search for: voipsec_voipsa

The Asterisk and Zaptel development teams have released Asterisk version 1.2.17. Along with minor bug fixes, this release incorporates a fix for the SIP DoS vulnerability recently discovered by INRIA Lorraine (http://voipsa.org/pipermail/voipsec_voipsa.org/2007-March/002275.html). All users of Asterisk 1.2 with the SIP channel driver loaded and connected to an untrusted network are urged to update to this release to avoid the possibility of experiencing this problem. Thanks for your support of Asterisk and Zaptel!

...IAX2 channel driver There are also two security-related changes in this version: - a fix for a SIP channel driver remote DoS vulnerability (http://bugs.digium.com/view.php?id=9313) - a fix for a SIP channel driver remote DoS vulnerability discovered by INRIA Lorraine (http://voipsa.org/pipermail/voipsec_voipsa.org/2007-March/002275.html) All users of Asterisk 1.4 with the SIP channel driver loaded and connected to an untrusted network are urged to update to this release to avoid the possibility of experiencing these problems. Thanks for your support of Asterisk and Zaptel!

The Asterisk and Zaptel development teams have released Asterisk version 1.2.17. Along with minor bug fixes, this release incorporates a fix for the SIP DoS vulnerability recently discovered by INRIA Lorraine (http://voipsa.org/pipermail/voipsec_voipsa.org/2007-March/002275.html). All users of Asterisk 1.2 with the SIP channel driver loaded and connected to an untrusted network are urged to update to this release to avoid the possibility of experiencing this problem. Thanks for your support of Asterisk and Zaptel!

...IAX2 channel driver There are also two security-related changes in this version: - a fix for a SIP channel driver remote DoS vulnerability (http://bugs.digium.com/view.php?id=9313) - a fix for a SIP channel driver remote DoS vulnerability discovered by INRIA Lorraine (http://voipsa.org/pipermail/voipsec_voipsa.org/2007-March/002275.html) All users of Asterisk 1.4 with the SIP channel driver loaded and connected to an untrusted network are urged to update to this release to avoid the possibility of experiencing these problems. Thanks for your support of Asterisk and Zaptel!

I just read on Slashdot (at http://yro.slashdot.org/article.pl?sid=07/12/16/222243 ) that Trixbox "has been phoning home with statistics about their installations", as a Trixbox user exposed in "Trixbox Phones Home" at http://www.trixbox.org/forums/trixbox-forums/open-discussion/trixbox-phones-home . -- (C) Matthew Rubenstein