[3.5] asterisk: Multiple vulnerabilities (CVE-2017-14099, CVE-2017-14100)
CVE-2017-14099: Media takeover in RTP stack
Fixed In Version:
asterisk 13.17.1, asterisk 14.6.1
References:
http://downloads.asterisk.org/pub/security/AST-2017-005.html
CVE-2017-14100: Shell access command injection in app_minivm
Fixed In Version:
asterisk 13.17.1, asterisk 14.6.1
References:
https://downloads.asterisk.org/pub/security/AST-2017-006.html
(from redmine: issue id 7793, created on 2017-09-05, closed on 2017-09-25)
- Relations:
- parent #7791 (closed)