[Bug 705014] Re: CVE-2011-0495: AST-2011-001: Asterisk: Stack based buffer overflow by forming an outgoing SIP request with specially-crafted caller ID information

Launchpad Bug Tracker Fri, 21 Jan 2011 12:16:23 -0800

This bug was fixed in the package asterisk - 1:1.6.2.5-0ubuntu1.3

---------------
asterisk (1:1.6.2.5-0ubuntu1.3) lucid-security; urgency=low


  * SECURITY UPDATE: Stack buffer overflow in SIP channel driver. (LP: #705014)
    - debian/patches/AST-2011-001-1.6.2: The size of the output buffer passed
      to the ast_uri_encode function is now properly respected in main/utils.c.
      Patch courtesy of upstream.
    - CVE-2011-0495
 -- Dave Walker (Daviey) <davewal...@ubuntu.com>   Thu, 20 Jan 2011 23:31:55 
+0000

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/705014

Title:
  CVE-2011-0495: AST-2011-001: Asterisk: Stack based buffer overflow by
  forming an outgoing SIP request with specially-crafted caller ID
  information

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 705014] Re: CVE-2011-0495: AST-2011-001: Asterisk: Stack based buffer overflow by forming an outgoing SIP request with specially-crafted caller ID information

Reply via email to