Summary: | <net-misc/asterisk-{1.8.26.1,11.8.1} : Denial of Service (CVE-2014-{2286,2287,2288,2289}) (AST-2014-001 - AST-2014-002 -AST-2014-003 - AST-2014-004) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | chainsaw |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B3 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2014-03-11 08:26:35 UTC
+*asterisk-12.1.1 (11 Mar 2014) +*asterisk-11.8.1 (11 Mar 2014) +*asterisk-1.8.26.1 (11 Mar 2014) + + 11 Mar 2014; Tony Vroon <chainsaw@gentoo.org> -asterisk-1.8.26.0.ebuild, + +asterisk-1.8.26.1.ebuild, -asterisk-11.7.0-r1.ebuild, + -asterisk-11.8.0.ebuild, +asterisk-11.8.1.ebuild, -asterisk-12.0.0.ebuild, + -asterisk-12.1.0.ebuild, +asterisk-12.1.1.ebuild: + New releases in all three branches to address a stack overflow in HTTP cookie + header processing, a file descriptor exhaustion through session timers in + chan_sip and two remote crashes in PJSIP (12 branch only). Removed all + vulnerable non-stable ebuilds. Upstream vulnerability reports AST-2014-001, + 002, 003 & 004. Arches, please test and mark stable: =net-misc/asterisk-1.8.26.1 =net-misc/asterisk-11.8.1 The following branch is masked and has no stable ebuilds: =net-misc/asterisk-12.1.1 The following vulnerable ebuilds should be removed after security stabling: =net-misc/asterisk-1.8.25.0 =net-misc/asterisk-11.7.0 amd64 stable x86 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. Clean-up by ago is complete, secure ebuilds on all three branches. Please proceed with GLSA decision process. Thanks everyone. GLSA request filed. CVE-2014-2289 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2289): res/res_pjsip_exten_state.c in the PJSIP channel driver in Asterisk Open Source 12.x before 12.1.0 allows remote authenticated users to cause a denial of service (crash) via a SUBSCRIBE request without any Accept headers, which triggers an invalid pointer dereference. Lowering vulnerability score, due to all of the specified vulnerabilities are classified as Denial of Service by upstream This issue was resolved and addressed in GLSA 201405-05 at http://security.gentoo.org/glsa/glsa-201405-05.xml by GLSA coordinator Sergey Popov (pinkbyte). |