---------- Mensagem encaminhada ---------- De: "Asterisk Development Team" <asteriskt...@digium.com> Data: 4 de abr de 2017 11:55 Assunto: [asterisk-dev] Asterisk 13.13-cert3, 13.14.1, 14.3.1 Now Available (Security Release) Para: "Asterisk Developers Mailing List" <asterisk-...@lists.digium.com> Cc:
The Asterisk Development Team has announced security releases for Certified Asterisk 13.13 and Asterisk 13 and 14. The available security releases are released as versions 13.13-cert3, 13.14.1, and 14.3.1. These releases are available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/releases The release of these versions resolves the following security vulnerabilities: * AST-2017-001: Buffer overflow in CDR's set user No size checking is done when setting the user field on a CDR. Thus, it is possible for someone to use an arbitrarily large string and write past the end of the user field storage buffer. This allows the possibility of remote code injection. For a full list of changes in the current releases, please see the ChangeLogs: http://downloads.asterisk.org/pub/telephony/certified-asteri sk/releases/ChangeLog-13.13-cert3 http://downloads.asterisk.org/pub/telephony/asterisk/release s/ChangeLog-13.14.1 http://downloads.asterisk.org/pub/telephony/asterisk/release s/ChangeLog-14.3.1 The security advisories are available at: * http://downloads.asterisk.org/pub/security/AST-2017-001.pdf Thank you for your continued support of Asterisk! -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-dev mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-dev
_______________________________________________ KHOMP: completa linha de placas externas FXO, FXS, GSM e E1 Media Gateways de 1 a 64 E1s para SIP com R2, ISDN e SS7 Intercomunicador e acesso remoto via rede IP e telefones IP Conheça todo o portfólio em www.Khomp.com _______________________________________________ Para remover seu email desta lista, basta enviar um email em branco para asteriskbrasil-unsubscr...@listas.asteriskbrasil.org