El grupo de desarrollo de Asterisk manda el aviso de la liberación de la versión 1.6.1.8 que cuenta con un parche de seguridad que afecta la revisión de ACL’s(Access Control List) de SIP…
Begin forwarded message:
From: Asterisk Development Team
Date: October 26, 2009 5:36:36 PM CST
To: asteriskteam@digium.com
Subject: [asterisk-announce] Asterisk 1.6.1.8 Now AvailableThe Asterisk Development Team has announced the releases of Asterisk 1.6.1.8.
This release is available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk/The release of 1.6.1.8 resolves an issue where an ACL check is not present for
verifying SIP INVITEs. For more information about the details of this
vulnerability, please read the security advisory AST-2009-007, which was
released at the same time as this announcement.The Asterisk 1.6.1 series is the only fully released version which contains this
vulnerability. Releases from previous branches (1.6.0, 1.4, 1.2) are not
affected.In addition, Asterisk users may notice that we skipped the version number
1.6.1.7. This was intentional, in an effort to avoid confusion about what a
particular release contains. Asterisk 1.6.1.7 had candidates for release made,
so backtracking on those changes in a release with the same version number might
be confusing. The next release candidate, which would have been 1.6.1.7-rc3,
will be released with additional changes as 1.6.1.9-rc1.For a full list of changes in the current release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.1.8
Release announcement AST-2009-007 is available at:
http://downloads.asterisk.org/pub/security/AST-2009-007.pdf
Thank you for your continued support of Asterisk!
_______________________________________________
–Bandwidth and Colocation Provided by http://www.api-digital.com–asterisk-announce mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-announce