[asterisk-announce] Asterisk 184.108.40.206 Now Available (Security Release)
Asterisk Development Team
asteriskteam at digium.com
Thu Jan 20 15:19:59 CST 2011
The Asterisk Development Team has announced a release for the security issue
described in AST-2011-001.
Due to a failed merge, Asterisk 220.127.116.11 which should have included the security
fix did not. Asterisk 18.104.22.168 contains the the changes which should have been
included in Asterisk 22.214.171.124.
This releases is available for immediate download at
The releases of Asterisk 126.96.36.199, 188.8.131.52, 184.108.40.206, 220.127.116.11.1, 18.104.22.168.2,
22.214.171.124, and 126.96.36.199 resolve an issue when forming an outgoing SIP request while
in pedantic mode, which can cause a stack buffer to be made to overflow if
supplied with carefully crafted caller ID information. The issue and resolution
are described in the AST-2011-001 security advisory.
For more information about the details of this vulnerability, please read the
security advisory AST-2011-001, which was released at the same time as this
For a full list of changes in the current release, please see the ChangeLog:
Security advisory AST-2011-001 is available at:
Thank you for your continued support of Asterisk!
More information about the asterisk-announce