Hi Kamailians! A new CVE with a critical severity level was published recently for an almost three year old bug, which was also fixed and released three years ago (CVE-2020-27507).
The issue was fixed in Kamailio 5.4.2 and is not present in newer releases. The Kamailio project has unfortunately not been involved in the CVE process or been informed about this old issue being published at this time. We take vulnerability handling seriously and our process is documented at: https://www.kamailio.org/wikidocs/security/policy/ The latest stable branch is 5.6, with v5.6.4 released out of it. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-27507 Best regards and thanks for flying Kamailio! The Kamailio dev team through /Olle __________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions To unsubscribe send an email to [email protected] Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:
