Package: asterisk Version: 1:1.2.13~dfsg-2 Severity: important Tags: security
I was a bit surprised to see this one show up again last week on LWN with only Gentoo providing a fix. Apparently, etch/lenny are affected, but not sid. (No word on sarge's 1.0 branch, though.) >From CVE-2007-1594: The handle_response function in chan_sip.c in Asterisk before 1.2.17 and 1.4.x before 1.4.2 allows remote attackers to cause a denial of service (crash) via a SIP Response code 0 in a SIP packet. -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.18-4-k7 (SMP w/1 CPU core) Locale: LANG=en_CA, LC_CTYPE=en_CA (charmap=ISO-8859-1) Shell: /bin/sh linked to /bin/bash Versions of packages asterisk depends on: pn asterisk-sounds <none> (no description available) ii libasound2 1.0.13-2 ALSA library ii libc6 2.5-1 GNU C Library: Shared libraries ii libedit2 2.9.cvs.20050518-3 BSD editline and history libraries ii libexpat1 1.95.8-3.4 XML parsing C library - runtime li ii libgcc1 1:4.1.1-21 GCC support library ii libglib1.2 1.2.10-17 The GLib library of C routines ii libgsm1 1.0.10-13 Shared libraries for GSM speech co ii libgtk1.2 1.2.10-18 The GIMP Toolkit set of widgets fo ii libncurses5 5.5-5 Shared libraries for terminal hand pn libopenh323-1.13.2 <none> (no description available) pn libpq3 <none> (no description available) pn libpri1 <none> (no description available) pn libpt-1.6.3 <none> (no description available) ii libspeex1 1.1.12-3 The Speex Speech Codec ii libssl0.9.7 0.9.7k-3.1 SSL shared libraries pn libtonezone1 <none> (no description available) ii libx11-6 2:1.0.3-7 X11 client-side library ii libxext6 1:1.0.3-2 X11 miscellaneous extension librar ii libxi6 1:1.0.1-4 X11 Input extension library pn unixodbc <none> (no description available) ii zlib1g 1:1.2.3-13 compression library - runtime asterisk recommends no packages. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
