[asterisk-users] Important security alert: update your dialplans now!

Randy R randulo2008 at gmail.com
Mon Feb 15 03:00:09 CST 2010


On Mon, Feb 15, 2010 at 9:51 AM, Olle E. Johansson <oej at edvina.net> wrote:
>> To avoid extensive rewriting and fix the current issue.
> That works in countries where you have fixed-length numbers. Unfortunately, not every dialplan works that way, so that can't be a generic advice even though it may solve your problems.
>
> Thanks for your suggestion!

Olle, this may be a stupid question, but shouldn't a native santitize
function be urgently added to the code base in all versions or change
the dialplan compîler to ignore dangerous characters?

/r



More information about the asterisk-users mailing list