[security at asterisk.org: [asterisk-security] AST-2017-001: Buffer overflow in CDR's set user]
Tzafrir Cohen
tzafrir.cohen at xorcom.com
Wed Apr 5 12:19:18 UTC 2017
On Wed, Apr 05, 2017 at 10:17:48AM +0300, Tzafrir Cohen wrote:
> I don't yet have the time to open a proper bug report.
>
> But the patch for 13 seems trivial. Asterisk 11 (stable) and probably
> also 1.8 (oldstable) are not affected.
Also note that asterisk 13.14.1 includes exactly this bug fix (and
documentation fixes) on top of 13.14.0, which is the version in Stretch.
(Again, sorry for lack of further time)
--
Tzafrir Cohen
+972-50-7952406 mailto:tzafrir.cohen at xorcom.com
http://www.xorcom.com
More information about the Pkg-voip-maintainers
mailing list