[AsteriskBrasil] Fwd: [asterisk-dev] Asterisk 1.8.11-cert4, 1.8.13.1, 10.5.2, 10.5.2-digiumphones Now Available (Security Release)

Telesurf Multimidia tele-surf em hotmail.com
Sexta Julho 6 09:16:10 BRT 2012


Ola!
 
Qual a diferenca entre estas versoes do asterisk?
 



Date: Thu, 5 Jul 2012 23:10:11 -0300
From: sylvio.jollenbeck em gmail.com
To: asteriskbrasil em listas.asteriskbrasil.org
Subject: [AsteriskBrasil] Fwd: [asterisk-dev] Asterisk 1.8.11-cert4, 1.8.13.1, 10.5.2, 10.5.2-digiumphones Now Available (Security Release)

PSC



---------- Forwarded message ----------
From: Asterisk Development Team <asteriskteam em digium.com>
Date: 2012/7/5
Subject: [asterisk-dev] Asterisk 1.8.11-cert4, 1.8.13.1, 10.5.2, 10.5.2-digiumphones Now Available (Security Release)
To: asterisk-dev em lists.digium.com


The Asterisk Development Team has announced security releases for Certified
Asterisk 1.8.11 and Asterisk 1.8 and 10. The available security releases are
released as versions 1.8.11-cert4, 1.8.13.1, 10.5.2, and 10.5.2-digiumphones.

These releases are available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk/releases

The release of Asterisk 1.8.11-cert4, 1.8.13.1, 10.5.2, and 10.5.2-digiumphones
resolve the following two issues:

* If Asterisk sends a re-invite and an endpoint responds to the re-invite with
  a provisional response but never sends a final response, then the SIP dialog
  structure is never freed and the RTP ports for the call are never released. If
  an attacker has the ability to place a call, they could create a denial of
  service by using all available RTP ports.

* If a single voicemail account is manipulated by two parties simultaneously,
  a condition can occur where memory is freed twice causing a crash.

These issues and their resolution are described in the security advisories.

For more information about the details of these vulnerabilities, please read
security advisories AST-2012-010 and AST-2012-011, which were released at the
same time as this announcement.

For a full list of changes in the current releases, please see the ChangeLogs:

http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.11-cert4
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.13.1
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.5.2
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.5.2-digiumphones

The security advisories are available at:

 * http://downloads.asterisk.org/pub/security/AST-2012-010.pdf
 * http://downloads.asterisk.org/pub/security/AST-2012-011.pdf

Thank you for your continued support of Asterisk!








--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

asterisk-dev mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-dev


_______________________________________________ KHOMP Inova��o: External Board Series M�dulos de 1/2 rack e 1U para todas as interfaces e solu��es Asterisk e FreeSWITCH. Tenha a External Series Experience na sua aplica��o. Visite�www.khomp.com _______________________________________________ DIGIVOICE Fabricante de Placas de Voz e Channel Bank 20 anos de experi�ncia com E1(R2/ISDN), FXS, FXO e GSM Centro Treinamento - Curso de PABX IP - Asterisk - Site www.digivoice.com.br ________ YEALINK: Telefones IP e V�deoPhones IP com o melhor custo/benef�cio do mercado. email: yealink em commlogik.com.br | www.commlogik.com.br | (11) 5503-1011 ______________________________________________ Para remover seu email desta lista, basta enviar um email em branco para asteriskbrasil-unsubscribe em listas.asteriskbrasil.org 		 	   		  
-------------- Próxima Parte ----------
Um anexo em HTML foi limpo...
URL: http://listas.asteriskbrasil.org/pipermail/asteriskbrasil/attachments/20120706/dedcea6f/attachment.htm 


Mais detalhes sobre a lista de discussão AsteriskBrasil