[asterisk-announce] Asterisk 1.2.23 and 1.4.9 released

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The Asterisk development team has released Asterisk versions 1.2.23 and
1.4.9.

These releases contain bug fixes, including one for a security vulnerability.
The vulnerability is a potential Denial of Service attack when the Asterisk
IAX2 channel driver is configured to allow unauthenticated calls.

We have released an Asterisk Security Advisory for the vulnerability.  The 
current version of the advisory can be downloaded from the ftp site.

http://ftp.digium.com/pub/asa/ASA-2007-018.pdf
 * Affected systems include all Asterisk installations running an affected version
that allow unauthenticated IAX2 calls.  Affected open source versions include
1.2.20 through 1.2.22, and 1.4.5 through 1.4.8.

All users that have systems that meet the criteria listed above should 
upgrade as soon as possible.

Thank you very much for your support.




[Index of Archives]     [Asterisk App Development]     [PJ SIP]     [Asterisk SS7]     [Gnu Gatekeeper]     [IETF Sipping]     [Info Cyrus]     [ALSA User]     [Fedora Linux Users]     [Linux SCTP]     [DCCP]     [Gimp]     [Yosemite News]     [Deep Creek Hot Springs]     [Yosemite Campsites]     [ISDN Cause Codes]     [Asterisk Books]

  Powered by Linux