[asterisk-bugs] [JIRA] (ASTERISK-24472) Asterisk Crash in OpenSSL when calling over WSS from JSSIP
Matt Jordan (JIRA)
noreply at issues.asterisk.org
Wed Dec 10 11:56:30 CST 2014
[ https://issues.asterisk.org/jira/browse/ASTERISK-24472?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Matt Jordan updated ASTERISK-24472:
-----------------------------------
Security: (was: Reporter, Bug Marshals, and Digium)
> Asterisk Crash in OpenSSL when calling over WSS from JSSIP
> ----------------------------------------------------------
>
> Key: ASTERISK-24472
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-24472
> Project: Asterisk
> Issue Type: Bug
> Components: Resources/res_http_websocket
> Affects Versions: 11.13.1, 11.14.1
> Environment: Opera 20.0.1387.77.
> Use: DTLS, WSS, Valid SSL certificate
> Client - jssip 0.3.0
> Reporter: Badalian Vyacheslav
> Assignee: Joshua Colp
> Severity: Critical
> Labels: Security
> Target Release: 11.14.2, 12.7.2, 13.0.2
>
> Attachments: ASTERISK-24472-11-round-3.diff, ASTERISK-24472-null-3.diff, ASTERISK-24472-null-4.diff, ASTERISK-24472-websocket-read-bail-2.diff, backtrace2.txt, backtrace3.txt, backtrace_openssl_debug1.txt, backtrace_openssl_debug2.txt, backtrace_openssl_debug3.txt, backtrace_openssl_debug4.txt, backtrace_openssl_debug5.txt, backtrace.txt, locks3.txt, rt3592.patch, valgrind10.txt, valgrind2.txt, valgrind3.txt, valgrind4.txt, valgrind7.txt, valgrind_srtp15_1.txt, valgrind_srtp15_XXX10.txt, valgrind_srtp15_XXX11.txt, valgrind_srtp15_XXX6.txt, valgrind.txt, ws_rewrite_2.diff, ws_rewrite_3.diff, ws_rewrite.diff
>
>
> Valgrind and GDB backtrace (3 pices) attached bellow
> CentOS x86_64 release 6.6 (Final)
> OpenSSL> version
> OpenSSL 1.0.1e-fips 11 Feb 2013
> # rpm -qa | grep openssl
> openssl-devel-1.0.1e-30.el6_6.2.x86_64
> openssl-debuginfo-1.0.1e-30.el6_6.2.x86_64
> openssl-1.0.1e-30.el6_6.2.x86_64
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list