[asterisk-security] Asterisk-addons 1.2.8 and 1.4.4 released
The Asterisk Development Team
asteriskteam at digium.com
Tue Oct 16 18:49:06 CDT 2007
The Asterisk development team has released versions 1.2.8 and 1.4.4 of
Asterisk-addons.
This release contains a fix for a security vulnerability in the cdr_addon_mysql
module. This module is vulnerable to SQL injection. See the details on the
security issue in the published advisory:
http://downloads.digium.com/pub/asa/AST-2007-023.pdf
Only systems that use this module for logging CDR records are vulnerable to the
problem.
Thank you for your support!
More information about the asterisk-security
mailing list