Asterisk 1.6.2.24, 1.8.11.1, 10.3.1 Now Available (Security Release)

Report
Question

The Asterisk Development Team has announced security releases for Asterisk 1.6.2,
1.8, and 10. The available security releases are released as versions 1.6.2.24,
1.8.11.1, and 10.3.1. These releases are available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk/releases The release of Asterisk 1.6.2.24, 1.8.11.1, and 10.3.1 resolve the following two
issues: * A permission escalation vulnerability in Asterisk Manager Interface. This
would potentially allow remote authenticated users the ability to execute
commands on the system shell with the privileges of the user running the
Asterisk application. * A heap overflow vulnerability in the Skinny…

Asterisk Users 46.2 years ago 0 Answers

Asterisk 1.4.44, 1.6.2.23, 1.8.10.1, 10.2.1 Now Available (Security Releases)

Report
Question

The Asterisk Development Team has announced security releases for Asterisk 1.4,
1.6.2, 1.8, and 10. The available security releases are released as versions
1.4.44, 1.6.2.23, 1.8.10.1, and 10.2.1. These releases are available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk/releases The release of Asterisk 1.4.44 and 1.6.2.23 resolve an issue wherein app_milliwatt
can potentially overrun a buffer on the stack, causing Asterisk to crash. This
does not have the potential for remote code execution. The release of Asterisk 1.8.10.1 and 10.2.1 resolve two issues. First, they
resolve the issue in app_milliwatt, wherein a buffer can…

Asterisk Users 46.2 years ago 0 Answers