[Asterisk-Users] Security Vulnerability in Asterisk
jr at amanue.com
Mon Jun 28 18:44:36 MST 2004
--On Monday, June 28, 2004 9:16 PM -0400 James Golovich <james at wwnet.net>
> It was fixed in CVS head and stable and at the same time 0.9.0 was
> released. The existance was noted in the ChangeLog as well that comes
> with asterisk
Good. But the OpenH323 patches were not back-patched for *months*.
> I'm not sure if there was an announcement posted to the lists about the
> code release, but it was definitely updated on the asterisk.org page and
> the wiki
Hmm, I see I wasn't subscribed to announce. Shame on me. Well, hopefully in
the future new versions of stable can be announced.
I'd like to put forward as a good example what the PostgreSQL folks do.
They post a kind of weekly progress report. It includes a digest of
important patches, and new releases are announced all over the place. The
"Sunday Asterisk News" posts seem to be filling that role here, and are a
good thing, which I applaud.
A new release of stable should be something to brag about, yes?
More information about the asterisk-users