Source: asterisk
Version: 1:13.18.5~dfsg-1
Severity: grave
Tags: patch security upstream


the following vulnerability was published for asterisk.

| An issue was discovered in Asterisk through 13.19.1, 14.x through
| 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through
| 13.18-cert2. res_pjsip allows remote authenticated users to crash
| Asterisk (segmentation fault) by sending a number of SIP INVITE
| messages on a TCP or TLS connection and then suddenly closing the
| connection.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:


Please adjust the affected versions in the BTS as needed.


Reply via email to