Asterisk 1.2.9.1 and Asterisk 1.0.11.1 Released - Security Fix

Richard

Posts: 67
Member Since:
2006-06-01

Submitted by Richard on Sat, 07/15/2006 - 3:28pm.

Asterisk 1.2.9.1 and Asterisk 1.0.11.1 Released - Security Fix
Submitted by asteriskteam on Mon, 2006-06-05 23:06.

The Asterisk Development Team today released Asterisk 1.2.9.1 and Asterisk 1.0.11.1 to address a security vulnerability in the IAX2 channel driver (chan_iax2). The vulnerability affects all users with IAX2 clients that might be compromised or used by a malicious user, and can lead to denial of service attacks and random Asterisk server crashes via a relatively trivial exploit.

All users are urged to upgrade as soon as they can practically do so, or ensure that they don't expose IAX2 services to the public if it is not necessary.

The release files are available in the usual place (ftp.digium.com), as both tarballs and patch files relative to the last release. In addition, both the tarballs and the patch files have been signed using GPG keys of the release maintainers, so that you can ensure their authenticity.

&nbsp

rasker

Posts: 529
Member Since:
2006-06-02

Re: Asterisk 1.2.9.1 and Asterisk 1.0.11.1 Released - Security F

Sat, 07/15/2006 - 4:27am

If you do a

asterisk -V

and it says that you have asterisk 1.2.9.1 then you already have the fixed version.

TrixBoxTools

&nbsp

W1zz

Posts: 562
Member Since:
2006-05-31

Re: Asterisk 1.2.9.1 and Asterisk 1.0.11.1 Released - Security F

Sat, 07/15/2006 - 3:28pm

That's so yesterdays news...

Asterisk 1.2.10 and Zaptel 1.2.7 are out :-D

Alan

install-ZAPHFC

Look here for more help.
Current version is 1.4.0 (25 January 2008)

&nbsp

Asterisk 1.2.9.1 and Asterisk 1.0.11.1 Released - Security Fix

Comment viewing options

Search

Main

User login

Who's online