There was an Asterisk Manager User Dialplan Permission Escalation vulnerability reported by Matt Jordan about Asterisk PBX. This permission escalation bug which made it possible to compromise remote authenticated sessions was considered as a minor severity vulnerability. Protocols such as the Asterisk Manager Interface, which offer external control, are often able to set and get channel variables which allows the execution of dialplan functions. We all know of the power of dialplan functions inside Asterisk. Is that power which allows us to build a plethora of Asterisk based applications. When some functions that are allowed to do more (e.g. execute commands, change…
The Asterisk Development Team is pleased to announce the second beta release of Asterisk 12.0.0. You can immediately download this release at http://downloads.asterisk.org/pub/telephony/asterisk/releases We strongly encourage all interested Asterisk users to participate throughout the testing process. For any issues you might find, please use the issue tracker to report it: https://issues.asterisk.org/jira. We would like you to come to the #asterisk-bugs channel in order to help communicating issues you found. Also, it is also very useful to see successful test reports. You can use the asterisk-dev mailing list for that (http://lists.digium.com). The next major release in the series of our favorite VoIP software will be Asterisk 12,…
The Asterisk Development Team has announced the release of Asterisk 11.5.0. This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk The release of Asterisk 11.5.0 resolves several issues reported by the community and would have not been possible without your participation. Thank you! For a full list of changes in this release, please see the ChangeLog: http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.5.0 Thank you for your continued support of Asterisk!
The Asterisk Development Team has announced the releases of:
This release is available for immediate download at:
In this release:
* Driving closer towards sysfs configuration of dahdi devices
* Experimental support to "pin"  specific span and channel numbers to specific device/local spans
* New wcte13xp base driver
For a full list of changes in these releases, please see the shortlog at:
Issues found in this release can be reported in the DAHDI-Linux  and DAHDI-Tools  projects at https://issues.asterisk.org/jira
The Asterisk Development Team has announced the release of Asterisk 11.4.0. This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk The release of Asterisk 11.4.0 resolves several issues reported by the community and would have not been possible without your participation. Thank you! For a full list of changes in this release, please see the ChangeLog: http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.4.0 Thank you for your continued support of Asterisk!