[SECURITY] Fedora 9 Update: dahdi-tools-2.0.0-1.fc9

updates at fedoraproject.org updates at fedoraproject.org
Fri Feb 13 04:56:19 UTC 2009


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-0973
2009-01-27 00:36:20
--------------------------------------------------------------------------------

Name        : dahdi-tools
Product     : Fedora 9
Version     : 2.0.0
Release     : 1.fc9
URL         : http://www.asterisk.org/
Summary     : Userspace tools to configure the DAHDI kernel modules
Description :
DAHDI stands for Digium Asterisk Hardware Device Interface. This
package contains the userspace tools to configure the DAHDI kernel
modules.  DAHDI is the replacement for Zaptel, which must be renamed
due to trademark issues.

--------------------------------------------------------------------------------
Update Information:

Add a patch to fix a problem with the manager interface.    Update to 1.6.0.5 to
fix AST-2009-001 / CVE-2009-0041:
http://downloads.digium.com/pub/security/AST-2009-001.html  (Original patch in
1.6.0.3 introduced a regression.)
--------------------------------------------------------------------------------
ChangeLog:

--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #480132 - CVE-2009-0041 asterisk: Replies to failed login attempts differently based on whether the user account exists (information disclosure)
        https://bugzilla.redhat.com/show_bug.cgi?id=480132
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update dahdi-tools' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------




More information about the Fedora-package-announce mailing list