh323 channels stuck (Reported by Dmitry Melekhov) * ASTERISK-22350 - DUNDI - core dump on shutdown - segfault in sqlite3_reset from /usr/lib/libsqlite3.so.0 (Reported by Birger "WIMPy" Harzenetter) * ASTERISK-22942 - [patch] - Asterisk crashed after Set(FAXOPT(faxdetect)=t38) (Reported by adomjan) * ASTERISK-22856 - [patch]SayUnixTime in polish reads minutes instead of seconds (Reported by Robert Mordec) * ASTERISK-22854 - [patch] - Deadlock between cel_pgsql unload and core_event_dispatcher taskprocessor thread (Reported by Etienne Lessard) * ASTERISK-22910 - [patch] - REPLACE() calls strcpy on overlapping memory when <replace-char> is empty (Reported by Gareth Palmer) * ASTERISK-22871 - cel_pgsql module not loading after "reload" or "reload cel_pgsql.so" command (Reported by Matteo) * ASTERISK-23084 - [patch]rasterisk needlessly prints the AST-2013-007 warning (Reported by Tzafrir Cohen) * ASTERISK-17138 - [patch] Asterisk not re-registering after it receives "Forbidden - wrong password on authentication" (Reported by Rudi) * ASTERISK-23011 - [patch]configure.ac and pbx_lua don't support lua 5.2 (Reported by George Joseph) * ASTERISK-22834 - Parking by blind transfer when lot full orphans channels (Reported by rsw686) * ASTERISK-23047 - Orphaned (stuck) channel occurs during a failed SIP transfer to parking space (Reported by Tommy Thompson) * ASTERISK-22946 - Local From tag regression with sipgate.de (Reported by Stephan Eisvogel) * ASTERISK-23010 - No BYE message sent when sip INVITE is received (Reported by Ryan Tilton) * ASTERISK-23135 - Crash - segfault in ast_channel_hangupcause_set - probably introduced in 11.7.0 (Reported by OK) Improvements made in this release: ----------------------------------- * ASTERISK-22728 - [patch] Improve Understanding Of 'Forcerport' When Running "sip show peers" (Reported by Michael L. Young) * ASTERISK-22659 - Make a new core and extra sounds release (Reported by Rusty Newton) * ASTERISK-22919 - core show channeltypes slicing (Reported by outtolunc) * ASTERISK-22918 - dahdi show channels slices PRI channel dnid on output (Reported by outtolunc) For a full list of changes in this release, please see the ChangeLog: http://downloads.asterisk.org/pub/telephony/asterisk/Chan... -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 11 2014 Jeffrey Ollie <jeff@ocjtech.us> - 11.8.1-1: - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.15, 11.6, and Asterisk 1.8, 11, and 12. The available security - releases are released as versions 1.8.15-cert5, 11.6-cert2, 1.8.26.1, 11.8.1, - and 12.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/rele... - - The release of these versions resolve the following issues: - - * AST-2014-001: Stack overflow in HTTP processing of Cookie headers. - - Sending a HTTP request that is handled by Asterisk with a large number of - Cookie headers could overflow the stack. - - Another vulnerability along similar lines is any HTTP request with a - ridiculous number of headers in the request could exhaust system memory. - - * AST-2014-002: chan_sip: Exit early on bad session timers request - - This change allows chan_sip to avoid creation of the channel and - consumption of associated file descriptors altogether if the inbound - request is going to be rejected anyway. - - Additionally, the release of 12.1.1 resolves the following issue: - - * AST-2014-003: res_pjsip: When handling 401/407 responses don't assume a - request will have an endpoint. - - This change removes the assumption that an outgoing request will always - have an endpoint and makes the authenticate_qualify option work once again. - - Finally, a security advisory, AST-2014-004, was released for a vulnerability - fixed in Asterisk 12.1.0. Users of Asterisk 12.0.0 are encouraged to upgrade to - 12.1.1 to resolve both vulnerabilities. - - These issues and their resolutions are described in the security advisories. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-001, AST-2014-002, AST-2014-003, and AST-2014-004, - which were released at the same time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-ast... - http://downloads.asterisk.org/pub/telephony/asterisk/rele... - http://downloads.asterisk.org/pub/telephony/certified-ast... - http://downloads.asterisk.org/pub/telephony/asterisk/rele... - http://downloads.asterisk.org/pub/telephony/asterisk/rele... - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-002.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-003.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-004.pdf * Tue Mar 4 2014 Jeffrey Ollie <jeff@ocjtech.us> - 11.8.0-1: - The Asterisk Development Team has announced the release of Asterisk 11.8.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.8.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-22544 - Italian prompt vm-options has advertisement in - it (Reported by Rusty Newton) - * ASTERISK-21383 - STUN Binding Requests Not Being Sent Back from - Asterisk to Chrome (Reported by Shaun Clark) - * ASTERISK-22478 - [patch]Can't use pound(hash) symbol for custom - DTMF menus in ConfBridge (processed as directive) (Reported by - Nicolas Tanski) - * ASTERISK-12117 - chan_sip creates a new local tag (from-tag) for - every register message (Reported by Pawel Pierscionek) - * ASTERISK-20862 - Asterisk min and max member penalties not - honored when set with 0 (Reported by Schmooze Com) - * ASTERISK-22746 - [patch]Crash in chan_dahdi during caller id - read (Reported by Michael Walton) - * ASTERISK-22788 - [patch] main/translate.c: access to variable f - after free in ast_translate() (Reported by Corey Farrell) - * ASTERISK-21242 - Segfault when T.38 re-invite retransmission - receives 200 OK (Reported by Ashley Winters) - * ASTERISK-22590 - BufferOverflow in unpacksms16() when receiving - 16 bit multipart SMS with app_sms (Reported by Jan Juergens) - * ASTERISK-22905 - Prevent Asterisk functions that are 'dangerous' - from being executed from external interfaces (Reported by Matt - Jordan) - * ASTERISK-23021 - Typos in code : "avaliable" instead of - "available" (Reported by Jeremy Lainé) - * ASTERISK-22970 - [patch]Documentation fix for QUOTE() (Reported - by Gareth Palmer) - * ASTERISK-21960 - ooh323 channels stuck (Reported by Dmitry - Melekhov) - * ASTERISK-22350 - DUNDI - core dump on shutdown - segfault in - sqlite3_reset from /usr/lib/libsqlite3.so.0 (Reported by Birger - "WIMPy" Harzenetter) - * ASTERISK-22942 - [patch] - Asterisk crashed after - Set(FAXOPT(faxdetect)=t38) (Reported by adomjan) - * ASTERISK-22856 - [patch]SayUnixTime in polish reads minutes - instead of seconds (Reported by Robert Mordec) - * ASTERISK-22854 - [patch] - Deadlock between cel_pgsql unload and - core_event_dispatcher taskprocessor thread (Reported by Etienne - Lessard) - * ASTERISK-22910 - [patch] - REPLACE() calls strcpy on overlapping - memory when <replace-char> is empty (Reported by Gareth Palmer) - * ASTERISK-22871 - cel_pgsql module not loading after "reload" or - "reload cel_pgsql.so" command (Reported by Matteo) - * ASTERISK-23084 - [patch]rasterisk needlessly prints the - AST-2013-007 warning (Reported by Tzafrir Cohen) - * ASTERISK-17138 - [patch] Asterisk not re-registering after it - receives "Forbidden - wrong password on authentication" - (Reported by Rudi) - * ASTERISK-23011 - [patch]configure.ac and pbx_lua don't support - lua 5.2 (Reported by George Joseph) - * ASTERISK-22834 - Parking by blind transfer when lot full orphans - channels (Reported by rsw686) - * ASTERISK-23047 - Orphaned (stuck) channel occurs during a failed - SIP transfer to parking space (Reported by Tommy Thompson) - * ASTERISK-22946 - Local From tag regression with sipgate.de - (Reported by Stephan Eisvogel) - * ASTERISK-23010 - No BYE message sent when sip INVITE is received - (Reported by Ryan Tilton) - * ASTERISK-23135 - Crash - segfault in ast_channel_hangupcause_set - - probably introduced in 11.7.0 (Reported by OK) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-22728 - [patch] Improve Understanding Of 'Forcerport' - When Running "sip show peers" (Reported by Michael L. Young) - * ASTERISK-22659 - Make a new core and extra sounds release - (Reported by Rusty Newton) - * ASTERISK-22919 - core show channeltypes slicing (Reported by - outtolunc) - * ASTERISK-22918 - dahdi show channels slices PRI channel dnid on - output (Reported by outtolunc) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/Chan... * Sat Dec 28 2013 Jeffrey Ollie <jeff@ocjtech.us> - 11.7.0-1: - The Asterisk Development Team has announced the release of Asterisk 11.7.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.7.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following is a sample of the issues resolved in this release: - - * --- app_confbridge: Can now set the language used for announcements - to the conference. - (Closes issue ASTERISK-19983. Reported by Jonathan White) - - * --- app_queue: Fix CLI "queue remove member" queue_log entry. - (Closes issue ASTERISK-21826. Reported by Oscar Esteve) - - * --- chan_sip: Do not increment the SDP version between 183 and 200 - responses. - (Closes issue ASTERISK-21204. Reported by NITESH BANSAL) - - * --- chan_sip: Allow a sip peer to accept both AVP and AVPF calls - (Closes issue ASTERISK-22005. Reported by Torrey Searle) - - * --- chan_sip: Fix Realtime Peer Update Problem When Un-registering - And Expires Header In 200ok - (Closes issue ASTERISK-22428. Reported by Ben Smithurst) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/Chan... * Sat Dec 28 2013 Jeffrey Ollie <jeff@ocjtech.us> - 11.6.1-1: - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.15, 11.2, and Asterisk 1.8, 10, and 11. The available security - releases are released as versions 1.8.15-cert4, 11.2-cert3, 1.8.24.1, 10.12.4, - 10.12.4-digiumphones, and 11.6.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/rele... - - The release of these versions resolve the following issues: - - * A buffer overflow when receiving odd length 16 bit messages in app_sms. An - infinite loop could occur which would overwrite memory when a message is - received into the unpacksms16() function and the length of the message is an - odd number of bytes. - - * Prevent permissions escalation in the Asterisk Manager Interface. Asterisk - now marks certain individual dialplan functions as 'dangerous', which will - inhibit their execution from external sources. - - A 'dangerous' function is one which results in a privilege escalation. For - example, if one were to read the channel variable SHELL(rm -rf /) Bad - Things(TM) could happen; even if the external source has only read - permissions. - - Execution from external sources may be enabled by setting 'live_dangerously' - to 'yes' in the [options] section of asterisk.conf. Although doing so is not - recommended. - - These issues and their resolutions are described in the security advisories. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2013-006 and AST-2013-007, which were - released at the same time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-ast... - http://downloads.asterisk.org/pub/telephony/certified-ast... - http://downloads.asterisk.org/pub/telephony/asterisk/rele... - http://downloads.asterisk.org/pub/telephony/asterisk/rele... - http://downloads.asterisk.org/pub/telephony/asterisk/rele... - http://downloads.asterisk.org/pub/telephony/asterisk/rele... - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2013-006.pdf - * http://downloads.asterisk.org/pub/security/AST-2013-007.pdf * Sat Dec 28 2013 Jeffrey Ollie <jeff@ocjtech.us> - 11.6.0-1: - The Asterisk Development Team has announced the release of Asterisk 11.6.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.6.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following is a sample of the issues resolved in this release: - - * --- Confbridge: empty conference not being torn down - (Closes issue ASTERISK-21859. Reported by Chris Gentle) - - * --- Let Queue wrap up time influence member availability - (Closes issue ASTERISK-22189. Reported by Tony Lewis) - - * --- Fix a longstanding issue with MFC-R2 configuration that - prevented users - (Closes issue ASTERISK-21117. Reported by Rafael Angulo) - - * --- chan_iax2: Fix saving the wrong expiry time in astdb. - (Closes issue ASTERISK-22504. Reported by Stefan Wachtler) - - * --- Fix segfault for certain invalid WebSocket input. - (Closes issue ASTERISK-21825. Reported by Alfred Farrugia) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/Chan... * Mon Oct 21 2013 Jeffrey Ollie <jeff@ocjtech.us> - 11.5.1-3: - Disable hardened build, as it's apparently causing problems loading modules. * Thu Aug 29 2013 Jeffrey Ollie <jeff@ocjtech.us> - 11.5.1-2: - Enable hardened build BZ#954338 - Significant clean ups * Thu Aug 29 2013 Jeffrey Ollie <jeff@ocjtech.us> - 11.5.1-1: - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.15, 11.2, and Asterisk 1.8, 10, and 11. The available security releases - are released as versions 1.8.15-cert2, 11.2-cert2, 1.8.23.1, 10.12.3, 10.12.3-digiumphones, - and 11.5.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/rele... - - The release of these versions resolve the following issues: - - * A remotely exploitable crash vulnerability exists in the SIP channel driver if - an ACK with SDP is received after the channel has been terminated. The - handling code incorrectly assumes that the channel will always be present. - - * A remotely exploitable crash vulnerability exists in the SIP channel driver if - an invalid SDP is sent in a SIP request that defines media descriptions before - connection information. The handling code incorrectly attempts to reference - the socket address information even though that information has not yet been - set. - - These issues and their resolutions are described in the security advisories. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2013-004 and AST-2013-005, which were - released at the same time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-ast... - http://downloads.asterisk.org/pub/telephony/certified-ast... - http://downloads.asterisk.org/pub/telephony/asterisk/rele... - http://downloads.asterisk.org/pub/telephony/asterisk/rele... - http://downloads.asterisk.org/pub/telephony/asterisk/rele... - http://downloads.asterisk.org/pub/telephony/asterisk/rele... - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2013-004.pdf - * http://downloads.asterisk.org/pub/security/AST-2013-005.pdf - - The Asterisk Development Team has announced the release of Asterisk 11.5.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.5.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following is a sample of the issues resolved in this release: - - * --- Fix Segfault In app_queue When "persistentmembers" Is Enabled - And Using Realtime - (Closes issue ASTERISK-21738. Reported by JoshE) - - * --- IAX2: fix race condition with nativebridge transfers. - (Closes issue ASTERISK-21409. Reported by alecdavis) - - * --- Fix The Payload Being Set On CN Packets And Do Not Set Marker - Bit - (Closes issue ASTERISK-21246. Reported by Peter Katzmann) - - * --- Fix One-Way Audio With auto_* NAT Settings When SIP Calls - Initiated By PBX - (Closes issue ASTERISK-21374. Reported by Michael L. Young) - - * --- chan_sip: NOTIFYs for BLF start queuing up and fail to be sent - out after retries fail - (Closes issue ASTERISK-21677. Reported by Dan Martens) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/Chan... * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 11.4.0-2.2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Wed Jul 17 2013 Petr Pisar <ppisar@redhat.com> - 11.4.0-2.1 - Perl 5.18 rebuild * Fri May 24 2013 Rex Dieter <rdieter@fedoraproject.org> 11.4.0-2 - rebuild (libical) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1074825 - CVE-2014-2286 asterisk: cookie processing stack overflow (AST-2014-001) https://bugzilla.redhat.com/show_bug.cgi?id=1074825 [ 2 ] Bug #1074827 - CVE-2014-2287 asterisk: remote denial of service via file descriptor exhaustion (AST-2014-002) https://bugzilla.redhat.com/show_bug.cgi?id=1074827 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update asterisk' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-...


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds