Multiple vulnerabilities has been discovered and corrected in asterisk:

Remote crash when handling out of call message in certain dialplan
configurations (CVE-2014-6610).

Asterisk Susceptibility to POODLE Vulnerability (CVE-2014-3566).

Mixed IP address families in access control lists may permit unwanted
traffic.

High call load may result in hung channels in ConfBridge.

Permission escalation through ConfBridge actions/dialplan functions.

The updated packages has been upgraded to the 11.14.1 version which
is not vulnerable to these issues.