[AsteriskBrasil] Fwd: [asterisk-dev] Critical Updates: Asterisk 1.2.22 and 1.4.8 released

Denis Galvão denisgalvao em gmail.com
Terça Julho 17 22:44:37 BRT 2007 

--
Denis Galvão
AsteriskBrasil.org

Ajude a comunidade AsteriskBrasil.org, compre uma camiseta!
http://www.voipmania.com.br


Begin forwarded message:

> From: The Asterisk Development Team <asteriskteam em digium.com>
> Date: 17 de julho de 2007 19h22min21s GMT-03:00
> To: undisclosed-recipients:;
> Subject: [asterisk-dev] Critical Updates: Asterisk 1.2.22 and 1.4.8  
> released
> Reply-To: Asterisk Developers Mailing List <asterisk- 
> dev em lists.digium.com>
>
> The Asterisk development team has released Asterisk versions 1.2.22  
> and
> 1.4.8.
>
> These releases contain fixes for four critical security  
> vulnerabilities.
>  One of these vulnerabilities is a remotely exploitable stack buffer
> overflow, which could allow an attacker to execute arbitrary code  
> on the
> target machine.  The other three are all remotely exploitable crash
> vulnerabilities.
>
> We have released Asterisk Security Advisories for each of the
> vulnerabilities.  The current version of each advisory can be  
> downloaded
> from the ftp site.
>
> http://ftp.digium.com/pub/asa/ASA-2007-014.pdf
>  * Affected systems include those that bridge calls between chan_iax2
> and any channel driver that uses RTP for media
>
> http://ftp.digium.com/pub/asa/ASA-2007-015.pdf
>  * Affected systems include any system that has chan_iax2 enabled
>
> http://ftp.digium.com/pub/asa/ASA-2007-016.pdf
>  * Affected systems include any system that has chan_skinny enabled
>
> http://ftp.digium.com/pub/asa/ASA-2007-017.pdf
>  * Affected systems include any 1.4 system that has any channel driver
> that uses RTP for media enabled
>
> All users that have systems that meet any of the criteria listed above
> should upgrade as soon as possible.
>
> Thank you very much for your support.
>
> _______________________________________________
> --Bandwidth and Colocation Provided by http://www.api-digital.com--
>
> asterisk-dev mailing list
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-dev

Mais detalhes sobre a lista de discussão AsteriskBrasil