[asterisk-dev] Fwd: AST-2010-003: Invalid parsing of ACL rules can compromise security

Clod Patry cpatry at gmail.com
Fri Feb 26 06:06:23 CST 2010 

he probably means when he's clicking on the link (from his gmail account):
http://downloads.asterisk.org/pub/security/AST-2010-003-1.6.2.diff|1.6.2
this is not working, cause the ".diff" is group with the "|1.6.2"

You need to stop at the pipe:
http://downloads.asterisk.org/pub/security/AST-2010-003-1.6.2.diff

Maybe just adding a space will be solve that issue.

Thanks





On Fri, Feb 26, 2010 at 2:30 AM, Tilghman Lesher <tlesher at digium.com> wrote:

> On Thursday 25 February 2010 23:00:35 Bhrugu Mehta wrote:
> > hi,
> >
> > |
> http://downloads.asterisk.org/pub/security/AST-2010-003-1.6.0.diff|1.6.0<http://downloads.asterisk.org/pub/security/AST-2010-003-1.6.0.diff%7C1.6.0>|
> > |
> >
> |------------------------------------------------------------------+-----
> >   |-|
> >   |
> http://downloads.asterisk.org/pub/security/AST-2010-003-1.6.1.diff|1.6<http://downloads.asterisk.org/pub/security/AST-2010-003-1.6.1.diff%7C1.6>
> .
> >   |1 |
> >   |
> ------------------------------------------------------------------+----
> >   |--|
> >   |
> http://downloads.asterisk.org/pub/security/AST-2010-003-1.6.2.diff|1.6<http://downloads.asterisk.org/pub/security/AST-2010-003-1.6.2.diff%7C1.6>
> .
> >   |2 |
> >
> > this not working. so pls correct this.
>
> It works perfectly fine.  Perhaps you're copying the URL incorrectly?
>  Please
> see the HTML version of the security advisory here:
> http://downloads.asterisk.org/pub/security/AST-2010-003.html
>
> --
> Tilghman Lesher
> Digium, Inc. | Senior Software Developer
> twitter: Corydon76 | IRC: Corydon76-dig (Freenode)
> Check us out at: www.digium.com & www.asterisk.org
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> asterisk-dev mailing list
> To UNSUBSCRIBE or update options visit:
>   http://lists.digium.com/mailman/listinfo/asterisk-dev
>



-- 
Clod Patry
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-dev/attachments/20100226/bb15e536/attachment.htm

More information about the asterisk-dev mailing list