Tags: patch security upstream
the following vulnerability was published for asterisk.
| An issue was discovered in Asterisk through 13.19.1, 14.x through
| 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through
| 13.18-cert2. res_pjsip allows remote authenticated users to crash
| Asterisk (segmentation fault) by sending a number of SIP INVITE
| messages on a TCP or TLS connection and then suddenly closing the
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
Please adjust the affected versions in the BTS as needed.
Secure-testing-team mailing list