Bäste kund, tack för att du kontaktar oss! Vi har för närvarande högt tryck på vår kundservice och vi gör vårt yttersta för att besvara ditt ärende så snabbt som möjligt. Tack för ditt tålamod och förståelse! Vanliga frågor och svar hittar ni via länken nedan: https://royaldesign.se/kundtjanst <https://royaldesign.se/kundtjanst> Vid avbeställningar råder vi dig till att ringa oss på: 010 750 25 21 Ha en fortsatt trevlig dag! Previous-message-reference: <CAP=uFEsco8knetYgFT0d=cne+6jdjmwlgoz732w6vsctgdw...@mail.gmail.com> Previous-message-reference: <57276b05a0c14f71aff36afe436a2...@email.dixa.io> Asterisk Development Team December 14, 21:11 GMT The earlier release announcement should NOT have had any User or Upgrade notes. The Asterisk Development Team would like to announce security release Certified Asterisk 18.9-cert6. The release artifacts are available for immediate download at https://github.com/asterisk/asterisk/releases/tag/certified-18.9-cert6 <https://github.com/asterisk/asterisk/releases/tag/certified-18.9-cert6> and https://downloads.asterisk.org/pub/telephony/certified-asterisk <https://downloads.asterisk.org/pub/telephony/certified-asterisk> The following security advisories were resolved in this release: - Path traversal via AMI GetConfig allows access to outside files <https://github.com/asterisk/asterisk/security/advisories/GHSA-8857-hfmw-vg8f> - Asterisk susceptible to Denial of Service via DTLS Hello packets during call initiation <https://github.com/asterisk/asterisk/security/advisories/GHSA-hxj9-xwr8-w8pq> - PJSIP logging allows attacker to inject fake Asterisk log entries <https://github.com/asterisk/asterisk/security/advisories/GHSA-5743-x3p5-3rg7> - PJSIP_HEADER dialplan function can overwrite memory/cause crash when using 'update' <https://github.com/asterisk/asterisk/security/advisories/GHSA-98rc-4j27-74hh> Change Log for Release asterisk-certified-18.9-cert6 <> Links: <> * Full ChangeLog <https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-certified-18.9-cert6.md> * GitHub Diff <https://github.com/asterisk/asterisk/compare/certified-18.9-cert5...certified-18.9-cert6> * Tarball <https://downloads.asterisk.org/pub/telephony/asterisk/asterisk-certified-18.9-cert6.tar.gz> * Downloads <https://downloads.asterisk.org/pub/telephony/asterisk> Summary: <> * res_pjsip_header_funcs: Duplicate new header value, don't copy. * res_rtp_asterisk.c: Check DTLS packets against ICE candidate list * manager.c: Prevent path traversal with GetConfig. * res_pjsip: disable raw bad packet logging User Notes: <> Upgrade Notes: <> Closed Issues: <> None
-- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-security mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-security
