Asterisk 1.2.9 and 1.0.11 Released -- Security Fix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The Asterisk Development Team today released Asterisk 1.2.9 and Asterisk
1.0.11 to address a security vulnerability in the IAX2 channel driver
(chan_iax2). The vulnerability affects all users with IAX2 clients that
might be compromised or used by a malicious user, and can lead to denial
of service attacks and random Asterisk server crashes via a relatively
trivial exploit.

All users are urged to upgrade as soon as they can practically do so, or
ensure that they don't expose IAX2 services to the public if it is not
necessary.

The release files are available in the usual place (ftp.digium.com), as
both tarballs and patch files relative to the last release. In addition,
both the tarballs and the patch files have been signed using GPG keys of
the release maintainers, so that you can ensure their authenticity.

Thank you for your support of Asterisk!

[Index of Archives]     [Asterisk App Development]     [PJ SIP]     [Asterisk SS7]     [Gnu Gatekeeper]     [IETF Sipping]     [Info Cyrus]     [ALSA User]     [Fedora Linux Users]     [Linux SCTP]     [DCCP]     [Gimp]     [Yosemite News]     [Deep Creek Hot Springs]     [Yosemite Campsites]     [ISDN Cause Codes]     [Asterisk Books]

  Powered by Linux