Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 10 FEDORA-2009-0984 Critical: Asterisk Manager Interface Fix

fedora
Calendar Grey February 12, 2009
Dist Fedora Esm H88
Crucial update for Fedora 10 users: Asterisk Manager Interface issues resolved, enhancing performance and security for better system integrity and reliability
Add a patch to fix a problem with the manager interface

Summary

Asterisk is a complete PBX in software. It runs on Linux and provides

all of the features you would expect from a PBX and more. Asterisk

does voice over IP in three protocols, and can interoperate with

almost all standards-based telephony equipment using relatively

inexpensive hardware.

Add a patch to fix a problem with the manager interface. Update to 1.6.0.5 to

fix AST-2009-001 / CVE-2009-0041:

http://downloads.asterisk.org/pub/security/ (Original patch in

1.6.0.3 introduced a regression.)

* Fri Jan 23 2009 Jeffrey C. Ollie - 1.6.0.5-2

- Add a patch to fix a problem with the manager interface.

* Fri Jan 23 2009 Jeffrey C. Ollie - 1.6.0.5-1

- Update to 1.6.0.5 to fix regressions caused by fixes for

AST-2009-001/CVE-2009-0041 (Asterisk 1.6.0.4 was never released).

* Thu Jan 8 2009 Jeffrey C. Ollie - 1.6.0.3-1

- Update to 1.6.0.3 to fix AST-2009-001/CVE-2009-0041

- http://downloads.asterisk.org/pub/security/

* Sun Jan 4 2009 Jeffrey C. Ollie - 1.6.0.2-4

- Fedora Directory Server compatibility patch/subpackage. BZ#452176

* Sun Jan 4 2009 Jeffrey C. Ollie - 1.6.0.2-3

- Don't package func_curl in the main package. BZ#475910

- Fix up paths. BZ#477238

* Sun Jan 4 2009 Jeffrey C. Ollie - 1.6.0.2-2

- Add patch to fix compilation on PPC

* Sun Jan 4 2009 Jeffrey C. Ollie - 1.6.0.2-1

- Update to 1.6.0.2

* Wed Nov 5 2008 Jeffrey C. Ollie - 1.6.0.1-3

- Fix issue with init script giving wrong path to config file.

[ 1 ] Bug #480132 - CVE-2009-0041 asterisk: Replies to failed login attempts differently based on whether the user account exists (information disclosure)

https://bugzilla.redhat.com/show_bug.cgi?id=480132

su -c 'yum update asterisk' at the command line.

For more information, refer to "Managing Software with yum",

available at .

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Topics%20covered

Topics Covered

security advisory Fedora critical fix security patch Asterisk manager interface

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 10
Version: 1.6.0.5
Release: 2.fc10
URL: https://www.asterisk.org/
Summary: The Open Source PBX

Topics%20covered

Topics Covered

security advisory Fedora critical fix security patch Asterisk manager interface

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here