[asterisk-dev] Dialstring injection - security advisory release?
Russell Bryant
russell at digium.com
Thu Feb 11 18:19:43 CST 2010
On 02/11/2010 05:43 PM, Matt Riddell wrote:
> Which was why I suggested an asterisk.conf variable to whitelist
> a-z,A-Z,0-9 for pattern matching :)
*nods*
I don't see any harm in something like that if it is off by default, I
suppose.
--
Russell Bryant
Digium, Inc. | Engineering Manager, Open Source Software
445 Jan Davis Drive NW - Huntsville, AL 35806 - USA
www.digium.com -=- www.asterisk.org -=- blogs.asterisk.org
More information about the asterisk-dev
mailing list