summaryrefslogtreecommitdiff
path: root/audio/xmms-dspectogram
diff options
context:
space:
mode:
authorjnemeth <jnemeth@pkgsrc.org>2011-01-21 07:00:43 +0000
committerjnemeth <jnemeth@pkgsrc.org>2011-01-21 07:00:43 +0000
commite22ff5c255ab3aff605b8cab4dbff19b572c6dfb (patch)
tree2d4f683c4f36f1c626de1e3d183e8e4128897fe3 /audio/xmms-dspectogram
parent3fb09f632e913de19bad1f69da839386f8d91373 (diff)
downloadpkgsrc-e22ff5c255ab3aff605b8cab4dbff19b572c6dfb.tar.gz
Update to 1.8.2.2
This is to fix AST-2011-001: Stack buffer overflow in SIP channel driver Asterisk Project Security Advisory - AST-2011-001 Product Asterisk Summary Stack buffer overflow in SIP channel driver Nature of Advisory Exploitable Stack Buffer Overflow Susceptibility Remote Authenticated Sessions Severity Moderate Exploits Known No Reported On January 11, 2011 Reported By Matthew Nicholson Posted On January 18, 2011 Last Updated On January 18, 2011 Advisory Contact Matthew Nicholson <mnicholson at digium.com> CVE Name Description When forming an outgoing SIP request while in pedantic mode, a stack buffer can be made to overflow if supplied with carefully crafted caller ID information. This vulnerability also affects the URIENCODE dialplan function and in some versions of asterisk, the AGI dialplan application as well. The ast_uri_encode function does not properly respect the size of its output buffer and can write past the end of it when encoding URIs. For full details, see: http://downloads.digium.com/pub/security/AST-2011-001.html
Diffstat (limited to 'audio/xmms-dspectogram')
0 files changed, 0 insertions, 0 deletions