Mandriva Linux Security Advisory : asterisk (MDVSA-2015:206)
Medium Nessus Plugin ID 83098
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionUpdated asterisk packages fix security vulnerability :
When Asterisk registers to a SIP TLS device and and verifies the server, Asterisk will accept signed certificates that match a common name other than the one Asterisk is expecting if the signed certificate has a common name containing a null byte after the portion of the common name that Asterisk expected (CVE-2015-3008).
SolutionUpdate the affected packages.