This bug was fixed in the package asterisk - 1:1.6.2.5-0ubuntu1.3 --------------- asterisk (1:1.6.2.5-0ubuntu1.3) lucid-security; urgency=low
* SECURITY UPDATE: Stack buffer overflow in SIP channel driver. (LP: #705014) - debian/patches/AST-2011-001-1.6.2: The size of the output buffer passed to the ast_uri_encode function is now properly respected in main/utils.c. Patch courtesy of upstream. - CVE-2011-0495 -- Dave Walker (Daviey) <davewal...@ubuntu.com> Thu, 20 Jan 2011 23:31:55 +0000 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/705014 Title: CVE-2011-0495: AST-2011-001: Asterisk: Stack based buffer overflow by forming an outgoing SIP request with specially-crafted caller ID information -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs