Gentoo Linux Security Advisory 201006-20 - Multiple vulnerabilities in Asterisk might allow remote attackers to cause a Denial of Service condition, or conduct other attacks. Versions less than 1.2.37 are affected.
c4933913b3f7de08c2c9cdd1eaa67457d52f479496c2830a647cc345b7604953
Asterisk Project Security Advisory - On certain implementations of libc, the scanf family of functions uses an unbounded amount of stack memory to repeatedly allocate string buffers prior to conversion to the target type. Coupled with Asterisk's allocation of thread stack sizes that are smaller than the default, an attacker may exhaust stack memory in the SIP stack network thread by presenting excessively long numeric strings in various fields.
b1dc46b65ba0899d179d5df802c216ac411cd9b7c37c701cd854541313c4d1e2