MGASA-2016-0086

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2016-0086.html

Import Source

https://advisories.mageia.org/MGASA-2016-0086.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2016-0086

Related

CVE-2016-2316

Published

2016-03-02T18:28:46Z

Modified

2016-03-02T18:19:38Z

Summary

Updated asterisk packages fix CVE-2016-2316

Details

Updated asterisk packages fix security vulnerability:

chan_sip in Asterisk Open Source 11.x before 11.21.1, when the timert1 sip.conf configuration is set to a value greater than 1245, allows remote attackers to cause a denial of service (file descriptor consumption) via vectors related to large retransmit timeout values (CVE-2016-2316).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:5 / asterisk

Package

Name: asterisk
Purl: pkg:rpm/mageia/asterisk?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

11.21.2-1.mga5

Ecosystem specific

{
    "section": "core"
}