Colin Cuthbertson and Walter Doekes discovered two vulnerabilities in the SIP processing code of Asterisk - an open source PBX and telephony toolkit -, which could result in denial of service. For the oldstable distribution (squeeze), these problems have been fixed in version 1:1.6.2.9-2+squeeze11. For the stable distribution (wheezy), these problems have been fixed in version 1.8.13.1~dfsg-3+deb7u1. For the unstable distribution (sid), these problems will be fixed soon. We recommend that you upgrade your asterisk packages.
Colin Cuthbertson and Walter Doekes discovered two vulnerabilities in the SIP processing code of Asterisk - an open source PBX and telephony toolkit -, which could result in denial of service.
For the oldstable distribution (squeeze), these problems have been fixed in version 1:1.6.2.9-2+squeeze11.
For the stable distribution (wheezy), these problems have been fixed in version 1.8.13.1~dfsg-3+deb7u1.
For the unstable distribution (sid), these problems will be fixed soon.
We recommend that you upgrade your asterisk packages.