Puslapiai
(Perkelti į...)
Pradinis puslapis
Nuorodos
▼
[ MDVSA-2014:218 ] asterisk
Mandriva Linux Security Advisory MDVSA-2014:218 http://www.mandriva.com/en/ ______________________________ ______________________________
___________ Package : asterisk Date : November 21, 2014 Affected: Business Server 1.0 ______________________________ ______________________________ ___________ Problem Description: Multiple vulnerabilities has been discovered and corrected in asterisk: Remote crash when handling out of call message in certain dialplan configurations (CVE-2014-6610). Asterisk Susceptibility to POODLE Vulnerability (CVE-2014-3566). Mixed IP address families in access control lists may permit unwanted traffic. High call load may result in hung channels in ConfBridge. Permission escalation through ConfBridge actions/dialplan functions. The updated packages has been upgraded to the 11.14.1 version which is not vulnerable to these issues.
______________________________ ______________________________ ___________ References: http://cve.mitre.org/cgi-bin/ http://cve.mitre.org/cgi-bin/ http://downloads.asterisk.org/ http://downloads.asterisk.org/ http://downloads.asterisk.org/ http://downloads.asterisk.org/ http://downloads.asterisk.org/ http://downloads.asterisk.org/ ______________________________ ______________________________ ___________ Updated Packages: Mandriva Business Server 1/X86_64: c51cb6ffff59bffd642bb902ca8162 f1 mbs1/x86_64/asterisk-11.14.1- 1.mbs1.x86_64.rpm c0f85969b4d756688494358697f005 c9 mbs1/x86_64/asterisk-addons- 11.14.1-1.mbs1.x86_64.rpm 31713ecdd6b61071fb61b42cd78770 1f mbs1/x86_64/asterisk-devel-11. 14.1-1.mbs1.x86_64.rpm 162e4350a312c6e090fb75194d5388 4d mbs1/x86_64/asterisk-firmware- 11.14.1-1.mbs1.x86_64.rpm 17e181231c0d38df044ca55e7854b5 1d mbs1/x86_64/asterisk-gui-11. 14.1-1.mbs1.x86_64.rpm 18c8ece7a7f60c803a7c861a650989 11 mbs1/x86_64/asterisk-plugins- alsa-11.14.1-1.mbs1.x86_64.rpm ec473426a8f58b4a3cc29d10ead4d8 f6 mbs1/x86_64/asterisk-plugins- calendar-11.14.1-1.mbs1.x86_ 64.rpm 24e8d37e023ac50d108aec12b50462 65 mbs1/x86_64/asterisk-plugins- cel-11.14.1-1.mbs1.x86_64.rpm 8968cf4e2893e81c6548374a35bd99 ac mbs1/x86_64/asterisk-plugins- corosync-11.14.1-1.mbs1.x86_ 64.rpm 76c6d4296d0302077875ed7f5231b2 cd mbs1/x86_64/asterisk-plugins- curl-11.14.1-1.mbs1.x86_64.rpm fdb776323a732bf1f5d74577d1d500 16 mbs1/x86_64/asterisk-plugins- dahdi-11.14.1-1.mbs1.x86_64. rpm ac14dbc670119059cd90876c25f8d9 27 mbs1/x86_64/asterisk-plugins- fax-11.14.1-1.mbs1.x86_64.rpm aa4b1e716dda92a07d1ab86924bf30 f7 mbs1/x86_64/asterisk-plugins- festival-11.14.1-1.mbs1.x86_ 64.rpm 320c9d15d38382dba12e1fa050d23b 92 mbs1/x86_64/asterisk-plugins- ices-11.14.1-1.mbs1.x86_64.rpm 1e23348126a183856b0869dc4d8d30 8e mbs1/x86_64/asterisk-plugins- jabber-11.14.1-1.mbs1.x86_64. rpm 66551930b10eb068b0fdcf8c082365 1d mbs1/x86_64/asterisk-plugins- jack-11.14.1-1.mbs1.x86_64.rpm a638c610fd6e2fd335c598c1b4da00 e9 mbs1/x86_64/asterisk-plugins- ldap-11.14.1-1.mbs1.x86_64.rpm e36665aaf4328129da0a0997eea692 bc mbs1/x86_64/asterisk-plugins- lua-11.14.1-1.mbs1.x86_64.rpm a3c7eb40e517b35c0cefc7d9b910cd b4 mbs1/x86_64/asterisk-plugins- minivm-11.14.1-1.mbs1.x86_64. rpm e424c8c9c5e2deab47f244b277398b 51 mbs1/x86_64/asterisk-plugins- mobile-11.14.1-1.mbs1.x86_64. rpm f80f743a85409065758b068a14e25a 83 mbs1/x86_64/asterisk-plugins- mp3-11.14.1-1.mbs1.x86_64.rpm 0ac6785ecb4bd82c3b4eb92e8b1497 31 mbs1/x86_64/asterisk-plugins- mysql-11.14.1-1.mbs1.x86_64. rpm 477784fddff9b23b41813e073b3b83 20 mbs1/x86_64/asterisk-plugins- ooh323-11.14.1-1.mbs1.x86_64. rpm 4e7301826ec3187feecdbbd1e60c11 a6 mbs1/x86_64/asterisk-plugins- osp-11.14.1-1.mbs1.x86_64.rpm 1753e99e936d3975fc1861fd672506 94 mbs1/x86_64/asterisk-plugins- oss-11.14.1-1.mbs1.x86_64.rpm 5cc90093af54761a46c695cf468737 34 mbs1/x86_64/asterisk-plugins- pgsql-11.14.1-1.mbs1.x86_64. rpm 052fa6b84ee2a1339c4f4013f9bd91 60 mbs1/x86_64/asterisk-plugins- pktccops-11.14.1-1.mbs1.x86_ 64.rpm c7f857575e2fe4b0ff6b470bffeb60 b2 mbs1/x86_64/asterisk-plugins- portaudio-11.14.1-1.mbs1.x86_ 64.rpm eeac32dd9a60156db1dace2a44b051 ab mbs1/x86_64/asterisk-plugins- radius-11.14.1-1.mbs1.x86_64. rpm c14dc9a89aa265ea1abe69d1596b75 4c mbs1/x86_64/asterisk-plugins- saycountpl-11.14.1-1.mbs1.x86_ 64.rpm fb1248b1e11190ce4150cc59b1b2f2 e6 mbs1/x86_64/asterisk-plugins- skinny-11.14.1-1.mbs1.x86_64. rpm fb50e5c640ce34213b41e8a505f7df 49 mbs1/x86_64/asterisk-plugins- snmp-11.14.1-1.mbs1.x86_64.rpm a7b4f389bc0f66937a23b7fa00c4cc ac mbs1/x86_64/asterisk-plugins- speex-11.14.1-1.mbs1.x86_64. rpm e98250351bfbb1b2f40a1d9c39ed88 dd mbs1/x86_64/asterisk-plugins- sqlite-11.14.1-1.mbs1.x86_64. rpm f87581b2b56a610299d53f4e25528e 10 mbs1/x86_64/asterisk-plugins- tds-11.14.1-1.mbs1.x86_64.rpm 8f29e88a502cac7a49400c2040a080 57 mbs1/x86_64/asterisk-plugins- unistim-11.14.1-1.mbs1.x86_64. rpm a204d1147b7a5042eef622f6231b77 6b mbs1/x86_64/asterisk-plugins- voicemail-11.14.1-1.mbs1.x86_ 64.rpm 7ff13281c7ff4960908786b8bdd2f0 69 mbs1/x86_64/asterisk-plugins- voicemail-imap-11.14.1-1.mbs1. x86_64.rpm dc4f408b50f46b7d1e350a0dda42c7 70 mbs1/x86_64/asterisk-plugins- voicemail-plain-11.14.1-1. mbs1.x86_64.rpm 25587e56764c03d34e63401c979a04 e2 mbs1/x86_64/lib64asteriskssl1- 11.14.1-1.mbs1.x86_64.rpm d7c66982d82943dbd48e36aca17f87 7b mbs1/SRPMS/asterisk-11.14.1-1. mbs1.src.rpm ______________________________ ______________________________ ___________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/en/ If you want to report vulnerabilities, please contact security_(at)_ mandriva.com
Komentarų nėra:
Rašyti komentarą