[OpenWrt-Devel] [PATCH 0/2] [telephony] Asterisk: Multiplevulnerabilities

Jiří Šlachta slachta at cesnet.cz
Thu Jun 26 04:04:31 EDT 2014


Yes, asterisk18 is affected by those vulnerabilities. I will send a
backport patchset today to mailing list to sync asterisk18 from trunk to
AA (which will contain also several more fixes).

~ Jiri

Dne 26/06/2014 09:56, José Vázquez Fernández napsal(a):
> Do these vulnerabilities affect the versions included in Attitude
> Adjustment?
>  
> Pepe
>  
> 
> Hello Daniel,
> 
> I have applied your patches.
> 
> Commits:
> 93ef5a1a85c9dc55b91778a806f6463b11d68026
> eee55b8fd0ce811e0b1cc7400f012e19e1f99b30
> 
> Thank you so much!
> Jiri
> 
> Dne 26/06/2014 05:18, Daniel Golle napsal(a):
>> Vulnerabilities in various versions of Asterisk have been discovered
>> recently.
>> See
>>
> http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo/xml/htdocs/security/en/glsa/glsa-201406-25.xml
>>
>> http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4046
>> http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4047
>>
>> Both, asterisk-1.8.x and asterisk-11.x should thus be updated to
>> the most recent releases.
>>
>> Daniel Golle (2):
>>   asterisk-1.8.x: bump version
>>   asterisk-11.x: bump version
>>
>>  net/asterisk-1.8.x/Makefile                                          
> | 4 ++--
>>  net/asterisk-11.x/Makefile                                           
> | 4 ++--
>>  .../patches/010-asterisk-configure-undef-res-ninit.patch             
> | 2 +-
>>  3 files changed, 5 insertions(+), 5 deletions(-)
>>
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel at lists.openwrt.org <mailto:openwrt-devel at lists.openwrt.org>
> https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel


More information about the openwrt-devel mailing list