Bug#395080: CVE-2006-5444/5:security issues in asterisk

yes, it had to be made into a new version because it WAS a big security issue.On 11/10/06, Tzafrir Cohen < [EMAIL PROTECTED]> wrote:On Wed, Nov 08, 2006 at 11:25:11PM -0500, Frédéric Brière wrote: > On Tue, Oct 24, 2006 at 10:14:45PM +0200, Stefan Fritsch wrote:> > The skinny issue is CVE-2006-5444

Bug#395080: CVE-2006-5444/5:security issues in asterisk

On Wed, Nov 08, 2006 at 11:25:11PM -0500, Frédéric Brière wrote: > On Tue, Oct 24, 2006 at 10:14:45PM +0200, Stefan Fritsch wrote: > > The skinny issue is CVE-2006-5444. > > Is there a reason why this issue has not yet been fixed in sarge? I haven't looked at it yet, but the patch from 1.0.11 to

Bug#395080: CVE-2006-5444/5:security issues in asterisk

On Fri, Nov 10, 2006 at 04:07:14AM +, Brandon Kruse wrote: > hello, this has been fixed in the latest branch of asterisk (1.2.13) > and in 1.4 Yes, I know this is fixed in sid. What I want to know is why this buffer overflow is still present in sarge. The fix seems rather straightforward, an

Bug#395080: CVE-2006-5444/5:security issues in asterisk

hello, this has been fixed in the latest branch of asterisk (1.2.13)and in 1.4for a temporary fix, ( if its the bug im thinking your talking about )just edit /etc/asterisk/modules.conf and noload=>chan_skinny.so On 11/9/06, Frédéric Brière <[EMAIL PROTECTED]> wrote: On Tue, Oct 24, 2006 at 10:14:45

Bug#395080: CVE-2006-5444/5:security issues in asterisk

On Tue, Oct 24, 2006 at 10:14:45PM +0200, Stefan Fritsch wrote: > The skinny issue is CVE-2006-5444. Is there a reason why this issue has not yet been fixed in sarge? -- Frédéric Brière<*>[EMAIL PROTECTED] => <[EMAIL PROTECTED]> IS NO MORE: