[SECURITY] Fedora 17 Update: asterisk-10.3.1-1.fc17

updates at fedoraproject.org updates at fedoraproject.org
Fri May 4 22:52:14 UTC 2012


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-6704
2012-04-26 19:21:44
--------------------------------------------------------------------------------

Name        : asterisk
Product     : Fedora 17
Version     : 10.3.1
Release     : 1.fc17
URL         : http://www.asterisk.org/
Summary     : The Open Source PBX
Description :
Asterisk is a complete PBX in software. It runs on Linux and provides
all of the features you would expect from a PBX and more. Asterisk
does voice over IP in three protocols, and can interoperate with
almost all standards-based telephony equipment using relatively
inexpensive hardware.

--------------------------------------------------------------------------------
Update Information:

The Asterisk Development Team has announced security releases for Asterisk 1.6.2,
1.8, and 10. The available security releases are released as versions 1.6.2.24,
1.8.11.1, and 10.3.1.

These releases are available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk/releases

The release of Asterisk 1.6.2.24, 1.8.11.1, and 10.3.1 resolve the following two
issues:

 * A permission escalation vulnerability in Asterisk Manager Interface.  This
  would potentially allow remote authenticated users the ability to execute
  commands on the system shell with the privileges of the user running the
  Asterisk application.

 * A heap overflow vulnerability in the Skinny Channel driver.  The keypad
  button message event failed to check the length of a fixed length buffer
  before appending a received digit to the end of that buffer.  A remote
  authenticated user could send sufficient keypad button message events that the
  buffer would be overrun.

In addition, the release of Asterisk 1.8.11.1 and 10.3.1 resolve the following
issue:

 * A remote crash vulnerability in the SIP channel driver when processing UPDATE
  requests.  If a SIP UPDATE request was received indicating a connected line
  update after a channel was terminated but before the final destruction of the
  associated SIP dialog, Asterisk would attempt a connected line update on a
  non-existing channel, causing a crash.

These issues and their resolution are described in the security advisories.

For more information about the details of these vulnerabilities, please read
security advisories AST-2012-004, AST-2012-005, and AST-2012-006, which were
released at the same time as this announcement.

For a full list of changes in the current releases, please see the ChangeLogs:

http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.24
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.11.1
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.3.1

The security advisories are available at:

 * http://downloads.asterisk.org/pub/security/AST-2012-004.pdf
 * http://downloads.asterisk.org/pub/security/AST-2012-005.pdf
 * http://downloads.asterisk.org/pub/security/AST-2012-006.pdf

Update to 1.8.11.0
Update to 1.8.10.1, which fixes 2 security vulnerabilities.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #815762 - CVE-2012-2414 asterisk: Asterisk Manager Interface unauthorized shell access (AST-2012-004)
        https://bugzilla.redhat.com/show_bug.cgi?id=815762
  [ 2 ] Bug #815766 - CVE-2012-2415 asterisk: Heap buffer overflow in Skinny channel driver (AST-2012-005)
        https://bugzilla.redhat.com/show_bug.cgi?id=815766
  [ 3 ] Bug #815774 - CVE-2012-2416 asterisk: Crash by processing certain UPDATE requests in SIP channel driver (AST-2012-006)
        https://bugzilla.redhat.com/show_bug.cgi?id=815774
  [ 4 ] Bug #804038 - CVE-2012-1183 asterisk: Stack-based buffer overwrite by processing large audio packet in Miliwatt application (AST-2012-002)
        https://bugzilla.redhat.com/show_bug.cgi?id=804038
  [ 5 ] Bug #804042 - CVE-2012-1184 asterisk: Stack-based buffer overflow by processing certain HTTP Digest Authentication headers (AST-2012-003)
        https://bugzilla.redhat.com/show_bug.cgi?id=804042
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update asterisk' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


More information about the package-announce mailing list