[asterisk-security] Asterisk 16.29.1, 18.15.1, 19.7.1, 20.0.1 Now Available

Asterisk Development Team asteriskteam at digium.com
Thu Dec 1 16:51:19 CST 2022


The Asterisk Development Team would like to announce the release of
Asterisk 16.29.1, 18.15.1, 19.7.1, and 20.0.1.
This release is available for immediate download at
https://downloads.asterisk.org/pub/telephony/asterisk
The release of Asterisk 16.29.1, 18.15.1, 19.7.1, and 20.0.1 resolves
issues reported by the
community and would have not been possible without your participation.Thank
you!

The following issue is resolved in this release:

Bugs fixed in this release:
———————————–

[ASTERISK-30103 <https://issues.asterisk.org/jira/browse/ASTERISK-30103>]
chan_ooh323 vulnerability in calling/called party IE (Reported By: Michael
Bradeen)

[ASTERISK-30176 <https://issues.asterisk.org/jira/browse/ASTERISK-30176>]
GetConfig can read files outside of Asterisk (Reported By: shawty)

[ASTERISK-30244 <https://issues.asterisk.org/jira/browse/ASTERISK-30244>]
Occasional crash when TCP/TLS connection terminated and subscription
persistence is removed (Reported By: nappsoft)

[ASTERISK-30338 <https://issues.asterisk.org/jira/browse/ASTERISK-30338>]
Backport 2.13 security fixes from pjproject

For a full list of changes in this release, please see the ChangeLog:
https://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-16.29.1

https://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-18.15.1

https://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-19.7.1

https://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-20.0.1

Thank you for your continued support of Asterisk!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-security/attachments/20221201/e027e7cd/attachment.html>


More information about the asterisk-security mailing list