[asterisk-dev] counting how many security issues were fixed since 1.4 was branched

Caio Begotti caio at ueberalles.net
Tue Mar 13 07:49:17 MST 2007

On 13/03/2007, at 11:18, Kevin P. Fleming wrote:
> You are looking in the wrong file. The file 'ChangeLog' in each  
> tarball
> lists all the changes in that release, although security-related  
> changes
> are not always flagged as such.

Thanks, Kevin. I'm analysing the ChangeLog right now but I've found  
the "not always flagged" problem too. Does Digium or Asterisk  
developers sign those security alert documents like many Linux  
distributions does when a security fix/problem is found?

I mean, in order to upgrade from 1.2 to 1.4 smoothly in my telco  
customers in Brazil I'll need to show them which, how and when  
security flaws was fixed or solved. So I did remember now about those  
security alert documents :-)

Best regards,

caio[1982] begotti

More information about the asterisk-dev mailing list