diff options
Diffstat (limited to 'security/vuxml/vuln.xml')
-rw-r--r-- | security/vuxml/vuln.xml | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index bc9b8a962741..621f0ebf571f 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -42,8 +42,8 @@ Note: Please add new entries to the beginning of this file. <range><gt>1.4.*</gt><lt>1.4.39.2</lt></range> </package> <package> - <name>asterisk16</name> - <range><gt>1.6.*</gt><lt>1.6.2.16.2</lt></range> + <name>asterisk16</name> + <range><gt>1.6.*</gt><lt>1.6.2.16.2</lt></range> </package> <package> <name>asterisk18</name> @@ -55,16 +55,17 @@ Note: Please add new entries to the beginning of this file. <p>The Asterisk Development Team reports:</p> <blockquote cite="http://lists.digium.com/pipermail/asterisk-announce/2011-February/000302.html"> <p>The releases of Asterisk 1.4.39.2, 1.6.1.22, 1.6.2.16.2, and - 1.8.2.4 resolve an issue that when decoding UDPTL packets, multiple - heap based arrays can be made to overflow by specially - crafted packets. Systems configured for T.38 pass through or - termination are vulnerable. The issue and resolution are described - in the AST-2011-002 security advisory.</p> + 1.8.2.4 resolve an issue that when decoding UDPTL packets, multiple + heap based arrays can be made to overflow by specially + crafted packets. Systems configured for T.38 pass through or + termination are vulnerable. The issue and resolution are described + in the AST-2011-002 security advisory.</p> </blockquote> </body> </description> <references> <url>http://downloads.asterisk.org/pub/security/AST-2011-002.html</url> + <url>http://secunia.com/advisories/43429/</url> </references> <dates> <discovery>2011-02-21</discovery> |