[asterisk-biz] Recent REMOTE CRASH BUG
Steve Totaro
stotaro at totarotechnologies.com
Sat Mar 3 12:06:31 MST 2007
Matteo Brancaleoni wrote:
> Hi,
>
> On Fri, 2007-03-02 at 19:24 -0500, Mike Lynchfield wrote:
>
>> news update seems they release .16 to fix.. not sure details got
>> banned on irc for showing the video of it in action..
>>
>
> Got banned for that?
> That's a pretty bad behaviour....
>
> So what about this :
> http://lists.digium.com/pipermail/asterisk-commits/2007-March/011789.html
> http://lists.digium.com/pipermail/asterisk-commits/2007-March/011788.html
> http://lists.digium.com/pipermail/asterisk-commits/2007-March/011786.html
>
> Finding a way to exploit this bug is pretty trivial if you look at the
> patch....
>
> hiding bug tracker & banning from irc is something too much...
>
> also because a good programmer can findout with a diff
> between 1.2.15 and 1.2.16 where the hole is...
>
> so ihmo is better to show up the problem in order to urge
> people to upgrade.
>
> just my 2c
>
> greetings,
> Matteo.
>
Can you send a link to the video please?
Thanks,
Steve
More information about the asterisk-biz
mailing list