[Bug 1097687] Re: (CVE-2012-5976) AST-2012-014 Crashes due to large stack allocations when using TCP

Launchpad Bug Tracker 1097687 at bugs.launchpad.net
Tue Jul 30 13:49:51 UTC 2013 

This bug was fixed in the package asterisk - 1:1.8.13.1~dfsg-3ubuntu1

---------------
asterisk (1:1.8.13.1~dfsg-3ubuntu1) saucy; urgency=low

  * Merge from Debian unstable. (LP: #1205644) Remaining changes:
    - debian/asterisk.init:
      + chown /dev/dahdi
    - debian/control, debian/rules:
      + Enable Hardening Wrapper (PIE and BIND_NOW).
      + Build against libical 1.0.
    - debian/patches/armhf-fixes:
      + Fix FTBFS on armhf.
  * Fixed security issues:
    - CVE-2012-5976 (LP: #1097687)
    - CVE-2012-5977 (LP: #1097691)
    - CVE-2013-2686
    - CVE-2013-2264

asterisk (1:1.8.13.1~dfsg-3) unstable; urgency=high

  * Rewrtote sip.conf parts of AST-2012-014: dropped patches
    fix-sip-tcp-no-FILE and fix-sip-tls-leak.
  * Reverting other changes rejected by the release team: README.Debian,
    powerpcspe and fix_xmpp_19532 dropped (#545272 and #701505 reopened).

asterisk (1:1.8.13.1~dfsg-2) unstable; urgency=high

  * Patches backported from Asterisk 1.8.19.1 (Closes: #697230):
    - Patch AST-2012-014 (CVE-2012-5976) - fixes Crashes due to large stack
      allocations when using TCP.
      The following two fixes were also pulled in order to easily apply it:
      - Patch fix-sip-tcp-no-FILE - Switch to reading with a recv loop
      - Patch fix-sip-tls-leak - Memory leak in the SIP TLS code
    - Patch AST-2012-015 (CVE-2012-5977) - Denial of Service Through
      Exploitation of Device State Caching
  * Patch powerpcspe: Fix OSARCH for powerpcspe (Closes: #701505).
  * README.Debian: document running the testsuite.
  * Patch fix_xmpp_19532: fix a crash of the XMPP code (Closes: #545272).
  * Patches backported from Asterisk 1.8.20.2 (Closes: #704114):
    - Patch AST-2013-002 (CVE-2013-2686): Prevent DoS in HTTP server with
      a large POST.
    - Patch AST-2013-003 (CVE-2013-2264): Prevent username disclosure in
      SIP channel driver.
  * Patch bluetooth_bind - fix breakage of chan_mobile (Closes: #614786).
 -- Artur Rona <ari-tczew at tlen.pl>   Sat, 27 Jul 2013 14:56:17 +0200

** Changed in: asterisk (Ubuntu)
       Status: Incomplete => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5977

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-2264

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-2686

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to asterisk in Ubuntu.
https://bugs.launchpad.net/bugs/1097687

Title:
  (CVE-2012-5976) AST-2012-014 Crashes due to large stack allocations
  when using TCP

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/asterisk/+bug/1097687/+subscriptions

More information about the Ubuntu-server-bugs mailing list