The Asterisk Development Team is pleased to announce the releases of 1.2.34, 1.4.26.1, 1.6.0.12, and 1.6.1.4. These releases are available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/ The release of 1.6.1.4 fixes a remote crash security vulnerability in the SIP stack. Although this crash was not demonstrated in any other version, the details of the vulnerability suggested the possibility that related attacks might be possible in the future. We therefore opted to release new versions of all current releases with these fixes applied. For more information about the details of this vulnerability, please read the security advisory AST-2009-005, which was released at the same time as this announcement. In addition, Asterisk users may notice that we skipped the version numbers 1.6.0.11 and 1.6.1.3. This was intentional, in an effort to avoid confusion about what a particular release contains. Both of those version numbers had candidates for releases made, so backtracking on those changes in a release with the same version number might be confusing. Those release candidates will be reissued with additional bugfixes, as 1.6.0.13-rc1 and 1.6.1.5-rc1, respectively. For a full list of changes in the current releases, please see the ChangeLogs: http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.2.34 http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.4.26.1 http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.0.12 http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.1.4 Thank you for your continued support of Asterisk!
|