Debian Security Update DSA-5438 asterisk - security update

Thread starter LinuxBot
Start date Jun 23, 2023

LinuxBot

Member

Jun 23, 2023

A flaw was found in Asterisk, an Open Source Private Branch Exchange. A buffer overflow vulnerability affects users that use PJSIP DNS resolver. This vulnerability is related to CVE-2022-24793. The difference is that this issue is in parsing the query record parse_query(), while the issue in CVE-2022-24793 is in parse_rr(). A workaround is to disable DNS resolution in PJSIP config (by setting nameserver_count to zero) or use an external resolver implementation instead.

Continue reading...

You must log in or register to reply here.

Facebook X (Twitter) Reddit Pinterest Tumblr WhatsApp Email Link

Members online

Total: 854 (members: 6, guests: 848)

Latest posts

`firmware-updater` on Ubuntu 24.04 (for Workstations)
- Latest: blunix
- 6 minutes ago
Desktop
O
In person help
- Latest: Olson
- 29 minutes ago
General Linux Questions
H
Audio notification when when network connects/disconnects
- Latest: Halvor Raknes
- 56 minutes ago
General Linux Questions
M
firefox "server not found" problem
- Latest: magniv
- Today at 4:20 PM
Getting Started
K
An Article from It's Foss About 24.04 LTS
- Latest: kghose
- Today at 2:19 PM
Ubuntu forum

Top