Asterisk 1.4.9 released

Joined
Apr 18, 2007
Messages
249
Points
0
The Asterisk development team has released Asterisk versions 1.2.23 and 1.4.9.

These releases contain bug fixes, including one for a security vulnerability. The vulnerability is a potential Denial of Service attack when the Asterisk IAX2 channel driver is configured to allow unauthenticated calls.

We have released an Asterisk Security Advisory for the vulnerability. The current version of the advisory can be downloaded from the ftp site.

http://ftp.digium.com/pub/asa/ASA-2007-018.pdf

Affected systems include all Asterisk installations running an affected version that allow unauthenticated IAX2 calls. Affected open source versions include 1.2.20 through 1.2.22, and 1.4.5 through 1.4.8.

All users that have systems that meet the criteria listed above should upgrade as soon as possible.

Thank you very much for your support.
 

Members online

Latest posts

Forum statistics

Threads
30,989
Messages
131,102
Members
17,716
Latest member
Orbit114
Top