Errata overview
Errata ID 325
Date 2018-04-18
Source package asterisk
Fixed in version 1:11.13.1~dfsg-2+deb8u5
This update addresses the following issue:
* If the chan_skinny (aka SCCP protocol) channel driver is flooded with
  certain requests, it can cause the asterisk process to use excessive
  amounts of virtual memory, eventually causing asterisk to stop processing
  requests of any kind. (CVE-2017-17090)
* Note: advisories AST-2017-009 - AST-2017-012 do not apply to asterisk 11
Additional notes
CVE ID CVE-2017-17090
UCS Bug number #46113