[OpenWrt-Devel] [PATCH 0/2] [telephony] Asterisk: Multiplevulnerabilities
Jiří Šlachta
slachta at cesnet.cz
Thu Jun 26 04:04:31 EDT 2014
Yes, asterisk18 is affected by those vulnerabilities. I will send a
backport patchset today to mailing list to sync asterisk18 from trunk to
AA (which will contain also several more fixes).
~ Jiri
Dne 26/06/2014 09:56, José Vázquez Fernández napsal(a):
> Do these vulnerabilities affect the versions included in Attitude
> Adjustment?
>
> Pepe
>
>
> Hello Daniel,
>
> I have applied your patches.
>
> Commits:
> 93ef5a1a85c9dc55b91778a806f6463b11d68026
> eee55b8fd0ce811e0b1cc7400f012e19e1f99b30
>
> Thank you so much!
> Jiri
>
> Dne 26/06/2014 05:18, Daniel Golle napsal(a):
>> Vulnerabilities in various versions of Asterisk have been discovered
>> recently.
>> See
>>
> http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo/xml/htdocs/security/en/glsa/glsa-201406-25.xml
>>
>> http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4046
>> http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4047
>>
>> Both, asterisk-1.8.x and asterisk-11.x should thus be updated to
>> the most recent releases.
>>
>> Daniel Golle (2):
>> asterisk-1.8.x: bump version
>> asterisk-11.x: bump version
>>
>> net/asterisk-1.8.x/Makefile
> | 4 ++--
>> net/asterisk-11.x/Makefile
> | 4 ++--
>> .../patches/010-asterisk-configure-undef-res-ninit.patch
> | 2 +-
>> 3 files changed, 5 insertions(+), 5 deletions(-)
>>
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel at lists.openwrt.org <mailto:openwrt-devel at lists.openwrt.org>
> https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list