Subject: pkg/35924: Security vulnerability in Asterisk
To: None <pkg-manager@netbsd.org, gnats-admin@netbsd.org,>
From: None <dave@turbocat.de>
List: pkgsrc-bugs
Date: 03/05/2007 12:05:00
Note: There was a bad value `' for the field `Confidential'.
It was set to the default value of `yes'.
>Number: 35924
>Category: pkg
>Synopsis: Security vulnerability in Asterisk
>Confidential: yes
>Severity: critical
>Priority: high
>Responsible: pkg-manager
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Mon Mar 05 12:05:00 +0000 2007
>Originator: David Wetzel
>Release: NetBSD 3.1
>Organization:
_ _
_(_)(_)_ David Wetzel, Turbocat's Development,
(_) __ (_) Buchhorster Strasse 23, D-16567 Muehlenbeck/Berlin
_/ \_ Fax +49 33056 82835 Phone +49 33056 82834
(______) http://www.turbocat.de/ dave@turbocat.de
>Environment:
System: NetBSD alice.turbocat.de 3.1 NetBSD 3.1 (ALICENEW) #0: Thu Nov 9 16:06:38 CET 2006 dave@alice.turbocat.de:/usr/src/sys/arch/i386/compile/ALICENEW i386
Architecture: i386
Machine: i386
>Description:
Security vulnerability in Asterisk
>How-To-Repeat:
>Fix:
http://asterisk.org/taxonomy/term/32
We need a new version of Asterisk in pkgsrc.
The Asterisk and Zaptel development teams have released Asterisk 1.4.1.
This release contains a very large number of bug fixes, including a fix for the recently discovered security vulnerability.
>Unformatted: