Login
Newsletter
Werbung
Sicherheit: Denial of Service in Asterisk
Aktuelle Meldungen Distributionen
Name: Denial of Service in Asterisk
ID: MDVSA-2015:018
Distribution: Mandriva
Plattformen: Mandriva Business Server 1.0
Datum: Do, 8. Januar 2015, 19:34
Referenzen: http://advisories.mageia.org/MGASA-2015-0010.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9374
Applikationen: Asterisk

Originalnachricht

 
This is a multi-part message in MIME format...

------------=_1420735151-31447-12

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:018
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : asterisk
 Date    : January 8, 2015
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Updated asterisk packages fix security vulnerability:
 
 Double free vulnerability in the WebSocket Server (res_http_websocket
 module) in Asterisk Open Source 11.x before 11.14.2 allows remote
 attackers to cause a denial of service (crash) by sending a zero
 length frame after a non-zero length frame (CVE-2014-9374).
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9374
 http://advisories.mageia.org/MGASA-2015-0010.html
 _______________________________________________________________________

 Updated Packages:

 Mandriva Business Server 1/X86_64:
 81aafef92e7c97b6bbd8434c474e242b 
 mbs1/x86_64/asterisk-11.14.2-1.mbs1.x86_64.rpm
 dda93e3159f6dc14b15a16e03e785c6d 
 mbs1/x86_64/asterisk-addons-11.14.2-1.mbs1.x86_64.rpm
 dff8d07b3864f66e20dcff37c5d77cb4 
 mbs1/x86_64/asterisk-devel-11.14.2-1.mbs1.x86_64.rpm
 6b064592c97b1d53f036595770302e20 
 mbs1/x86_64/asterisk-firmware-11.14.2-1.mbs1.x86_64.rpm
 732278096456a386a96839b906655421 
 mbs1/x86_64/asterisk-gui-11.14.2-1.mbs1.x86_64.rpm
 d478bede711aa7843d81286d88212ea8 
 mbs1/x86_64/asterisk-plugins-alsa-11.14.2-1.mbs1.x86_64.rpm
 5ed14ec42661c13491e739efb326cbe6 
 mbs1/x86_64/asterisk-plugins-calendar-11.14.2-1.mbs1.x86_64.rpm
 f3b0c352a4af586271b0500c98873c5a 
 mbs1/x86_64/asterisk-plugins-cel-11.14.2-1.mbs1.x86_64.rpm
 4670b9fd07b7cdf1dc4c7a3d465468a5 
 mbs1/x86_64/asterisk-plugins-corosync-11.14.2-1.mbs1.x86_64.rpm
 fee7d4351c7042614bc458f65afe9c56 
 mbs1/x86_64/asterisk-plugins-curl-11.14.2-1.mbs1.x86_64.rpm
 558ab4e6576aa72250a442d60f91e71b 
 mbs1/x86_64/asterisk-plugins-dahdi-11.14.2-1.mbs1.x86_64.rpm
 29bc6ef16736fe0c4ff5f811562e5fb0 
 mbs1/x86_64/asterisk-plugins-fax-11.14.2-1.mbs1.x86_64.rpm
 c9df28a3a9d6042d1eaf251ebd6a74b1 
 mbs1/x86_64/asterisk-plugins-festival-11.14.2-1.mbs1.x86_64.rpm
 18e82c5c23ead3e458fd00a77d9e4fa6 
 mbs1/x86_64/asterisk-plugins-ices-11.14.2-1.mbs1.x86_64.rpm
 dbf6689b1a83eed16468a88101d9f7c3 
 mbs1/x86_64/asterisk-plugins-jabber-11.14.2-1.mbs1.x86_64.rpm
 55d39478ea6cb898f079f3dacc5bf7aa 
 mbs1/x86_64/asterisk-plugins-jack-11.14.2-1.mbs1.x86_64.rpm
 88a823d6c553d4aa8b0143349dfbdd50 
 mbs1/x86_64/asterisk-plugins-ldap-11.14.2-1.mbs1.x86_64.rpm
 94e154a1f9c2eabd7beaa8cb09b2a31f 
 mbs1/x86_64/asterisk-plugins-lua-11.14.2-1.mbs1.x86_64.rpm
 c4200d468a8d14c09b3961e91ac69c03 
 mbs1/x86_64/asterisk-plugins-minivm-11.14.2-1.mbs1.x86_64.rpm
 c56cdc9b2f81c0a418e911175b0d6754 
 mbs1/x86_64/asterisk-plugins-mobile-11.14.2-1.mbs1.x86_64.rpm
 d11742a4c240bb6031b1384740dfce29 
 mbs1/x86_64/asterisk-plugins-mp3-11.14.2-1.mbs1.x86_64.rpm
 b8a5996440f595d2eb20f9062b4be128 
 mbs1/x86_64/asterisk-plugins-mysql-11.14.2-1.mbs1.x86_64.rpm
 1530f81861f2300b4db8abcff11040ec 
 mbs1/x86_64/asterisk-plugins-ooh323-11.14.2-1.mbs1.x86_64.rpm
 70b8f9fd11e8fcffdc9939036fbe9f36 
 mbs1/x86_64/asterisk-plugins-osp-11.14.2-1.mbs1.x86_64.rpm
 961206588c23b0e5ffd8d3d1cbc8dfaa 
 mbs1/x86_64/asterisk-plugins-oss-11.14.2-1.mbs1.x86_64.rpm
 a354dfdaf710253c01395f80abcb9bae 
 mbs1/x86_64/asterisk-plugins-pgsql-11.14.2-1.mbs1.x86_64.rpm
 da369952774b990bb4feb68b78e1caf7 
 mbs1/x86_64/asterisk-plugins-pktccops-11.14.2-1.mbs1.x86_64.rpm
 2993f20fc663e2fc7f84e5cf139a11c6 
 mbs1/x86_64/asterisk-plugins-portaudio-11.14.2-1.mbs1.x86_64.rpm
 fc5e45e837d95e24a087be98cf403fd7 
 mbs1/x86_64/asterisk-plugins-radius-11.14.2-1.mbs1.x86_64.rpm
 e5bde4633013f20e24be232d203ec302 
 mbs1/x86_64/asterisk-plugins-saycountpl-11.14.2-1.mbs1.x86_64.rpm
 a99c2468bf57d1c011d78f038997d574 
 mbs1/x86_64/asterisk-plugins-skinny-11.14.2-1.mbs1.x86_64.rpm
 7e5d10954234ae302f5e00a14d38180f 
 mbs1/x86_64/asterisk-plugins-snmp-11.14.2-1.mbs1.x86_64.rpm
 08553a02b47ac96b0033d63278517bbe 
 mbs1/x86_64/asterisk-plugins-speex-11.14.2-1.mbs1.x86_64.rpm
 4a3a99a59828c470908e5f96167daf16 
 mbs1/x86_64/asterisk-plugins-sqlite-11.14.2-1.mbs1.x86_64.rpm
 00b9dd9a86365a1129b6ee9f0d76272a 
 mbs1/x86_64/asterisk-plugins-tds-11.14.2-1.mbs1.x86_64.rpm
 711bced0894ca0838929ed9a782de6db 
 mbs1/x86_64/asterisk-plugins-unistim-11.14.2-1.mbs1.x86_64.rpm
 7aeb39f8bc0448f7a21dd83c38dce74e 
 mbs1/x86_64/asterisk-plugins-voicemail-11.14.2-1.mbs1.x86_64.rpm
 b33d31b06c7955bfa97c4ef70435e070 
 mbs1/x86_64/asterisk-plugins-voicemail-imap-11.14.2-1.mbs1.x86_64.rpm
 0d60804315558069de6eb9eef824a35f 
 mbs1/x86_64/asterisk-plugins-voicemail-plain-11.14.2-1.mbs1.x86_64.rpm
 b85a09d05e198729792a03b9b18140c9 
 mbs1/x86_64/lib64asteriskssl1-11.14.2-1.mbs1.x86_64.rpm 
 0112ed7785f2689191f863330c460239  mbs1/SRPMS/asterisk-11.14.2-1.mbs1.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/en/support/security/advisories/

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFUrqQ0mqjQ0CJFipgRArn9AJ0ZEd6gr7OmVBxLfakNaoph8G32bgCfeH1x
PtZL9E+mqBhz+mHc5wIeYO8=
=pA10
-----END PGP SIGNATURE-----


------------=_1420735151-31447-12
Content-Type: text/plain; charset="UTF-8";
 name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva? 
Go to http://store.mandriva.com
_______________________________________________________


------------=_1420735151-31447-12--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung