Tuesday, July 22, 2008

[asterisk-announce] Asterisk 1.4.21.2 and 1.2.30 Released

The Asterisk.org development team has released Asterisk versions
1.4.21.2 and 1.2.30.

Both of these releases include fixes for two security issues. Both of
these issues affect users of the IAX2 channel driver. For more details
on these vulnerabilities, see the published security advisories,
AST-2008-010 and AST-2008-011.

AST-2008-010: Asterisk IAX 'POKE' resource exhaustion
- http://downloads.digium.com/pub/security/AST-2008-010.html

AST-2008-011: Traffic amplification in IAX2 firmware provisioning system
- http://downloads.digium.com/pub/security/AST-2008-011.html

Thank you for your continued support of Asterisk!

_______________________________________________
--Bandwidth and Colocation Provided by http://www.api-digital.com--

asterisk-announce mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-announce

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)