[Asterisk-Security] asterisk 1.4.2 and asterisk 1.2.17: fix remote
SIP issues
Tzafrir Cohen
tzafrir.cohen at xorcom.com
Wed Mar 21 12:59:55 MST 2007
Hi all
I see no annocement in this list yet, so I'll post my own. Basically
untested copy&paste.
Asterisk 1.4.2:
- a fix for a SIP channel driver remote DoS vulnerability
(http://bugs.digium.com/view.php?id=9313 , fixed in rev. 59037 )
Asterisk 1.4.2 and Asterisk 1.2.17:
- a fix for a SIP channel driver remote DoS vulnerability discovered
by INRIA Lorraine
(http://voipsa.org/pipermail/voipsec_voipsa.org/2007-March/002275.html )
Thus the update is highly recommended for all users of Asterisk 1.4 with
the SIP channel driver loaded and connected to an untrusted network.
Sources:
http://asterisk.org/node/48339
http://asterisk.org/node/48338
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir at jabber.org
+972-50-7952406 mailto:tzafrir.cohen at xorcom.com
http://www.xorcom.com iax:guest at local.xorcom.com/tzafrir
More information about the Asterisk-Security
mailing list