[asterisk-security] Asterisk 1.8.7.1 Now Available (Security Release)

David A. Bandel david.bandel at gmail.com
Tue Oct 18 05:48:03 CDT 2011


Folks,

Can someone check the distro build scripts?  Apparently, yesterday,
only lucid and part of maverick was updated.  No updates for other
distros.

Thanx,

David A. Bandel

On Mon, Oct 17, 2011 at 13:36, Asterisk Development Team
<asteriskteam at digium.com> wrote:
> The Asterisk Development Team has announced a security release for Asterisk 1.8.
> The available security release is released as version 1.8.7.1.
>
> This release is available for immediate download at
> http://downloads.asterisk.org/pub/telephony/asterisk/releases
>
> The release of Asterisk 1.8.7.1 resolves an issue with SIP URI parsing which can
> lead to a remotely exploitable crash:
>
>    Remote Crash Vulnerability in SIP channel driver (AST-2011-012)
>
> The issue and resolution is described in the AST-2011-012 security
> advisory.
>
> For more information about the details of this vulnerability, please read the
> security advisory AST-2011-012, which was released at the same time as this
> announcement.
>
> For a full list of changes in the current release, please see the ChangeLog:
>
> http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.7.1
>
> Security advisory AST-2011-012 is available at:
>
> http://downloads.asterisk.org/pub/security/AST-2011-012.pdf
>
> Thank you for your continued support of Asterisk!
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> asterisk-security mailing list
> To UNSUBSCRIBE or update options visit:
>   http://lists.digium.com/mailman/listinfo/asterisk-security
>



-- 
Two things are infinite: the universe and human stupidity; and I'm not
sure about the the universe. -- Albert Einstein
Visit my web page at: http://david.bandel.us/



More information about the asterisk-security mailing list