Debian Security Advisory DSA-2550-1 firstname.lastname@example.org http://www.debian.org/security/ Moritz Muehlenhoff September 18, 2012 http://www.debian.org/security/faq
Package : asterisk Vulnerability : several Problem type : remote Debian-specific: no CVE ID : CVE-2012-2186 CVE-2012-3812 CVE-2012-3863 CVE-2012-4737
Several vulnerabilities were discovered in Asterisk, a PBX and telephony toolkit, allowing privilege escalation in the Asterisk Manager, denial of service or privilege escalation.
More detailed information can be found in the Asterisk advisories: http://downloads.asterisk.org/pub/security/AST-2012-010.html http://downloads.asterisk.org/pub/security/AST-2012-011.html http://downloads.asterisk.org/pub/security/AST-2012-012.html http://downloads.asterisk.org/pub/security/AST-2012-013.html
For the stable distribution (squeeze), these problems have been fixed in version 1:188.8.131.52-2+squeeze7.
For the testing distribution (wheezy) and the unstable distribution (sid), these problems have been fixed in version 1:184.108.40.206~dfsg-1.
We recommend that you upgrade your asterisk packages.
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/
Mailing list: email@example.com