Debian DLA-1122-1 : asterisk security update

A security vulnerability was discovered in Asterisk, an Open Source PBX and telephony toolkit, that may lead to unauthorized command execution. The appminivm module has an 'externnotify' program configuration option that is executed by the MinivmNotify dialplan application. The application uses t...

CVE-2017-14100

In Asterisk 11.x before 11.25.2, 13.x before 13.17.1, and 14.x before 14.6.1 and Certified Asterisk 11.x before 11.6-cert17 and 13.x before 13.13-cert5, unauthorized command execution is possible. The appminivm module has an "externnotify" program configuration option that is executed by the...