Asterisk Project Security Advisory - Two closely related stack based buffer overflows exist in the SIP/SDP handler of Asterisk, the vulnerabilities are very similar but exist as two separate unsafe function calls.
a949bf50c43304dfaf9a9feae5a4076f7dd8a9e29097cee33dd9e616bb3fe0b7