similar to: AST-2020-001: Remote crash in res_pjsip_session

The Asterisk Development Team would like to announce security releases for Asterisk 13, 16, 17 and 18, and Certified Asterisk 16.8. The available releases are released as versions 13.37.1, 16.14.1, 17.8.1, 18.0.1 and 16.8-cert5. These releases are available for immediate download at https://downloads.asterisk.org/pub/telephony/asterisk/releases

Asterisk Project Security Advisory – AST-2020-002 Product Asterisk Summary Outbound INVITE loop on challenge with different nonce. Nature of Advisory Denial of Service Susceptibility Remote

Asterisk Project Security Advisory - AST-2018-002 Product Asterisk Summary Crash when given an invalid SDP media format description Nature of Advisory Remote crash Susceptibility Remote

Asterisk Project Security Advisory - AST-2018-003 Product Asterisk Summary Crash with an invalid SDP fmtp attribute Nature of Advisory Remote crash Susceptibility Remote Authenticated Sessions Severity Minor

The Asterisk Development Team would like to announce the release of Asterisk 18.1.0. This release is available for immediate download at https://downloads.asterisk.org/pub/telephony/asterisk The release of Asterisk 18.1.0 resolves several issues reported by the community and would have not been possible without your participation. Thank you! The following issues are resolved in this release:

Asterisk Project Security Advisory - AST-2017-001 Product Asterisk Summary Buffer overflow in CDR's set user Nature of Advisory Buffer Overflow Susceptibility Remote Authenticated Sessions Severity

The Asterisk Development Team would like to announce the release of Asterisk 17.9.0. This release is available for immediate download at https://downloads.asterisk.org/pub/telephony/asterisk The release of Asterisk 17.9.0 resolves several issues reported by the community and would have not been possible without your participation. Thank you! The following issues are resolved in this release:

Asterisk Project Security Advisory - AST-2014-001 Product Asterisk Summary Stack Overflow in HTTP Processing of Cookie Headers. Nature of Advisory Denial Of Service Susceptibility Remote Unauthenticated Sessions Severity Moderate

Asterisk Project Security Advisory - AST-2014-001 Product Asterisk Summary Stack Overflow in HTTP Processing of Cookie Headers. Nature of Advisory Denial Of Service Susceptibility Remote Unauthenticated Sessions Severity Moderate

The Asterisk Development Team would like to announce the release of Asterisk 16.15.0. This release is available for immediate download at https://downloads.asterisk.org/pub/telephony/asterisk The release of Asterisk 16.15.0 resolves several issues reported by the community and would have not been possible without your participation. Thank you! The following issues are resolved in this release:

The Asterisk Development Team would like to announce security release Certified Asterisk 18.9-cert5. The release artifacts are available for immediate download at https://github.com/asterisk/asterisk/releases/tag/certified-18.9-cert5 and https://downloads.asterisk.org/pub/telephony/certified-asterisk The following security advisories were resolved in this release:

The Asterisk Development Team would like to announce security release Certified Asterisk 18.9-cert5. The release artifacts are available for immediate download at https://github.com/asterisk/asterisk/releases/tag/certified-18.9-cert5 and https://downloads.asterisk.org/pub/telephony/certified-asterisk The following security advisories were resolved in this release:

The Asterisk Development Team would like to announce the release of Asterisk 16.0.0. This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk The release of Asterisk 16.0.0 resolves several issues reported by the community and would have not been possible without your participation. Thank you! The following issues are resolved in this release:

The Asterisk Development Team would like to announce the release of Certified Asterisk 13.21-cert1. This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/certified-asterisk The release of Certified Asterisk 13.21-cert1 resolves several issues reported by the community and would have not been possible without your participation. Thank you! The following

The Asterisk Development Team would like to announce the release of Asterisk 15.3.0. This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk The release of Asterisk 15.3.0 resolves several issues reported by the community and would have not been possible without your participation. Thank you! The following issues are resolved in this release:

Asterisk Project Security Advisory - AST-2018-004 Product Asterisk Summary Crash when receiving SUBSCRIBE request Nature of Advisory Remote Crash Susceptibility Remote Unauthenticated Sessions Severity Major

Asterisk Project Security Advisory - AST-2019-007 Product Asterisk Summary AMI user could execute system commands. Nature of Advisory Remote Code Execution Susceptibility Remote Authenticated Sessions Severity Minor

Asterisk Project Security Advisory - Product Asterisk Summary Re-invite with T.38 and malformed SDP causes crash. Nature of Advisory Remote Crash Susceptibility Remote Authenticated Sessions Severity Minor

Asterisk Project Security Advisory - AST-2019-006 Product Asterisk Summary SIP request can change address of a SIP peer. Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated Sessions Severity Minor

The Asterisk Development Team would like to announce the release of Certified Asterisk 13.18-cert1. This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/certified-asterisk The release of Certified Asterisk 13.18-cert1 resolves several issues reported by the community and would have not been possible without your participation. Thank you! The following