---------- Forwarded message ---------- From: Asterisk Development Team <[email protected]> Date: Tue, 02 Feb 2010 17:28:59 -0500 Subject: [asterisk-dev] Asterisk 1.6.0.22, 1.6.1.14, and 1.6.2.2 Released To: [email protected]
The Asterisk Development Team has announced security releases for Asterisk as the following versions: * 1.6.0.22 * 1.6.1.14 * 1.6.2.2 These releases are available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/ The releases of Asterisk 1.6.0.22, 1.6.1.14, and 1.6.2.2 include the fix described in security advisory AST-2010-001. The issue is that an attacker attempting to negotiate T.38 over SIP can remotely crash Asterisk by modifying the FaxMaxDatagram field of the SDP to contain either a negative or exceptionally large value. The same crash will occur when the FaxMaxDatagram field is omitted from the SDP, as well. For more information about the details of this vulnerability, please read the security advisory AST-2009-009, which was released at the same time as this announcement. For a full list of changes in the current releases, please see the ChangeLog: http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.0.22 http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.1.14 http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.2 Security advisory AST-2010-001 is available at: http://downloads.asterisk.org/pub/security/AST-2010-001.pdf Thank you for your continued support of Asterisk! -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-dev mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-dev -- Enviado do meu celular _______________________________________________ KHOMP: qualidade em placas de E1, GSM, FXS e FXO para Asterisk. - Hardware com alta disponibilidade de recursos e qualidade KHOMP - Suporte técnico local qualificado e gratuito Conheça a linha completa de produtos KHOMP em www.khomp.com.br _______________________________________________ Lista de discussões AsteriskBrasil.org [email protected] http://listas.asteriskbrasil.org/mailman/listinfo/asteriskbrasil
