The Asterisk development team has released Asterisk-Addons version 1.2.7, 1.4.9, and 1.6.0-beta4 to address a major security vulnerability in the ooh323 channel driver. The releases may be downloaded from http://downloads.digium.com/. AST-2008-009 details a remote crash vulnerability in the ooh323 channel driver: * http://downloads.digium.com/pub/security/AST-2008-009.pdf * All users of chan_ooh323 in all versions of Asterisk-Addons are affected In addition to the security vulnerability, there are a number of bug fixes included in this release. Changelogs for the various releases may be found at the following addresses: * Asterisk-Addons 1.2.9: http://svn.digium.com/view/asterisk-addons/tags/1.2.9/ChangeLog?view=markup * Asterisk-Addons 1.4.7: http://svn.digium.com/view/asterisk-addons/tags/1.4.7/ChangeLog?view=markup * Asterisk-Addons 1.6.0-beta4: http://svn.digium.com/view/asterisk-addons/tags/1.6.0-beta4/ChangeLog?view=markup