Tuesday, October 27, 2009

Asterisk Fixes The Security Advisory AST-2009-007

The Asterisk Team announced the releases of Asterisk yesterday and you can download it right away from Asterisk Download Servers.

This release resolves an issue where an ACL check is not present for verifying SIP INVITEs. More information on this vulnerability, please refer to the security advisory AST-2009-007(PDF), which was released  imultaneously with this release announcement.

Only the Asterisk 1.6.1 series is the only branch affected by this vulnerability. Releases from previous branches (1.6.0, 1.4, 1.2) are not affected.

A full list of changes in this release, could be found on the ChangeLog.


Blog Widget by LinkWithin