Your message dated Mon, 10 Apr 2017 12:33:59 +0000
with message-id <[email protected]>
and subject line Bug#859910: fixed in asterisk 1:13.14.1~dfsg-1
has caused the Debian Bug report #859910,
regarding AST-2017-001: Buffer overflow in CDR's set user
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
859910: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859910
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: src:asterisk
Version: 1:13.0.0~dfsg-1
Severity: important
Tags: security patch upstream
See http://downloads.asterisk.org/pub/security/AST-2017-001.html
Asterisk Project Security Advisory - AST-2017-001
Product Asterisk
Summary Buffer overflow in CDR's set user
Nature of Advisory Buffer Overflow
Susceptibility Remote Authenticated Sessions
Severity Moderate
Exploits Known No
Reported On March 27, 2017
Reported By Alex Villacis Lasso
Posted On
Last Updated On April 4, 2017
Advisory Contact kharwell AT digium DOT com
CVE Name
Description No size checking is done when setting the user field on a
CDR. Thus, it is possible for someone to use an arbitrarily
large string and write past the end of the user field
storage buffer. This allows the possibility of remote code
injection.
This currently affects any system using CDR's that also
make use of the following:
* The 'X-ClientCode' header within a SIP INFO message when
using chan_sip and
the 'useclientcode' option is enabled (note, it's disabled
by default).
* The CDR dialplan function executed from AMI when setting
the user field.
* The AMI Monitor action when using a long file name/path.
Resolution The CDR engine now only copies up to the maximum allowed
characters into the user field. Any characters outside the
maximum are truncated.
Affected Versions
Product Release
Series
Asterisk Open Source 13.x All Releases
Asterisk Open Source 14.x All Releases
Certified Asterisk 13.13 All Releases
Corrected In
Product Release
Asterisk Open Source 13.14.1,14.3.1
Certified Asterisk 13.13-cert3
Patches
SVN URL Revision
http://downloads.asterisk.org/pub/security/AST-2017-001-13.diff Asterisk
13
http://downloads.asterisk.org/pub/security/AST-2017-001-14.diff Asterisk
14
http://downloads.asterisk.org/pub/security/AST-2017-001-13.13.diff Certified
Asterisk
13.13
Links https://issues.asterisk.org/jira/browse/ASTERISK-26897
Asterisk Project Security Advisories are posted at
http://www.asterisk.org/security
This document may be superseded by later versions; if so, the latest
version will be posted at
http://downloads.digium.com/pub/security/AST-2017-001.pdf and
http://downloads.digium.com/pub/security/AST-2017-001.html
Revision History
Date Editor Revisions Made
March, 27, 2017 Kevin Harwell Initial Revision
--- End Message ---
--- Begin Message ---
Source: asterisk
Source-Version: 1:13.14.1~dfsg-1
We believe that the bug you reported is fixed in the latest version of
asterisk, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Bernhard Schmidt <[email protected]> (supplier of updated asterisk package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 10 Apr 2017 12:53:03 +0200
Source: asterisk
Binary: asterisk asterisk-modules asterisk-dahdi asterisk-vpb
asterisk-voicemail asterisk-voicemail-imapstorage
asterisk-voicemail-odbcstorage asterisk-ooh323 asterisk-mp3 asterisk-mysql
asterisk-mobile asterisk-doc asterisk-dev asterisk-config
Architecture: source
Version: 1:13.14.1~dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Debian VoIP Team <[email protected]>
Changed-By: Bernhard Schmidt <[email protected]>
Description:
asterisk - Open Source Private Branch Exchange (PBX)
asterisk-config - Configuration files for Asterisk
asterisk-dahdi - DAHDI devices support for the Asterisk PBX
asterisk-dev - Development files for Asterisk
asterisk-doc - Source code documentation for Asterisk
asterisk-mobile - Bluetooth phone support for the Asterisk PBX
asterisk-modules - loadable modules for the Asterisk PBX
asterisk-mp3 - MP3 playback support for the Asterisk PBX
asterisk-mysql - MySQL database protocol support for the Asterisk PBX
asterisk-ooh323 - H.323 protocol support for the Asterisk PBX - ooH323c
asterisk-voicemail - simple voicemail support for the Asterisk PBX
asterisk-voicemail-imapstorage - IMAP voicemail storage support for the
Asterisk PBX
asterisk-voicemail-odbcstorage - ODBC voicemail storage support for the
Asterisk PBX
asterisk-vpb - VoiceTronix devices support for the Asterisk PBX
Closes: 859910 859911
Changes:
asterisk (1:13.14.1~dfsg-1) unstable; urgency=medium
.
* New upstream version 13.14.1
- Fixes AST-2017-001 (Buffer overflow in CDR's set user) (Closes: #859910)
* Import upstream fix to set the RTP source address to the address bound by
the PJSIP transport (Closes: #859911)
Checksums-Sha1:
06a358871e5b17cc079e96d19da8c7be0e1eb461 4105 asterisk_13.14.1~dfsg-1.dsc
ad3b0601910c7b9debd8edee25bcfe985666280f 6152096
asterisk_13.14.1~dfsg.orig.tar.xz
3ae6733be7495d5d1567f451116749b1a2a53bf2 129196
asterisk_13.14.1~dfsg-1.debian.tar.xz
2b84c1a2a86e37bda4cd812ec884d69c11f964a5 26165
asterisk_13.14.1~dfsg-1_amd64.buildinfo
Checksums-Sha256:
9d4a3c76d1cfcd0f42a9a5d94630c7dab4d1565ec85f57e5506da5875b487743 4105
asterisk_13.14.1~dfsg-1.dsc
9f52c386cb3eec6f01af7f1e03818280870896defde0da9f8f032db351a642b7 6152096
asterisk_13.14.1~dfsg.orig.tar.xz
80b09af2f649ff4be876cc68a86863e0b0111081c0f8c888f7c4a2cd537dac2e 129196
asterisk_13.14.1~dfsg-1.debian.tar.xz
6bd8c028c147e2a0abfa8d1cc98d89da190f9cd9405c9ccd16c5b0f76880ff2d 26165
asterisk_13.14.1~dfsg-1_amd64.buildinfo
Files:
0f94805175390a87c1c9af208d3b7d2a 4105 comm optional asterisk_13.14.1~dfsg-1.dsc
6db73384168c17ebe6160ba96c5c6209 6152096 comm optional
asterisk_13.14.1~dfsg.orig.tar.xz
67c0c9a53e947082ab777dd03260716f 129196 comm optional
asterisk_13.14.1~dfsg-1.debian.tar.xz
0c0e955cb4b319303de409f8f54175ce 26165 comm optional
asterisk_13.14.1~dfsg-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJFBAEBCAAvFiEE1uAexRal3873GVbTd1B55bhQvJMFAljrdtARHGJlcm5pQGRl
Ymlhbi5vcmcACgkQd1B55bhQvJP2MQ/+J94Zbftcw1sinwr6aAHZtQ3r10hGEPFZ
savhjehoE0dpyEsoEl4DKvZ9wHHCKTeFVKUp+fAA+AcLC/pDOkQqf5A8LmuPvnkZ
/6kiJmFXk9C9SWflMmhkVrPflDuFJKGUO45oME7m0OraHOG5JSQaOiRtaKC+oHR2
Lq+aHbpiY6dlGXduDp8hiy6T1mUuUnCbbn1Z/wEz5rn/Fs8ZOJv6lupl5obnNNQh
Zp2AJsmZIcI5mAKRKhhOz0NrMNeJVszi5/o/fSY69x+3yce3F2wnQw+seCQ3TCZ3
gpGjBZ2usswThsVkU4reACmagwsOJpOmrma1K/Opn3Y7kyFTexOfDDgt5q1XMZX/
SfHRJr2Q9UdcdJ/6wy/Tub8qsXvhUTMZ4tzJwUz27WWLsos9RF5JaBfW6KPK831J
Y+3HhfbFgeDM8xwpgus6HgQCHtU6+FW5X7aIlzxMNJXUXfe7uxWEcnzoUDCh1InV
LkFObWAUAEePNn/aH5bY88oiYjTXN0IYgMor6DgrBTdmG16E4DcW/oBgAmzhu+nC
GwauT/q7xu5FZkCV/cSwTPQ965NRvUX2vz1ap6GXQglZ3I7GFWJuafeF7o9FgsSn
fxbK2zz5q3FLWPKRZoVCD/AkDR420P954nQEsCJnJBTNozPJdFHfEX9reFqFDg85
lDUG57yybLM=
=r4u+
-----END PGP SIGNATURE-----
--- End Message ---
