| Summary: | <net-misc/asterisk-11.13.1: Susceptibility to POODLE Vulnerability (CVE-2014-3566) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | minor | ||
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://downloads.asterisk.org/pub/security/AST-2014-011.html | ||
| Whiteboard: | B3 [glsa] | ||
| Package list: | Runtime testing required: | --- | |
Arches, please test and mark stable: =net-misc/asterisk-11.13.1 Target stable keywords: amd64 x86 The recommended test procedure, requiring USE=samples, is to try to start & stop the daemon three times in succession. This requires no configuration and will confirm that the daemon is behaving normally. The 12 branch is masked and has had vulnerable ebuilds removed. The 1.8 branch has been removed from portage. amd64 stable x86 stable. Maintainer(s), please cleanup. Security, please vote. + 21 Oct 2014; Tony Vroon <chainsaw@gentoo.org> -asterisk-11.12.1.ebuild: + Remove vulnerable ebuilds now that stabilisation is complete. For security + bug #526208. Arches and Mainter(s), Thank you for your work. Added to an existing GLSA request. This issue was resolved and addressed in GLSA 201411-10 at http://security.gentoo.org/glsa/glsa-201411-10.xml by GLSA coordinator Sean Amoss (ackle). |
See ${URL} for details. @maintainer(s): since the fixed package is already in the tree, please let us know if it is ready for the stabilization or not.