[asterisk-commits] lmadsen: tag 1.6.0.22 r244380 - /tags/1.6.0.22/

SVN commits to the Asterisk project asterisk-commits at lists.digium.com
Tue Feb 2 13:40:32 CST 2010


Author: lmadsen
Date: Tue Feb  2 13:40:29 2010
New Revision: 244380

URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=244380
Log:
ChangeLog and .version file updates.

Removed:
    tags/1.6.0.22/asterisk-1.6.0.21-summary.html
    tags/1.6.0.22/asterisk-1.6.0.21-summary.txt
Modified:
    tags/1.6.0.22/.version
    tags/1.6.0.22/ChangeLog

Modified: tags/1.6.0.22/.version
URL: http://svnview.digium.com/svn/asterisk/tags/1.6.0.22/.version?view=diff&rev=244380&r1=244379&r2=244380
==============================================================================
--- tags/1.6.0.22/.version (original)
+++ tags/1.6.0.22/.version Tue Feb  2 13:40:29 2010
@@ -1,1 +1,1 @@
-1.6.0.21
+1.6.0.22

Modified: tags/1.6.0.22/ChangeLog
URL: http://svnview.digium.com/svn/asterisk/tags/1.6.0.22/ChangeLog?view=diff&rev=244380&r1=244379&r2=244380
==============================================================================
--- tags/1.6.0.22/ChangeLog (original)
+++ tags/1.6.0.22/ChangeLog Tue Feb  2 13:40:29 2010
@@ -1,3 +1,13 @@
+2010-02-02  Leif Madsen <lmadsen at digium.com>
+
+	* Release Asterisk 1.6.0.22
+
+	* AST-2010-001: An attacker attempting to negotiate T.38 over SIP can 
+	  remotely crash Asterisk by modifying the FaxMaxDatagram field of 
+	  the SDP to contain either a negative or exceptionally large value.
+	  The same crash occurs when the FaxMaxDatagram field is omitted from 
+	  the SDP as well.
+
 2010-01-14  Leif Madsen <lmadsen at digium.com>
 
 	* Release Asterisk 1.6.0.21




More information about the asterisk-commits mailing list