What Are You Looking For?

Sign Up
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-11126
2009-11-06 23:59:04
--------------------------------------------------------------------------------

Name        : asterisk
Product     : Fedora 10
Version     : 1.6.0.17
Release     : 2.fc10
URL         : https://www.asterisk.org/
Summary     : The Open Source PBX
Description :
Asterisk is a complete PBX in software. It runs on Linux and provides
all of the features you would expect from a PBX and more. Asterisk
does voice over IP in three protocols, and can interoperate with
almost all standards-based telephony equipment using relatively
inexpensive hardware.

--------------------------------------------------------------------------------
Update Information:

* Thu Nov  5 2009 Jeffrey C. Ollie  - 1.6.0.17-2 - Fix firmware
path * Wed Nov  4 2009 Jeffrey C. Ollie  - 1.6.0.17-1 - Update
to 1.6.0.17 to fix AST-2009-009/CVE-2008-7220 - Merge the firmware subpackage
back into the main package. - Don't package the iaxy firmware anymore.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Nov  5 2009 Jeffrey C. Ollie  - 1.6.0.17-2
- Fix firmware path
* Wed Nov  4 2009 Jeffrey C. Ollie  - 1.6.0.17-1
- Update to 1.6.0.17 to fix AST-2009-009/CVE-2008-7220
- Merge the firmware subpackage back into the main package.
- Don't package the iaxy firmware anymore.
* Thu Sep  3 2009 Jeffrey C. Ollie  - 1.6.0.15-2
- Create /var/lib/asterisk/keys
* Thu Sep  3 2009 Jeffrey C. Ollie  - 1.6.0.15-1
- Drop chan_mobile, too difficult to maintain as a patch
- Update to 1.6.0.15 and drop unneeded patches
* Fri Jan 23 2009 Jeffrey C. Ollie  - 1.6.0.5-2
- Add a patch to fix a problem with the manager interface.
* Fri Jan 23 2009 Jeffrey C. Ollie  - 1.6.0.5-1
- Update to 1.6.0.5 to fix regressions caused by fixes for
  AST-2009-001/CVE-2009-0041 (Asterisk 1.6.0.4 was never released).
* Thu Jan  8 2009 Jeffrey C. Ollie  - 1.6.0.3-1
- Update to 1.6.0.3 to fix AST-2009-001/CVE-2009-0041
- https://downloads.digium.com/pub/security/AST-2009-001.html
* Sun Jan  4 2009 Jeffrey C. Ollie  - 1.6.0.2-4
- Fedora Directory Server compatibility patch/subpackage. BZ#452176
* Sun Jan  4 2009 Jeffrey C. Ollie  - 1.6.0.2-3
- Don't package func_curl in the main package. BZ#475910
- Fix up paths. BZ#477238
* Sun Jan  4 2009 Jeffrey C. Ollie  - 1.6.0.2-2
- Add patch to fix compilation on PPC
* Sun Jan  4 2009 Jeffrey C. Ollie  - 1.6.0.2-1
- Update to 1.6.0.2
* Wed Nov  5 2008 Jeffrey C. Ollie  - 1.6.0.1-3
- Fix issue with init script giving wrong path to config file.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #533137 - Asterisk: SIP responses expose valid usernames (AST-2009-008)
        https://bugzilla.redhat.com/show_bug.cgi?id=533137
  [ 2 ] Bug #523277 - CVE-2008-7220 WordPress, MediaTomb, python-webhelpers, Asterisk, Plone -- embedded Prototype JavaScript FrameWork: XSS Ajax requests (AST-2009-009)
        https://bugzilla.redhat.com/show_bug.cgi?id=523277
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update asterisk' at the command line.
For more information, refer to "Managing Software with yum",
available at .

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-package-announce

Fedora 10: asterisk Security Update

November 24, 2009
* Thu Nov 5 2009 Jeffrey C

Summary

Asterisk is a complete PBX in software. It runs on Linux and provides

all of the features you would expect from a PBX and more. Asterisk

does voice over IP in three protocols, and can interoperate with

almost all standards-based telephony equipment using relatively

inexpensive hardware.

Update Information:

* Thu Nov 5 2009 Jeffrey C. Ollie - 1.6.0.17-2 - Fix firmware path * Wed Nov 4 2009 Jeffrey C. Ollie - 1.6.0.17-1 - Update to 1.6.0.17 to fix AST-2009-009/CVE-2008-7220 - Merge the firmware subpackage back into the main package. - Don't package the iaxy firmware anymore.

Change Log

* Thu Nov 5 2009 Jeffrey C. Ollie - 1.6.0.17-2 - Fix firmware path * Wed Nov 4 2009 Jeffrey C. Ollie - 1.6.0.17-1 - Update to 1.6.0.17 to fix AST-2009-009/CVE-2008-7220 - Merge the firmware subpackage back into the main package. - Don't package the iaxy firmware anymore. * Thu Sep 3 2009 Jeffrey C. Ollie - 1.6.0.15-2 - Create /var/lib/asterisk/keys * Thu Sep 3 2009 Jeffrey C. Ollie - 1.6.0.15-1 - Drop chan_mobile, too difficult to maintain as a patch - Update to 1.6.0.15 and drop unneeded patches * Fri Jan 23 2009 Jeffrey C. Ollie - 1.6.0.5-2 - Add a patch to fix a problem with the manager interface. * Fri Jan 23 2009 Jeffrey C. Ollie - 1.6.0.5-1 - Update to 1.6.0.5 to fix regressions caused by fixes for AST-2009-001/CVE-2009-0041 (Asterisk 1.6.0.4 was never released). * Thu Jan 8 2009 Jeffrey C. Ollie - 1.6.0.3-1 - Update to 1.6.0.3 to fix AST-2009-001/CVE-2009-0041 - https://downloads.digium.com/pub/security/AST-2009-001.html * Sun Jan 4 2009 Jeffrey C. Ollie - 1.6.0.2-4 - Fedora Directory Server compatibility patch/subpackage. BZ#452176 * Sun Jan 4 2009 Jeffrey C. Ollie - 1.6.0.2-3 - Don't package func_curl in the main package. BZ#475910 - Fix up paths. BZ#477238 * Sun Jan 4 2009 Jeffrey C. Ollie - 1.6.0.2-2 - Add patch to fix compilation on PPC * Sun Jan 4 2009 Jeffrey C. Ollie - 1.6.0.2-1 - Update to 1.6.0.2 * Wed Nov 5 2008 Jeffrey C. Ollie - 1.6.0.1-3 - Fix issue with init script giving wrong path to config file.

References

[ 1 ] Bug #533137 - Asterisk: SIP responses expose valid usernames (AST-2009-008) https://bugzilla.redhat.com/show_bug.cgi?id=533137 [ 2 ] Bug #523277 - CVE-2008-7220 WordPress, MediaTomb, python-webhelpers, Asterisk, Plone -- embedded Prototype JavaScript FrameWork: XSS Ajax requests (AST-2009-009) https://bugzilla.redhat.com/show_bug.cgi?id=523277

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update asterisk' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
Name : asterisk
Product : Fedora 10
Version : 1.6.0.17
Release : 2.fc10
URL : https://www.asterisk.org/
Summary : The Open Source PBX

Related News

Linux FU: UEFI Booting

Jan 23, 2023

News

Advisories

HOWTOs

Features

Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024
Cloud Security Basics for Small Businesses
Scanning and Defending Networks with Nmap
CISA Issues Urgent Warning Over Active Exploitation of Looney Tunables glibc Bug

About Us

Powered By

Footer Logo