Date: Mon, 20 Jun 2011 02:26:01 GMT From: Gary Palmer <freebsd-gnats@in-addr.com> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/158045: net/asterisk14: latest version is 1.4.41 Message-ID: <201106200226.p5K2Q13g063539@red.freebsd.org> Resent-Message-ID: <201106200230.p5K2UBAN065413@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 158045 >Category: ports >Synopsis: net/asterisk14: latest version is 1.4.41 >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon Jun 20 02:30:11 UTC 2011 >Closed-Date: >Last-Modified: >Originator: Gary Palmer >Release: 7.4-RELEASE-p1 >Organization: N/A >Environment: >Description: asterisk 1.4.41 has been out for a while. The port currently has 1.4.37 which has multiple known remote vulnerabilities. Please update port to a 1.4 version that is not vulnerable. See also PR ports/155740 which requested an update to 1.4.40 >How-To-Repeat: % cd /usr/ports/net/asterisk14 % make ===> asterisk14-1.4.37_1 has known vulnerabilities: => asterisk -- multiple vulnerabilities. Reference: http://portaudit.FreeBSD.org/3c7d565a-6c64-11e0-813a-6c626dd55a41.html => asterisk -- Exploitable Stack and Heap Array Overflows. Reference: http://portaudit.FreeBSD.org/65d16342-3ec8-11e0-9df7-001c42d23634.html => asterisk -- Exploitable Stack Buffer Overflow. Reference: http://portaudit.FreeBSD.org/5ab9fb2a-23a5-11e0-a835-0003ba02bf30.html => Please update your ports tree and try again. *** Error code 1 Stop in /usr/ports/net/asterisk14. *** Error code 1 Stop in /usr/ports/net/asterisk14. >Fix: >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201106200226.p5K2Q13g063539>