[Bug 269387] New: Multiple security holes in Asterisk
https://bugzilla.novell.com/show_bug.cgi?id=269387 Summary: Multiple security holes in Asterisk Product: openSUSE 10.2 Version: Final Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security AssignedTo: security-team@suse.de ReportedBy: martin@gamesplace.info QAContact: qa@suse.de Multiple security holes have been fixed in Asterisk 1.2.18. These are: http://lists.grok.org.uk/pipermail/full- disclosure/2007-April/053969.html http://lists.grok.org.uk/pipermail/full- disclosure/2007-April/053967.html http://lists.grok.org.uk/pipermail/full- disclosure/2007-April/053968.html -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=269387 martin@gamesplace.info changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |martin@gamesplace.info ------- Comment #1 from martin@gamesplace.info 2007-04-27 11:02 MST ------- ASA-2007-010 only applys for 1.4 http://svn.digium.com/view/asterisk/branches/1.2/channels/chan_sip.c?r1=58847&r2=59194 fixes ASA-2007-011 http://svn.digium.com/view/asterisk/branches/1.2/manager.c?r1=60134&r2=61786 fixes ASA-2007-012 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=269387 ------- Comment #2 from martin@gamesplace.info 2007-04-29 07:20 MST ------- It should be also checked if other older security issues are not yet fixed in the Asterisk in 10.2. List of security issues in Asterisk as of 1.2.13 release: http://asterisk.org/node/48319 Patch: http://svn.digium.com/view/asterisk/branches/1.2/channels/chan_sip.c?r1=56230&r2=57475 http://asterisk.org/node/48339 Patch: http://svn.digium.com/view/asterisk/branches/1.2/channels/chan_sip.c?r1=58115&r2=58579 http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/053967.html Patch: http://svn.digium.com/view/asterisk/branches/1.2/channels/chan_sip.c?r1=58847&r2=59194 http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/053968.html Patch: http://svn.digium.com/view/asterisk/branches/1.2/manager.c?r1=60134&r2=61786 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=269387 lnussel@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |security-team@suse.de AssignedTo|security-team@suse.de |max@novell.com Summary|Multiple security holes in |VUL-0: Multiple security holes in Asterisk |Asterisk | ------- Comment #3 from lnussel@novell.com 2007-05-02 02:18 MST ------- Thanks for the links. The issues that affect asterisk version we ship are just DoS bugs AFAICS so they are not that urgent. Reassigning to maintainer. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=269387 lnussel@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |lnussel@novell.com ------- Comment #4 from lnussel@novell.com 2007-05-02 02:18 MST ------- *** Bug 267826 has been marked as a duplicate of this bug. *** -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=269387 max@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED ------- Comment #5 from max@novell.com 2007-05-02 10:25 MST ------- ASA-2007-011 is CVE-2007-2297 ASA-2007-012 is CVE-2007-2294 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=269387 ------- Comment #6 from max@novell.com 2007-05-02 11:43 MST ------- Patched package submitted to 10.1 and 10.2. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=269387 max@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|max@novell.com |security-team@suse.de Status|ASSIGNED |NEW -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=269387 lnussel@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED ------- Comment #7 from lnussel@novell.com 2007-05-31 03:20 MST ------- tracked in #251177 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=269387 ------- Comment #8 from meissner@novell.com 2007-06-06 07:41 MST ------- finally released the updates. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
participants (1)
-
bugzilla_noreply@novell.com