Bug#559103: CVE-2009-4055: RTP Remote Crash Vulnerability
Tzafrir Cohen
tzafrir.cohen at xorcom.com
Wed Dec 2 09:57:48 UTC 2009
On Tue, Dec 01, 2009 at 11:13:30PM +0100, Moritz Muehlenhoff wrote:
> Package: asterisk
> Severity: grave
> Tags: security
>
> http://downloads.asterisk.org/pub/security/AST-2009-010.html
For the record, the patch itself is trivial and seems to be very simple
to backport.
https://issues.asterisk.org/view.php?id=16242
See links to specific commits from there.
The issue seems to affect both Etch, Lenny and Squeeze. For Sid/Squeeze,
upstream 1.6.0.2-rc7 should be released shortly (it has already been
tagged).
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.cohen at xorcom.com
+972-50-7952406 mailto:tzafrir.cohen at xorcom.com
http://www.xorcom.com iax:guest at local.xorcom.com/tzafrir
More information about the Pkg-voip-maintainers
mailing list