asterisk 1:1.6.2.9-2ubuntu2.1 source package in Ubuntu
Changelog
asterisk (1:1.6.2.9-2ubuntu2.1) natty-security; urgency=low * SECURITY UPDATE: denial of service and possible code exection via crafted UDPTL packet - debian/patches/AST-2011-002-1.6.2.diff: properly calculate lengths in main/udptl.c. - CVE-2011-1147 * SECURITY UPDATE: denial of service via manager session with invalid data - debian/patches/AST-2011-003-1.6.2.diff: check for errors in main/manager.c. - CVE-2011-1174 * SECURITY UPDATE: denial of service via many short TLS sessions - debian/patches/AST-2011-004-1.6.2.diff: gracefully handle failures in main/tcptls.c. - CVE-2011-1175 * SECURITY UPDATE: denial of service via a series of TCP connections - debian/patches/AST-2011-005-1.6.2.diff: add timeouts and session limits to main/manager.c, configs/manager.conf.sample, channels/chan_sip.c, channels/chan_skinny.c, main/http.c, configs/{skinny,sip,http}.conf.sample. - CVE-2011-1507 * SECURITY UPDATE: remote command execution via incomplete system privilege check - debian/patches/AST-2011-006-1.6.2.diff: correctly check privileges in main/manager.c. - CVE-2011-1599 * SECURITY UPDATE: denial of service via crafted packet and SIP channel driver - debian/patches/AST-2011-008.diff: set proper length in channels/chan_sip.c. - CVE-2011-2529 * SECURITY UPDATE: denial of service and possible code execution via IAX2 channel driver crafted frame - debian/patches/AST-2011-010-1.6.2.diff: validate options in channels/chan_iax2.c, main/features.c. - CVE-2011-2535 * SECURITY UPDATE: account name enumeration - debian/patches/AST-2011-011-1.6.2.diff: adjust responses in channels/chan_sip.c. - CVE-2011-2536 -- Marc Deslauriers <email address hidden> Tue, 12 Jul 2011 14:38:08 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Natty
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- comm
- Urgency:
- Low Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
asterisk_1.6.2.9.orig.tar.gz | 22.5 MiB | 109a8f29bd08844d9310435fb944908e6ada60e36917f2a3ed800c266a08bc1c |
asterisk_1.6.2.9-2ubuntu2.1.debian.tar.gz | 84.5 KiB | 06b0acf230b28f784ce966ff72a419e46496b3d1195a1e266fa1e9b51ad908ae |
asterisk_1.6.2.9-2ubuntu2.1.dsc | 2.7 KiB | a8162bdf809ee7f93b64e6074390a5bff350047c1835a86fda3e99eb0da9d566 |
Available diffs
Binary packages built by this source
- asterisk: No summary available for asterisk in ubuntu natty.
No description available for asterisk in ubuntu natty.
- asterisk-config: No summary available for asterisk-config in ubuntu natty.
No description available for asterisk-config in ubuntu natty.
- asterisk-dbg: No summary available for asterisk-dbg in ubuntu natty.
No description available for asterisk-dbg in ubuntu natty.
- asterisk-dev: No summary available for asterisk-dev in ubuntu natty.
No description available for asterisk-dev in ubuntu natty.
- asterisk-doc: No summary available for asterisk-doc in ubuntu natty.
No description available for asterisk-doc in ubuntu natty.
- asterisk-h323: No summary available for asterisk-h323 in ubuntu natty.
No description available for asterisk-h323 in ubuntu natty.
- asterisk-sounds-main: No summary available for asterisk-sounds-main in ubuntu natty.
No description available for asterisk-
sounds- main in ubuntu natty.