[AsteriskBrasil] Fwd: [asterisk-dev] Asterisk 1.8.2.2 Now Available (Security Release)

Denis Galvao denisgalvao em gmail.com
Quinta Janeiro 20 19:29:02 BRST 2011


---------- Forwarded message ----------
From: Asterisk Development Team <asteriskteam em digium.com>
Date: Thu, 20 Jan 2011 16:19:59 -0500
Subject: [asterisk-dev] Asterisk 1.8.2.2 Now Available (Security Release)
To: Asterisk Development Team <asteriskteam em digium.com>

The Asterisk Development Team has announced a release for the security issue
described in AST-2011-001.

Due to a failed merge, Asterisk 1.8.2.1 which should have included the security
fix did not. Asterisk 1.8.2.2 contains the the changes which should have been
included in Asterisk 1.8.2.1.

This releases is available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk/releases

The releases of Asterisk 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1, 1.6.2.16.2,
1.8.1.2, and 1.8.2.2 resolve an issue when forming an outgoing SIP request while
in pedantic mode, which can cause a stack buffer to be made to overflow if
supplied with carefully crafted caller ID information. The issue and resolution
are described in the AST-2011-001 security advisory.

For more information about the details of this vulnerability, please read the
security advisory AST-2011-001, which was released at the same time as this
announcement.

For a full list of changes in the current release, please see the ChangeLog:

http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.2.2

Security advisory AST-2011-001 is available at:

http://downloads.asterisk.org/pub/security/AST-2011-001.pdf

Thank you for your continued support of Asterisk!

--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

asterisk-dev mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-dev

-- 
Enviado do meu celular


Mais detalhes sobre a lista de discussão AsteriskBrasil