Errata overview
Errata ID 529
Date 2018-10-04
Source package asterisk
Fixed in version 1:11.13.1~dfsg-2+deb8u6
This update addresses the following issue:
* There is a stack consumption vulnerability in the
  module, which allows an attacker to crash Asterisk via a specially crafted
  HTTP request to upgrade the connection to a websocket. (CVE-2018-17281)
Additional notes
CVE ID CVE-2018-17281
UCS Bug number #47889