Fedora Core 9 FEDORA-2009-0973 (asterisk)

Information

Severity

Severity

Medium

Family

Family

Fedora Local Security Checks

CVSSv2 Base

CVSSv2 Base

5.0

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Solution Type

Solution Type

Vendor Patch

Created

Created

13 years ago

Modified

Modified

4 years ago

Summary

The remote host is missing an update to asterisk announced via advisory FEDORA-2009-0973.

Insight

Insight

Update Information: Add a patch to fix a problem with the manager interface. Update to 1.6.0.5 to fix AST-2009-001 / CVE-2009-0041: http://downloads.digium.com/pub/security/AST-2009-001.html (Original patch in 1.6.0.3 introduced a regression.) ChangeLog: * Fri Jan 23 2009 Jeffrey C. Ollie - 1.6.0.5-2 - Add a patch to fix a problem with the manager interface. * Fri Jan 23 2009 Jeffrey C. Ollie - 1.6.0.5-1 - Update to 1.6.0.5 to fix regressions caused by fixes for AST-2009-001/CVE-2009-0041 (Asterisk 1.6.0.4 was never released). * Thu Jan 8 2009 Jeffrey C. Ollie - 1.6.0.3-1 - Update to 1.6.0.3 to fix AST-2009-001/CVE-2009-0041 - http://downloads.digium.com/pub/security/AST-2009-001.html * Sun Jan 4 2009 Jeffrey C. Ollie - 1.6.0.2-4 - Fedora Directory Server compatibility patch/subpackage. BZ#452176 * Sun Jan 4 2009 Jeffrey C. Ollie - 1.6.0.2-3 - Don't package func_curl in the main package. BZ#475910 - Fix up paths. BZ#477238 * Sun Jan 4 2009 Jeffrey C. Ollie - 1.6.0.2-2 - Add patch to fix compilation on PPC * Sun Jan 4 2009 Jeffrey C. Ollie - 1.6.0.2-1 - Update to 1.6.0.2

Solution

Solution

Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update asterisk' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-0973

Common Vulnerabilities and Exposures (CVE)

Get started for free to scan for vulnerabilities

Companies of all sizes use Mageni to scan their assets for vulnerabilities. Mageni is free for 7-days then $39 USD Monthly regardless of how many IPs, scans, deployments or users you have. Cancel at Anytime and 7-days Money-Back Guarantee. Developed and supported by certified CompTIA PenTest+ professionals. Mageni contributes 1% of your subscription to removing CO₂ from the atmosphere.

Get Started For Free
App screenshot