Asterisk Development Team
2011-Jun-02 19:07 UTC
[asterisk-users] Asterisk 1.8.4.2 Now Available (Security Release)
The Asterisk Development Team has announced the release of Asterisk
version 1.8.4.2, which is a security release for Asterisk 1.8.
This release is available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk/releases
The release of Asterisk 1.8.4.2 resolves an issue with SIP URI parsing
which can lead to a remotely exploitable crash:
Remote Crash Vulnerability in SIP channel driver (AST-2011-007)
The issue and resolution is described in the AST-2011-007 security
advisory.
For more information about the details of this vulnerability, please
read the security advisory AST-2011-007, which was released at the same
time as this announcement.
For a full list of changes in the current release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.4.2
Security advisory AST-2011-007 is available at:
http://downloads.asterisk.org/pub/security/AST-2011-007.pdf
Thank you for your continued support of Asterisk!
satish patel
2011-Jun-02 19:35 UTC
[asterisk-users] Asterisk 1.8.4.2 Now Available (Security Release)
Is this available in current SVN ?> Date: Thu, 2 Jun 2011 15:07:50 -0400 > From: asteriskteam at digium.com > To: asteriskteam at digium.com > Subject: [asterisk-users] Asterisk 1.8.4.2 Now Available (Security Release) > > The Asterisk Development Team has announced the release of Asterisk > version 1.8.4.2, which is a security release for Asterisk 1.8. > > This release is available for immediate download at > http://downloads.asterisk.org/pub/telephony/asterisk/releases > > The release of Asterisk 1.8.4.2 resolves an issue with SIP URI parsing > which can lead to a remotely exploitable crash: > > Remote Crash Vulnerability in SIP channel driver (AST-2011-007) > > The issue and resolution is described in the AST-2011-007 security > advisory. > > For more information about the details of this vulnerability, please > read the security advisory AST-2011-007, which was released at the same > time as this announcement. > > For a full list of changes in the current release, please see the ChangeLog: > > http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.4.2 > > Security advisory AST-2011-007 is available at: > > http://downloads.asterisk.org/pub/security/AST-2011-007.pdf > > Thank you for your continued support of Asterisk! > > -- > _____________________________________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > New to Asterisk? Join us for a live introductory webinar every Thurs: > http://www.asterisk.org/hello > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20110602/88bc3ccc/attachment.htm>
Leif Madsen
2011-Jun-02 20:32 UTC
[asterisk-users] Asterisk 1.8.4.2 Now Available (Security Release)
On 02/06/11 03:35 PM, satish patel wrote:> Is this available in current SVN ?Changes are always checked into SVN first and then made available in a tag. Leif. -- Leif Madsen http://www.oreilly.com/catalog/asterisk