Re: [asterisk-users] (Critical Updates) Asterisk 1.2.27, 1.4.18.1, 1.4.19-rc3, 1.6.0-beta6 Released
Isasterisk-1.4-current.tar.gz(13-Mar-2008 15:06 11M) not the same as asterisk-1.4.18.1.tar.gz (18-Mar-2008 12:24 11M ) ? Should be? ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] (Critical Updates) Asterisk 1.2.27, 1.4.18.1, 1.4.19-rc3, 1.6.0-beta6 Released
On Wed, Mar 19, 2008 at 09:35:45AM +0100, AdriĆ Vidal wrote: Isasterisk-1.4-current.tar.gz(13-Mar-2008 15:06 11M) not the same as asterisk-1.4.18.1.tar.gz (18-Mar-2008 12:24 11M ) ? Should be? At the moment, it is. -- Tzafrir Cohen icq#16849755 jabber:[EMAIL PROTECTED] +972-50-7952406 mailto:[EMAIL PROTECTED] http://www.xorcom.com iax:[EMAIL PROTECTED]/tzafrir ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[asterisk-users] (Critical Updates) Asterisk 1.2.27, 1.4.18.1, 1.4.19-rc3, 1.6.0-beta6 Released
The Asterisk.org development team has released four new versions of Asterisk to address critical security vulnerabilities. AST-2008-002 details two buffer overflows that were discovered in RTP codec payload type handling. * http://downloads.digium.com/pub/security/AST-2008-002.pdf * All users of SIP in Asterisk 1.4 and 1.6 are affected. AST-2008-003 details a vulnerability which allows an attacker to bypass SIP authentication and to make a call into the context specified in the general section of sip.conf. * http://downloads.digium.com/pub/security/AST-2008-003.pdf * All users of SIP in Asterisk 1.0, 1.2, 1.4, or 1.6 are affected. AST-2008-004 details some format string vulnerabilities that were found in the code handling the Asterisk logger and the Asterisk manager interface. * http://downloads.digium.com/pub/security/AST-2008-004.pdf * All users of Asterisk 1.6 are affected. Asterisk 1.2.27 and 1.4.18.1 are releases that only contain changes to fix these security vulnerabilities. In addition to fixes for these security issues, 1.4.19-rc3 and 1.6.0-beta6 contain a number of other bug fixes over the previous release candidates and beta releases for the upcoming 1.4.19 and 1.6.0 releases. We encourage all affected users of these security vulnerabilities to upgrade their installations as time permits. Thank you for your continued support of Asterisk! ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users