[Bug 705014] Re: CVE-2011-0495: AST-2011-001: Asterisk: Stack based buffer overflow by forming an outgoing SIP request with specially-crafted caller ID information

Launchpad Bug Tracker Fri, 21 Jan 2011 12:16:20 -0800

This bug was fixed in the package asterisk - 1:1.6.2.7-1ubuntu1.1

---------------
asterisk (1:1.6.2.7-1ubuntu1.1) maverick-security; urgency=low


  * SECURITY UPDATE: Stack buffer overflow in SIP channel driver. (LP: #705014)
    - debian/patches/AST-2011-001-1.6.2: The size of the output buffer passed
      to the ast_uri_encode function is now properly respected in main/utils.c.
      Patch courtesy of upstream.
    - CVE-2011-0495
 -- Dave Walker (Daviey) <[email protected]>   Thu, 20 Jan 2011 23:36:57 
+0000

** Changed in: asterisk (Ubuntu Maverick)
       Status: Fix Committed => Fix Released

** Changed in: asterisk (Ubuntu Lucid)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/705014

Title:
  CVE-2011-0495: AST-2011-001: Asterisk: Stack based buffer overflow by
  forming an outgoing SIP request with specially-crafted caller ID
  information

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 705014] Re: CVE-2011-0495: AST-2011-001: Asterisk: Stack based buffer overflow by forming an outgoing SIP request with specially-crafted caller ID information

Reply via email to