Rilasciate le versioni Asterisk: 1.4.39.2, 1.6.1.22, 1.6.2.16.2 e 1.8.2.4.
Il giorno 21 febbraio, il Team di Sviluppo di Asterisk ha annunciato il rilascio delle versioni Asterisk 1.4.39.2, 1.6.1.22, 1.6.2.16.2, and 1.8.2.4.
Dal post originale:
The releases of Asterisk 1.4.39.2, 1.6.1.22, 1.6.2.16.2, and 1.8.2.4 resolve an
issue that when decoding UDPTL packets, multiple stack and heap based arrays can
be made to overflow by specially crafted packets. Systems doing T.38 pass
through or termination are vulnerable. The issue and resolution are described in
the AST-2011-002 security advisory.
For more information about the details of this vulnerability, please read the
security advisory AST-2011-002, which was released at the same time as this
announcement.
For a full list of changes in the current release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-...
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-...
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-...
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-...
Security advisory AST-2011-002 is available at:
Leave a comment
Devi essere connesso per inviare un commento.