Fedora 20 : asterisk-11.8.1-1.fc20 (2014-3762)

The Asterisk Development Team has announced security releases for Certified Asterisk 1.8.15, 11.6, and Asterisk 1.8, 11, and 12. The available security releases are released as versions 1.8.15-cert5, 11.6-cert2, 1.8.26.1, 11.8.1, and 12.1.1. These releases are available for immediate download at...

Fedora 19 : asterisk-11.8.1-1.fc19 (2014-3779)

The Asterisk Development Team has announced security releases for Certified Asterisk 1.8.15, 11.6, and Asterisk 1.8, 11, and 12. The available security releases are released as versions 1.8.15-cert5, 11.6-cert2, 1.8.26.1, 11.8.1, and 12.1.1. These releases are available for immediate download at...

AST-2014-002: Denial of Service Through File Descriptor Exhaustion with chan_sip Session-Timers

Asterisk Project Security Advisory - AST-2014-002 Product Asterisk Summary Denial of Service Through File Descriptor Exhaustion with chansip Session-Timers Nature of Advisory Denial of Service Susceptibility Remote Authenticated or Anonymous Sessions Severity Moderate Exploits Known No Reported O...

asterisk -- multiple vulnerabilities

The Asterisk project reports: Stack Overflow in HTTP Processing of Cookie Headers. Sending a HTTP request that is handled by Asterisk with a large number of Cookie headers could overflow the stack. You could even exhaust memory if you sent an unlimited number of headers in the request. Denial of...