Nome do pacote
asterisk
Data
2013-12-22
ID Alerta
MDVSA-2013:300
Versões afetadas
MBS1 x86_64

Descrição do problema

A vulnerability has been discovered and corrected in asterisk:

Buffer overflow in the unpacksms16 function in apps/app_sms.c in
Asterisk Open Source 1.8.x before 1.8.24.1, 10.x before 10.12.4, and
11.x before 11.6.1; Asterisk with Digiumphones 10.x-digiumphones before
10.12.4-digiumphones; and Certified Asterisk 1.8.x before 1.8.15-cert4
and 11.x before 11.2-cert3 allows remote attackers to cause a denial
of service (daemon crash) via a 16-bit SMS message (CVE-2013-7100).

The updated packages has been upgraded to the 11.7.0 version which
resolves various upstream bugs and is not vulnerable to this issue.

Pacotes atualizados

MBS1 x86_64

 e24b714a039387ce246a75cb86f9a5aa  mbs1/x86_64/asterisk-11.7.0-1.mbs1.x86_64.rpm
 af4da5a36e630210f2483ae3c46db9b4  mbs1/x86_64/asterisk-addons-11.7.0-1.mbs1.x86_64.rpm
 85e539430165237292a64e104c0dcaff  mbs1/x86_64/asterisk-devel-11.7.0-1.mbs1.x86_64.rpm
 5c539a9ecc40ce581a6e052498a4e17b  mbs1/x86_64/asterisk-firmware-11.7.0-1.mbs1.x86_64.rpm
 2620a9775c3f4a81856e5209cb92415f  mbs1/x86_64/asterisk-gui-11.7.0-1.mbs1.x86_64.rpm
 0fb5cb906884a9a4948dacdc4f2e3728  mbs1/x86_64/asterisk-plugins-alsa-11.7.0-1.mbs1.x86_64.rpm
 660123db21c5819ebba6fe52c6433732  mbs1/x86_64/asterisk-plugins-calendar-11.7.0-1.mbs1.x86_64.rpm
 dc78596485a8baca38ccb62b8d5f3d30  mbs1/x86_64/asterisk-plugins-cel-11.7.0-1.mbs1.x86_64.rpm
 97323d1bf191e4eb1f1a619330f4a384  mbs1/x86_64/asterisk-plugins-corosync-11.7.0-1.mbs1.x86_64.rpm
 d0c1b630a526930b597c5ebbea838e0f  mbs1/x86_64/asterisk-plugins-curl-11.7.0-1.mbs1.x86_64.rpm
 0585275b570504e13448ddec41637749  mbs1/x86_64/asterisk-plugins-dahdi-11.7.0-1.mbs1.x86_64.rpm
 8b16ca9b3a9467931ee55ceb7eb87e0c  mbs1/x86_64/asterisk-plugins-fax-11.7.0-1.mbs1.x86_64.rpm
 dc9cea95cdcb0bccb638e44c80db9615  mbs1/x86_64/asterisk-plugins-festival-11.7.0-1.mbs1.x86_64.rpm
 aa0746b011a0b9c607512fd024470e9d  mbs1/x86_64/asterisk-plugins-ices-11.7.0-1.mbs1.x86_64.rpm
 66c1d1d7c7f050534b14d4a00cb9be27  mbs1/x86_64/asterisk-plugins-jabber-11.7.0-1.mbs1.x86_64.rpm
 bdb76cae7c31b3c747924afaaa4be9ab  mbs1/x86_64/asterisk-plugins-jack-11.7.0-1.mbs1.x86_64.rpm
 64b0a39eab31e855f7c3e232815b6970  mbs1/x86_64/asterisk-plugins-ldap-11.7.0-1.mbs1.x86_64.rpm
 953d08b45ada744d1a745a1076b784cf  mbs1/x86_64/asterisk-plugins-lua-11.7.0-1.mbs1.x86_64.rpm
 5de657bd7924ba1cb92ff83c1f08c60e  mbs1/x86_64/asterisk-plugins-minivm-11.7.0-1.mbs1.x86_64.rpm
 9d8167b8c997f1d9612d3f255a03e3f5  mbs1/x86_64/asterisk-plugins-mobile-11.7.0-1.mbs1.x86_64.rpm
 fb0f914bf7bf17807d625cee9acef023  mbs1/x86_64/asterisk-plugins-mp3-11.7.0-1.mbs1.x86_64.rpm
 0860304b68c9419a3f12e0cda3cdaa75  mbs1/x86_64/asterisk-plugins-mysql-11.7.0-1.mbs1.x86_64.rpm
 aff65445ffe4308b3c0a7c4ba8fb8ae2  mbs1/x86_64/asterisk-plugins-ooh323-11.7.0-1.mbs1.x86_64.rpm
 be6753c6e166c8bbc4ea18a57cd53170  mbs1/x86_64/asterisk-plugins-osp-11.7.0-1.mbs1.x86_64.rpm
 3e143d7cfb7e13130e65b4e574f503d8  mbs1/x86_64/asterisk-plugins-oss-11.7.0-1.mbs1.x86_64.rpm
 1c931954172d4501ed4088d2f446dcbd  mbs1/x86_64/asterisk-plugins-pgsql-11.7.0-1.mbs1.x86_64.rpm
 b1717277db6c460ecef21c420b37b300  mbs1/x86_64/asterisk-plugins-pktccops-11.7.0-1.mbs1.x86_64.rpm
 d77487524f4c97de9045ec95ad12ab6e  mbs1/x86_64/asterisk-plugins-portaudio-11.7.0-1.mbs1.x86_64.rpm
 71e27adc458413c7702d6818898fe5e7  mbs1/x86_64/asterisk-plugins-radius-11.7.0-1.mbs1.x86_64.rpm
 3dbccf9557495d4348ae3505d97b38be  mbs1/x86_64/asterisk-plugins-saycountpl-11.7.0-1.mbs1.x86_64.rpm
 3b89b8637aec14894a58bef4cd689567  mbs1/x86_64/asterisk-plugins-skinny-11.7.0-1.mbs1.x86_64.rpm
 50d45e856e41c6ecff783b93a4287eda  mbs1/x86_64/asterisk-plugins-snmp-11.7.0-1.mbs1.x86_64.rpm
 ad92c508abd692fbd99f7fa5aaabecc2  mbs1/x86_64/asterisk-plugins-speex-11.7.0-1.mbs1.x86_64.rpm
 3f6c510e2b249132de1e6c0f28b8aa68  mbs1/x86_64/asterisk-plugins-sqlite-11.7.0-1.mbs1.x86_64.rpm
 8668cd7c3ab9fee553a00a3214612ea8  mbs1/x86_64/asterisk-plugins-tds-11.7.0-1.mbs1.x86_64.rpm
 993a93fcdf4e50e09496c7043a67569a  mbs1/x86_64/asterisk-plugins-unistim-11.7.0-1.mbs1.x86_64.rpm
 e5af9c493e06ed9109db7d7d6a99cf57  mbs1/x86_64/asterisk-plugins-voicemail-11.7.0-1.mbs1.x86_64.rpm
 94953089a0fc959164bb30c348422490  mbs1/x86_64/asterisk-plugins-voicemail-imap-11.7.0-1.mbs1.x86_64.rpm
 7a09be7047f1532f31133b84d133f1e6  mbs1/x86_64/asterisk-plugins-voicemail-plain-11.7.0-1.mbs1.x86_64.rpm
 4521559e7590de0394bdc14894630e61  mbs1/x86_64/lib64asteriskssl1-11.7.0-1.mbs1.x86_64.rpm 
 aca304a80515ea6055a0611194b56b9e  mbs1/SRPMS/asterisk-11.7.0-1.mbs1.src.rpm

Referências