7 matches found
[SECURITY] [DLA 2962-1] pjproject security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2962-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA March 28, 2022 https://wiki.debian.org/LTS -...
Mageia: Security Advisory (MGASA-2021-0559)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2021-0559 Updated pjproject packages fix security vulnerability
Updated pjproject packages fix security vulnerability: In PJSIP before version 2.11.1, there are a couple of issues found in the SSL socket. First, a race condition between callback and destroy, due to the accepted socket having no group lock. Second, the SSL socket parent/ listener may get...
FreeBSD : asterisk -- pjproject/pjsip: crash when SSL socket destroyed during handshake (53fbffe6-ebf7-11eb-aef1-0897988a1c07)
The Asterisk project reports : Depending on the timing, it's possible for Asterisk to crash when using a TLS connection if the underlying socket parent/listener gets destroyed during the handshake. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in thi...
FreeBSD : pjsip -- Race condition in SSL socket server (92ad12b8-ec09-11eb-aef1-0897988a1c07)
pjsip reports : There are a couple of issues found in the SSL socket : - A race condition between callback and destroy, due to the accepted socket having no group lock. - SSL socket parent/listener may get destroyed during handshake. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
CVE-2021-32686
CVE-2021-32686 affects the PJSIP pjproject library prior to 2.11.1. The issue is a race condition in the SSL socket: (1) the accepted socket lacks a group lock, causing a race between callback and destroy, and (2) the SSL socket parent/listener may be destroyed during TLS handshake. These intermi...
Asterisk Multiple DoS Vulnerabilities (AST-2021-008, AST-2021-009)
Asterisk is prone to multiple denial of service DoS vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...