The Asterisk development team has released versions 1.2.8 and 1.4.4 of Asterisk-addons.
This release contains a fix for a security vulnerability in the cdr_addon_mysql module. This module is vulnerable to SQL injection. See the details on the security issue in the published advisory: http://downloads.digium.com/pub/asa/AST-2007-023.pdf Only systems that use this module for logging CDR records are vulnerable to the problem. Thank you for your support! _______________________________________________ --Bandwidth and Colocation Provided by http://www.api-digital.com-- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users