From ${URL} : Description Multiple vulnerabilities have been reported in Asterisk, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to cause a DoS (Denial of Service). 1) An error when processing a 16-bit SMS message can be exploited to corrupt memory via a specially crafted message length value. 2) The application allows external control protocols to get and set channel variables, which can be exploited to execute dialplan functions. The vulnerabilities are reported in versions 1.8.x, 10.x, and 11.x. Solution: Update to a fixed versions. Please see the vendor's advisories for more details. Provided and/or discovered by: The vendor credits: 1) Jan Juergens 2) Matt Jordan Original Advisory: http://downloads.asterisk.org/pub/security/AST-2013-006.html http://downloads.asterisk.org/pub/security/AST-2013-007.html @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
+*asterisk-11.7.0 (18 Dec 2013) +*asterisk-1.8.25.0 (18 Dec 2013) + + 18 Dec 2013; Tony Vroon <chainsaw@gentoo.org> +asterisk-1.8.25.0.ebuild, + +asterisk-11.7.0.ebuild: + Upgrades on both branches for memory corruption (AST-2013-006) & security + bypass (AST-2013-007) vulnerabilities, as per Agostino Sarubbo in security + bug #494630. Squelch unnecessary chatter from build system, as per Patryk + Rzadzinski in bug #489862. Arches, please test & mark stable: =net-misc/asterisk-1.8.25.0 =net-misc/asterisk-11.7.0 Due to the need for specialty hardware and/or paid accounts, three stop-start cycles on the default (USE=samples) configuration files will suffice. Could the last arch to stabilise please remove all previous Asterisk ebuilds from the tree. Security team, please check that this has been done.
amd64 stable
x86 stable. Maintainer(s), please cleanup
+ 23 Dec 2013; Tony Vroon <chainsaw@gentoo.org> -asterisk-1.8.23.1.ebuild, + -asterisk-1.8.24.0.ebuild, -asterisk-11.5.1.ebuild, -asterisk-11.6.0.ebuild, + -asterisk-11.6.0-r1.ebuild: + Remove all vulnerable ebuilds for AST-2013-006 & AST-2013-007; for security + bug #494630.
Maintainer(s), Thank you for your work! Added to existing GLSA
CVE-2013-7100 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-7100): Buffer overflow in the unpacksms16 function in apps/app_sms.c in Asterisk Open Source 1.8.x before 1.8.24.1, 10.x before 10.12.4, and 11.x before 11.6.1; Asterisk with Digiumphones 10.x-digiumphones before 10.12.4-digiumphones; and Certified Asterisk 1.8.x before 1.8.15-cert4 and 11.x before 11.2-cert3 allows remote attackers to cause a denial of service (daemon crash) via a 16-bit SMS message.
This issue was resolved and addressed in GLSA 201401-15 at http://security.gentoo.org/glsa/glsa-201401-15.xml by GLSA coordinator Sergey Popov (pinkbyte).