Bug#435521: closed by Mark Purcell <msp at debian.org> (Re: Bug#435521: Asterisk SIP DOS Vulnerability)
Lionel Elie Mamane
lionel at mamane.lu
Wed Aug 8 05:39:43 UTC 2007
On Mon, Aug 06, 2007 at 09:21:01PM +0100, Mark Purcell wrote:
> Per the advisory I believe this issue is resolved in asterisk 1.4.x
> debian unstable currently has version 1.4.9 so the bug should be
> resolved.
Yes, but we should still fix that in stable, not only unstable.
>>> Asterisk crashes when handles a REGISTER message with no URI and
>>> no SIP-Version. See
>>> http://labs.musecurity.com/advisories/MU-200703-01.txt for more
>>> details.
--
Lionel
More information about the Pkg-voip-maintainers
mailing list