Gentoo Linux Security Advisory 201405-5 - Multiple buffer overflows in Asterisk might allow remote attackers to cause a Denial of Service condition. Versions less than 11.8.1 are affected.
e20cf599e40bf35f9126ba11837927f5dd4e6a0416456a5084e6042d42786582
Asterisk Project Security Advisory - A remotely exploitable crash vulnerability exists in the PJSIP channel driver if the "qualify_frequency" configuration option is enabled on an AOR and the remote SIP server challenges for authentication of the resulting OPTIONS request. The response handling code wrongly assumes that a PJSIP endpoint will always be associated with an outgoing request which is incorrect.
3fc37984a9d5b7488a013c0d4d7869919c15b588b2dfa950081c2998a81fc658