| Summary: | asterisk new security issues CVE-2017-14099, CVE-2017-14100, and CVE-2017-14603 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | All Packagers <pkg-bugs> |
| Status: | RESOLVED OLD | QA Contact: | Sec team <security> |
| Severity: | critical | ||
| Priority: | Normal | CC: | marja11, oe |
| Version: | 5 | ||
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Source RPM: | asterisk-11.23.1-1.1.mga5.src.rpm | CVE: | |
| Status comment: | |||
|
Description
David Walser
2017-09-07 14:55:27 CEST
Assigning to all packagers collectively, since the registered maintainer for this package, Oden, is probably still unavailable. CC:
(none) =>
marja11, oe Debian has issued an advisory on October 3: https://www.debian.org/security/2017/dsa-3990 Upstream advisory for this from September 19: http://downloads.asterisk.org/pub/security/AST-2017-008.html The issues are fixed in 11.25.3. Summary:
asterisk new security issues CVE-2017-14099 and CVE-2017-14100 =>
asterisk new security issues CVE-2017-14099, CVE-2017-14100, and CVE-2017-14603 I tried to update this, but the %install step failed with: + install -D -p -m 0755 apps/app_directory_plain.so /home/iurt/rpmbuild/BUILDROOT/asterisk-11.25.3-1.mga5.x86_64/usr/lib64/asterisk/modules/ install: cannot stat 'apps/app_directory_plain.so': No such file or directory not sure why. This package is no longer supported. Status:
NEW =>
RESOLVED |