[AsteriskBrasil] Fwd: [asterisk-users] Asterisk 1.2.23 and 1.4.9 released
Denis Galvão
denisgalvao em gmail.com
Quarta Julho 25 21:23:24 BRT 2007
Para conhecimento de todos.
Correção de DoS em IAX2.
--
Denis Galvão
AsteriskBrasil.org
Ajude a comunidade AsteriskBrasil.org, compre uma camiseta!
http://www.voipmania.com.br
Begin forwarded message:
> From: The Asterisk Development Team <asteriskteam em digium.com>
> Date: 24 de julho de 2007 20h36min36s GMT-03:00
> To: Asterisk Users Mailing List - Non-Commercial Discussion
> <asterisk-users em lists.digium.com>
> Subject: [asterisk-users] Asterisk 1.2.23 and 1.4.9 released
> Reply-To: asterisk-dev em lists.digium.com, Asterisk Users Mailing
> List - Non-Commercial Discussion <asterisk-users em lists.digium.com>
>
> The Asterisk development team has released Asterisk versions 1.2.23
> and
> 1.4.9.
>
> These releases contain bug fixes, including one for a security
> vulnerability.
> The vulnerability is a potential Denial of Service attack when the
> Asterisk
> IAX2 channel driver is configured to allow unauthenticated calls.
>
> We have released an Asterisk Security Advisory for the
> vulnerability. The
> current version of the advisory can be downloaded from the ftp site.
>
> http://ftp.digium.com/pub/asa/ASA-2007-018.pdf
> * Affected systems include all Asterisk installations running an
> affected version
> that allow unauthenticated IAX2 calls. Affected open source
> versions include
> 1.2.20 through 1.2.22, and 1.4.5 through 1.4.8.
>
> All users that have systems that meet the criteria listed above should
> upgrade as soon as possible.
>
> Thank you very much for your support.
>
>
> _______________________________________________
> --Bandwidth and Colocation Provided by http://www.api-digital.com--
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-users
>
Mais detalhes sobre a lista de discussão AsteriskBrasil