| Errata ID | 529 |
|---|---|
| Date | 2018-10-04 |
| Source package | asterisk |
| Fixed in version | 1:11.13.1~dfsg-2+deb8u6 |
| Description | This update addresses the following issue: * There is a stack consumption vulnerability in the res_http_websocket.so module, which allows an attacker to crash Asterisk via a specially crafted HTTP request to upgrade the connection to a websocket. (CVE-2018-17281) |
| Additional notes | |
| CVE ID | CVE-2018-17281 |
| UCS Bug number | #47889 |
