On Fri, Dec 09, 2011 at 09:47:04PM +0100, Moritz Muehlenhoff wrote: > Source: asterisk > Severity: grave > Tags: security > > Please see http://downloads.asterisk.org/pub/security/AST-2011-014.html > This has been assigned CVE-2011-4598.
What about the pending fixes for #630381 and #639821 ? > > There's also http://downloads.asterisk.org/pub/security/AST-2011-013.html, > (CVE-2011-4597), which seems rather esoteric and can likely be ignored > for stable. This configuration is actually rather common. The bug did not mention it, but the fix included a patch that changes the default value of the configugration and also adds a nasty warning if global value does not match the peer/user entry. -- Tzafrir Cohen icq#16849755 jabber:[email protected] +972-50-7952406 mailto:[email protected] http://www.xorcom.com iax:[email protected]/tzafrir -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]

