Rilasciati Asterisk 1.4.41.2, 1.6.2.18.2 e 1.8.4.4 (Security Release)
Il giorno 28 giugno, il Team di Sviluppo di Asterisk ha annunciato il rilascio delle versioni Asterisk 1.4.41.2, 1.6.2.18.2 e 1.8.4.4 (Security Release)
Dal post originale:
These releases are available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk/releases
The release of Asterisk 1.4.41.2, 1.6.2.18.2, and 1.8.4.4 resolves the
following issue:
AST-2011-011: Asterisk may respond differently to SIP requests from an
invalid SIP user than it does to a user configured on the system, even when the
alwaysauthreject option is set in the configuration. This can leak information
about what SIP users are valid on the Asterisk system.
For more information about the details of this vulnerability, please read
the security advisory AST-2011-011, which was released at the same time as this
announcement.
For a full list of changes in the current releases, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-...
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-...
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-...
Security advisory AST-2011-011 is available at:
http://downloads.asterisk.org/pub/security/AST-2011-011.pdf
Leave a comment
Devi essere connesso per inviare un commento.