Release 1.4.13 fixes the issues. The function "sprintf" was used heavily throughout the IMAP-specific voicemail code. After auditing the code, two vulnerabilities were discovered, both buffer overflows. The following buffer overflow required write access to Asterisk's configuration files in order to be exploited. 1) If a combination of the astspooldir (set in asterisk.conf), the voicemail context, and voicemail mailbox, were very long, then there was a buffer overflow when playing a message or forwarding a message (in the case of forwarding, the context and mailbox in question are the context and mailbox that the message was being forwarded to). The following buffer overflow could be exploited remotely. 2) If any one of, or any combination of the Content-type or Content-description headers for an e-mail that Asterisk recognized as a voicemail message contained more than a 1024 characters, then a buffer would overflow while listening to a voicemail message via a telephone. It is important to note that this did NOT affect users who get their voicemail via an e-mail client. http://downloads.digium.com/pub/security/AST-2007-022.html
fyi asterisk 1.4.x is not in the main portage tree, only the voip overlay.
Oh, my bad. Just saw the annoucement , but didn't expect 1.4 not in the tree. voip team, please close as invalid or as you like. Don't know who handles the overlay.
changing category
Also: http://downloads.digium.com/pub/security/AST-2008-001.html
Closing as there are no affected versions in either the portage tree or the overlay.
