Asterisk 1.4.8 released

saleh

Joined
Apr 18, 2007
Messages
249
Likes
0
Points
0
#1
The Asterisk development team has released Asterisk versions 1.2.22 and 1.4.8.

These releases contain fixes for four critical security vulnerabilities. One of these vulnerabilities is a remotely exploitable stack buffer overflow, which could allow an attacker to execute arbitrary code on the target machine. The other three are all remotely exploitable crash vulnerabilities.

We have released Asterisk Security Advisories for each of the vulnerabilities. The current version of each advisory can be downloaded from the ftp site.

ASA-2007-014
* Affected systems include those that bridge calls between chan_iax2 and any channel driver that uses RTP for media

ASA-2007-015
* Affected systems include any system that has chan_iax2 enabled

ASA-2007-016
* Affected systems include any system that has chan_skinny enabled

ASA-2007-017
* Affected systems include any 1.4 system that has any channel driver that uses RTP for media enabled

All users that have systems that meet any of the criteria listed above should upgrade as soon as possible.

Thank you very much for your support.
 

starkiller

Joined
May 29, 2007
Messages
16
Likes
0
Points
0
#2
Can I just download and install this over the current asterisk, or is there some customization Elastix Does?
 

Members online

No members online now.

Latest posts

Forum statistics

Threads
30,902
Messages
130,887
Members
17,565
Latest member
omarmenichetti
Top