Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: <updates <at> fedoraproject.org>
Subject: [SECURITY] Fedora 16 Update: asterisk-1.8.11.1-1.fc16
Newsgroups: gmane.linux.redhat.fedora.package.announce
Date: Thursday 3rd May 2012 22:53:54 UTC (over 4 years ago)
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-6612
2012-04-26 03:06:16
--------------------------------------------------------------------------------

Name        : asterisk
Product     : Fedora 16
Version     : 1.8.11.1
Release     : 1.fc16
URL         : http://www.asterisk.org/
Summary     : The Open Source PBX
Description :
Asterisk is a complete PBX in software. It runs on Linux and provides
all of the features you would expect from a PBX and more. Asterisk
does voice over IP in three protocols, and can interoperate with
almost all standards-based telephony equipment using relatively
inexpensive hardware.

--------------------------------------------------------------------------------
Update Information:

The Asterisk Development Team has announced security releases for Asterisk
1.6.2,
1.8, and 10. The available security releases are released as versions
1.6.2.24,
1.8.11.1, and 10.3.1.

These releases are available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk/releases

The release of Asterisk 1.6.2.24, 1.8.11.1, and 10.3.1 resolve the
following two
issues:

 * A permission escalation vulnerability in Asterisk Manager Interface. 
This
  would potentially allow remote authenticated users the ability to
execute
  commands on the system shell with the privileges of the user running the
  Asterisk application.

 * A heap overflow vulnerability in the Skinny Channel driver.  The keypad
  button message event failed to check the length of a fixed length buffer
  before appending a received digit to the end of that buffer.  A remote
  authenticated user could send sufficient keypad button message events
that the
  buffer would be overrun.

In addition, the release of Asterisk 1.8.11.1 and 10.3.1 resolve the
following
issue:

 * A remote crash vulnerability in the SIP channel driver when processing
UPDATE
  requests.  If a SIP UPDATE request was received indicating a connected
line
  update after a channel was terminated but before the final destruction of
the
  associated SIP dialog, Asterisk would attempt a connected line update on
a
  non-existing channel, causing a crash.

These issues and their resolution are described in the security
advisories.

For more information about the details of these vulnerabilities, please
read
security advisories AST-2012-004, AST-2012-005, and AST-2012-006, which
were
released at the same time as this announcement.

For a full list of changes in the current releases, please see the
ChangeLogs:

http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.24
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.11.1
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.3.1

The security advisories are available at:

 * http://downloads.asterisk.org/pub/security/AST-2012-004.pdf
 * http://downloads.asterisk.org/pub/security/AST-2012-005.pdf
 * http://downloads.asterisk.org/pub/security/AST-2012-006.pdf

Update to 1.8.11.0
Update to 1.8.10.1, which fixes 2 security vulnerabilities.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr 24 2012 Jeffrey Ollie <[email protected]> - 1.8.11.1-1:
- The Asterisk Development Team has announced security releases for
Asterisk 1.6.2,
- 1.8, and 10. The available security releases are released as versions
1.6.2.24,
- 1.8.11.1, and 10.3.1.
-
- These releases are available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/releases
-
- The release of Asterisk 1.6.2.24, 1.8.11.1, and 10.3.1 resolve the
following two
- issues:
-
-  * A permission escalation vulnerability in Asterisk Manager Interface. 
This
-   would potentially allow remote authenticated users the ability to
execute
-   commands on the system shell with the privileges of the user running
the
-   Asterisk application.
-
-  * A heap overflow vulnerability in the Skinny Channel driver.  The
keypad
-   button message event failed to check the length of a fixed length
buffer
-   before appending a received digit to the end of that buffer.  A remote
-   authenticated user could send sufficient keypad button message events
that the
-   buffer would be overrun.
-
- In addition, the release of Asterisk 1.8.11.1 and 10.3.1 resolve the
following
- issue:
-
-  * A remote crash vulnerability in the SIP channel driver when processing
UPDATE
-   requests.  If a SIP UPDATE request was received indicating a connected
line
-   update after a channel was terminated but before the final destruction
of the
-   associated SIP dialog, Asterisk would attempt a connected line update
on a
-   non-existing channel, causing a crash.
-
- These issues and their resolution are described in the security
advisories.
-
- For more information about the details of these vulnerabilities, please
read
- security advisories AST-2012-004, AST-2012-005, and AST-2012-006, which
were
- released at the same time as this announcement.
-
- For a full list of changes in the current releases, please see the
ChangeLogs:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.24
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.11.1
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.3.1
-
- The security advisories are available at:
-
-  * http://downloads.asterisk.org/pub/security/AST-2012-004.pdf
-  * http://downloads.asterisk.org/pub/security/AST-2012-005.pdf
-  * http://downloads.asterisk.org/pub/security/AST-2012-006.pdf
* Fri Mar 30 2012 Russell Bryant  - 1.8.11.0-1
- Update to 1.8.11.0
* Sat Mar 17 2012 Russell Bryant  - 1.8.10.1-1
- Update to 1.8.10.1 from upstream.
- Fix remote stack overflow in app_milliwatt.
- Fix remote stack overflow, including possible code injection, in HTTP
digest
  authentication handling.
- Diable build of SRTP on ppc64, as it doesn't build right now.
- Resolves: rhbz#804045, rhbz#804038, rhbz#804042
* Thu Nov 17 2011 Jeffrey C. Ollie <[email protected]> - 1.8.8.0-0.4.rc4
- The Asterisk Development Team has announced the fourth release candidate
of
- Asterisk 1.8.8.0. This release candidate is available for immediate
download at
- http://downloads.asterisk.org/pub/telephony/asterisk/
-
- The release of Asterisk 1.8.8.0-rc4 resolves a particular issue with BLF
- subscriptions. A change in Asterisk 1.8.8.0-rc3 had the potential to
cause a
- segfault, and this release candidate was created to resolve that.
-
- For a full list of changes in this release candidate, please see the
ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.8.0-rc4
* Thu Nov 10 2011 Jeffrey C. Ollie <[email protected]> - 1.8.8.0-0.3.rc3
- The Asterisk Development Team has announced the third release candidate
of
- Asterisk 1.8.8.0. This release candidate is available for immediate
download at
- http://downloads.asterisk.org/pub/telephony/asterisk/
-
- The release of Asterisk 1.8.8.0-rc3 resolves several issues reported by
the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is a sample of the issues resolved in this release
candidate:
-
- * Prevent BLF subscriptions from causing deadlocks.
-  (Closes issue ASTERISK-18663)
-  Review: https://reviewboard.asterisk.org/r/1563/
-
- * Fix deadlock if peer is destroyed while sending MWI notice.
-  (Closes issue ASTERISK-18747)
-  Reported by: Gregory Hinton Nietsky
-
- * Fix issue with setting defaultenabled on categories that are already
enabled
-  by default.
-  (Closes issue ASTERISK-18738)
-  Reported by: Paul Belanger
-
- For a full list of changes in this release candidate, please see the
ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.8.0-rc3
* Tue Nov  8 2011 Jeffrey C. Ollie <[email protected]> - 1.8.8.0-0.2.rc2
- The Asterisk Development Team has announced the second release candidate
of
- Asterisk 1.8.8.0. This release candidate is available for immediate
download at
- http://downloads.asterisk.org/pub/telephony/asterisk/
-
- The release of Asterisk 1.8.8.0-rc2 resolves several issues reported by
the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is a sample of the issues resolved in this release
candidate:
-
- * --- Fix remote Crash Vulnerability in SIP channel driver (AST-2011-012)
---
-  http://downloads.asterisk.org/pub/security/AST-2011-012.pdf
-
- * --- Fix locking order in app_queue.c which caused deadlocks ---
-  (Closes issue ASTERISK-18101. Reported by Paul Rolfe, patched by Gregory
Nietsky)
-  (Closes issue ASTERISK-18487. Reported by Jason Legault, patched by
Gregory
- Nietsky)
-
- * --- Fix regression in configure script for libpri capability checks ---
-  (Closes issue ASTERISK-18687. Reported by norbert, patched by Richard
Mudgett)
-
- * --- Properly ignore AST_CONTROL_UPDATE_RTP_PEER in more places ---
-  (Closes issue ASTERISK-18610. Reported by Kristijan_Vrban, patched by
Terry
- Wilson, and again by Kristijan_Vrban)
-
- * --- Fix issue with removing peers by IP ---
-  (Closes issue ASTERISK-18696. Reported by rsw686, patched by Terry
Wilson)
-
- For a full list of changes in this release candidate, please see the
ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.8.0-rc2
* Tue Nov  8 2011 Jeffrey C. Ollie <[email protected]> - 1.8.8.0-0.1.rc1
- The Asterisk Development Team announces the first release candidate of
- Asterisk 1.8.8.0. This release candidate is available for immediate
download at
- http://downloads.asterisk.org/pub/telephony/asterisk/
-
- The release of Asterisk 1.8.8.0-rc1 resolves several issues reported by
the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is a sample of the issues resolved in this release
candidate:
-
-  * Updated SIP 484 handling; added Incomplete control frame
-   When a SIP phone uses the dial application and receives a 484 Address
-   Incomplete response, if overlapped dialing is enabled for SIP, then the
484
-   Address Incomplete is forwarded back to the SIP phone and the
HANGUPCAUSE
-   channel variable is set to 28. Previously, the Incomplete application
-   dialplan logic was automatically triggered; now, explicit dialplan
usage of
-   the application is required.
-   (Closes ASTERISK-17288. Reported by: Mikael Carlsson Tested by: Matthew
-    Jordan Review: https://reviewboard.asterisk.org/r/1416/)
-
-  * Prevent IAX2 from getting IPv6 addresses via DNS IAX2 does not support
IPv6
-   and getting such addresses from DNS can cause error messages on the
remote
-   end involving bad IPv4 address casts in the presence of IPv6/IPv4
tunnels.
-   (Closes issue ASTERISK-18090. Patched by Kinsey Moore)
-
-  * Fix bad RTP media bridges in directmedia calls on peers separated by
multiple
-   Asterisk nodes.
-   (Closes issue ASTERISK-18340. Reported by: Thomas Arimont. Closes issue
-    ASTERISK-17725. Reported by: kwk. Tested by: twilson, jrose)
-
-  * Fix crashes in ast_rtcp_write()
-   (Closes issue ASTERISK-18570)
-   Related issues that look like they are the same problem:
-   (Issue ASTERISK-17560, ASTERISK-15406, ASTERISK-15257, ASTERISK-13334,
-    ASTERISK-9977, ASTERISK-9716)
-   Review: https://reviewboard.asterisk.org/r/1444/
-   Patched by: Russell Bryant
-
-  * Fix for incorrect voicemail duration in external notifications.
-   This patch fixes an issue where the voicemail duration was being
reported
-   with a duration significantly less than the actual sound file duration.
-   (Closes ASTERISK-16981. Reported by: Mary Ciuciu, Byron Clark, Brad
House,
-    Karsten Wemheuer, KevinH Tested by: Matt Jordan
-    Review: https://reviewboard.asterisk.org/r/1443)
-
-  * Prevent segfault if call arrives before Asterisk is fully booted.
-   (Patched by alecdavis. https://reviewboard.asterisk.org/r/1407/)
-
- For a full list of changes in this release candidate, please see the
ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.8.0-rc1
* Mon Oct 17 2011 Jeffrey C. Ollie <[email protected]> - 1.8.7.1-1
- The Asterisk Development Team has announced a security release for
Asterisk 1.8.
- The available security release is released as version 1.8.7.1.
-
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/releases
-
- The release of Asterisk 1.8.7.1 resolves an issue with SIP URI parsing
which can
- lead to a remotely exploitable crash:
-
-    Remote Crash Vulnerability in SIP channel driver (AST-2011-012)
-
- The issue and resolution is described in the AST-2011-012 security
- advisory.
-
- For more information about the details of this vulnerability, please read
the
- security advisory AST-2011-012, which was released at the same time as
this
- announcement.
-
- For a full list of changes in the current release, please see the
ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.7.1
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #815762 - CVE-2012-2414 asterisk: Asterisk Manager Interface
unauthorized shell access (AST-2012-004)
        https://bugzilla.redhat.com/show_bug.cgi?id=815762
  [ 2 ] Bug #815766 - CVE-2012-2415 asterisk: Heap buffer overflow in
Skinny channel driver (AST-2012-005)
        https://bugzilla.redhat.com/show_bug.cgi?id=815766
  [ 3 ] Bug #815774 - CVE-2012-2416 asterisk: Crash by processing certain
UPDATE requests in SIP channel driver (AST-2012-006)
        https://bugzilla.redhat.com/show_bug.cgi?id=815774
  [ 4 ] Bug #804038 - CVE-2012-1183 asterisk: Stack-based buffer overwrite
by processing large audio packet in Miliwatt application (AST-2012-002)
        https://bugzilla.redhat.com/show_bug.cgi?id=804038
  [ 5 ] Bug #804042 - CVE-2012-1184 asterisk: Stack-based buffer overflow
by processing certain HTTP Digest Authentication headers (AST-2012-003)
        https://bugzilla.redhat.com/show_bug.cgi?id=804042
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update asterisk' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on
the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/package-announce
 
CD: 3ms