Your message dated Thu, 03 Jan 2008 23:12:55 +0200
with message-id <[EMAIL PROTECTED]>
and subject line Bug#458952: asterisk: remote denial of service vulnerability
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: asterisk
Severity: grave
Tags: security patch
Hi,
the following advisory by the asterisk people was published for asterisk.
AST-2008-001[0]:
| The handling of the BYE with Also transfer method was broken during the
| development of Asterisk 1.4. If a transfer attempt is made using this method
| the system will immediately crash upon handling the BYE message due to trying
| to copy data into a NULL pointer. It is important to note that a dialog must
| have already been established and up in order for this to happen.
If you fix this vulnerability please also include the CVE id
in your changelog entry.
You can find a patch on:
http://svn.digium.com/view/asterisk/branches/1.4/channels/chan_sip.c?view=patch&r1=95191&r2=95946&pathrev=95946
For further information:
[0] http://downloads.digium.com/pub/security/AST-2008-001.html
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
pgp8IDvGcIiZs.pgp
Description: PGP signature
--- End Message ---
--- Begin Message ---
Version: 1:1.4.17~dfsg-1
Hi,
> the following advisory by the asterisk people was published for asterisk.
>
> AST-2008-001[0]:
> | The handling of the BYE with Also transfer method was broken during the
> | development of Asterisk 1.4. If a transfer attempt is made using this method
> | the system will immediately crash upon handling the BYE message due to
> trying
> | to copy data into a NULL pointer. It is important to note that a dialog must
> | have already been established and up in order for this to happen.
>
> If you fix this vulnerability please also include the CVE id
> in your changelog entry.
This was already uploaded yesterday to unstable.
"AST-2008-001" was included in the changelog but not the CVE id -- there
wasn't one at the time, not sure if there is one now.
oldstable and stable are not affected and asterisk is not present in
testing.
Unfortunately, we were caught in the middle of the libc-client
transition (uw-imap) and asterisk currently FTBFS on !i386.
A fix is present in our SVN but FTBFS on i386.
It might take a while before this is correctly fixed on all arches.
Thanks,
Faidon
--- End Message ---
