HOT NEWS
Web-MeetMe v4.0.2 released! » Web-MeetMe is a suite of PHP pages to allow for scheduling and managing conferences on an Asterisk PBX. Web-MeetMe Add rooms and specify: *- Moderat...
Asterisk 1.8.0-beta2 and Asterisk 1.6.2.11-rc2 are... » The Asterisk Development Team has announced the release of Asterisk 1.8.0-beta2. This release is available for immediate download at http://downl...
libpri 1.4.12-beta1 Now Available. » The Asterisk Development Team has announced the release of libpri version 1.4.12-beta1. This release is available for immediate download at http://do...
Fluency ACD Module - powerful solution for Automat... » Fluency ACD - Automatic Call Distribution delivers a powerful solution for all Customer Contact Management with two guiding principles, enhanced Prod...
A lot of improvements and new developments in Queu... » QueueMetrics version 1.6.1 has been released. This release offers a large number of bug fixes, misc improvements and new developments. Some are worth...
Asterisk 1.8.0-beta1 is Now Available! » The Asterisk Development Team has announced the release of Asterisk 1.8.0-beta1. This release marks the beginning of the testing process for the ...
Asterisk 1.4.34,1.6.2.10,1.4.35-rc1 and 1.6.2.11-r... » The Asterisk Development Team has announced the release of Asterisk 1.4.34. This release is available for immediate download at http://downloads....
pyst: A Python Interface to Asterisk – New relea... » Pyst consists of a set of interfaces and libraries to allow programming of Asterisk from python. The library currently supports AGI, AMI, and the p...
Yealink announces the strategic partnership with E... » Yealink and Elastix signed the cooperation agreement on making Yealink the exclusive official phone brand for Elastix Certified Engineer Training (...
eBox Platform: The Linux Small Business Server. » One single platform to manage all your network services! eBox is a Network Gateway, a Unified Threat Manager, an Office Server, an Infrastructure Man...
Remember Me
Login REGISTER
Written by voiptoday    Wednesday, 03 February 2010 09:31    PDF Print E-mail
Asterisk 1.6.0.22, 1.6.1.14, and 1.6.2.2 Released.

Asterisk_OSR_ The Asterisk Development Team has announced security releases for Asterisk as the following versions:

* 1.6.0.22
* 1.6.1.14
* 1.6.2.2

These releases are available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk/

The releases of Asterisk 1.6.0.22, 1.6.1.14, and 1.6.2.2 include the fix described in security advisory AST-2010-001.

The issue is that an attacker attempting to negotiate T.38 over SIP can remotely
crash Asterisk by modifying the FaxMaxDatagram field of the SDP to contain
either a negative or exceptionally large value.  The same crash will occur when
the FaxMaxDatagram field is omitted from the SDP, as well.

For more information about the details of this vulnerability, please read the
security advisory AST-2009-009, which was released at the same time as this
announcement.

For a full list of changes in the current releases, please see the ChangeLog:

http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.0.22
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.1.14
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.2

Security advisory AST-2010-001 is available at:

http://downloads.asterisk.org/pub/security/AST-2010-001.pdf

Thank you for your continued support of Asterisk!

Last Updated ( Wednesday, 03 February 2010 09:31 )
 

Add comment


Security code
Refresh

Try me!! i'm FREE for today I'll change your life
Advertise here

Your are currently browsing this site with Internet Explorer 6 (IE6).

Your current web browser must be updated to version 7 of Internet Explorer (IE7) to take advantage of all of template's capabilities.

Why should I upgrade to Internet Explorer 7? Microsoft has redesigned Internet Explorer from the ground up, with better security, new capabilities, and a whole new interface. Many changes resulted from the feedback of millions of users who tested prerelease versions of the new browser. The most compelling reason to upgrade is the improved security. The Internet of today is not the Internet of five years ago. There are dangers that simply didn't exist back in 2001, when Internet Explorer 6 was released to the world. Internet Explorer 7 makes surfing the web fundamentally safer by offering greater protection against viruses, spyware, and other online risks.

Get free downloads for Internet Explorer 7, including recommended updates as they become available. To download Internet Explorer 7 in the language of your choice, please visit the Internet Explorer 7 worldwide page.