ports/158045: net/asterisk14: latest version is 1.4.41
Gary Palmer
freebsd-gnats at in-addr.com
Mon Jun 20 02:30:12 UTC 2011
>Number: 158045
>Category: ports
>Synopsis: net/asterisk14: latest version is 1.4.41
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Mon Jun 20 02:30:11 UTC 2011
>Closed-Date:
>Last-Modified:
>Originator: Gary Palmer
>Release: 7.4-RELEASE-p1
>Organization:
N/A
>Environment:
>Description:
asterisk 1.4.41 has been out for a while. The port currently has 1.4.37 which has multiple known remote vulnerabilities. Please update port to a 1.4 version that is not vulnerable. See also PR ports/155740 which requested an update to 1.4.40
>How-To-Repeat:
% cd /usr/ports/net/asterisk14
% make
===> asterisk14-1.4.37_1 has known vulnerabilities:
=> asterisk -- multiple vulnerabilities.
Reference: http://portaudit.FreeBSD.org/3c7d565a-6c64-11e0-813a-6c626dd55a41.html
=> asterisk -- Exploitable Stack and Heap Array Overflows.
Reference: http://portaudit.FreeBSD.org/65d16342-3ec8-11e0-9df7-001c42d23634.html
=> asterisk -- Exploitable Stack Buffer Overflow.
Reference: http://portaudit.FreeBSD.org/5ab9fb2a-23a5-11e0-a835-0003ba02bf30.html
=> Please update your ports tree and try again.
*** Error code 1
Stop in /usr/ports/net/asterisk14.
*** Error code 1
Stop in /usr/ports/net/asterisk14.
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list