asterisk users - Aug 2009 - Asterisk 1.2.34, 1.4.26.1, 1.6.0.12, and 1.6.1.4 release announcement

The Asterisk Development Team is pleased to announce the releases of 1.2.34,
1.4.26.1, 1.6.0.12, and 1.6.1.4.  These releases are available for immediate
download at http://downloads.asterisk.org/pub/telephony/asterisk/

The release of 1.6.1.4 fixes a remote crash security vulnerability in the SIP
stack.  Although this crash was not demonstrated in any other version, the
details of the vulnerability suggested the possibility that related attacks
might be possible in the future.  We therefore opted to release new versions
of all current releases with these fixes applied.  For more information about
the details of this vulnerability, please read the security advisory
AST-2009-005, which was released at the same time as this announcement.

In addition, Asterisk users may notice that we skipped the version numbers
1.6.0.11 and 1.6.1.3.  This was intentional, in an effort to avoid confusion
about what a particular release contains.  Both of those version numbers had
candidates for releases made, so backtracking on those changes in a release
with the same version number might be confusing.  Those release candidates
will be reissued with additional bugfixes, as 1.6.0.13-rc1 and 1.6.1.5-rc1,
respectively.

For a full list of changes in the current releases, please see the ChangeLogs:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.2.34
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.4.26.1
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.0.12
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.1.4

Thank you for your continued support of Asterisk!