ckleea

Asterisk Project Security Advisory - AST-2012-006

         Product         Asterisk
         Summary         Remote Crash Vulnerability in SIP Channel Driver
    Nature of Advisory   Remote Crash
      Susceptibility     Remote Authenticated Sessions
         Severity        Moderate
      Exploits Known     No
       Reported On       April 16, 2012
       Reported By       Thomas Arimont
        Posted On        April 23, 2012
     Last Updated On     April 23, 2012
     Advisory Contact    Matt Jordan < mjordan AT digium DOT com >
         CVE Name

   Description  A remotely exploitable crash vulnerability exists in the
                SIP channel driver if a SIP UPDATE request is processed
                within a particular window of time. For this to occur, the
                following must take place:

                1. The setting 'trustrpid' must be set to True

                2. An UPDATE request must be received after a call has been
                terminated and the associated channel object has been
                destroyed, but before the SIP dialog associated with the
                call has been destroyed. Receiving the UPDATE request
                before the call is terminated or after the SIP dialog
                associated with the call will not cause the crash
                vulnerability described here.

                3. The UPDATE request must be formatted with the
                appropriate headers to reflect an Asterisk connected line
                update. The information in the headers must reflect a
                different Caller ID then what was previously associated
                with the dialog.

                When these conditions are true, Asterisk will attempt to
                perform a connected line update with no associated channel,
                and will crash.

   Resolution  Asterisk now ensures a channel exists before performing a
               connected line update, when that connected line update is
               initiated via a SIP UPDATE request.

               In Asterisk versions not containing the fix for this issue,
               setting the 'trustrpid' setting to False will prevent this
               crash from occurring (default is False)

                              Affected Versions
                Product               Release Series
         Asterisk Open Source             1.8.x       All versions
         Asterisk Open Source              10.x       All versions
       Asterisk Business Edition          C.3.x       All versions

                                 Corrected In
                   Product                              Release
             Asterisk Open Source                   1.8.11.1, 10.3.1
          Asterisk Business Edition                     C.3.7.4

                                   Patches
                              SVN URL                              Revision
  http://downloads.asterisk.org/pub/security/AST-2012-006-1.8.diff v1.8
  http://downloads.asterisk.org/pub/security/AST-2012-006-10.diff  v.10

      Links     https://issues.asterisk.org/jira/browse/ASTERISK-19770

   Asterisk Project Security Advisories are posted at
   http://www.asterisk.org/security

   This document may be superseded by later versions; if so, the latest
   version will be posted at
   http://downloads.digium.com/pub/security/AST-2012-006.pdf and
   http://downloads.digium.com/pub/security/AST-2012-006.html

                               Revision History
         Date                 Editor                  Revisions Made
   04/16/2012         Matt Jordan              Initial release.

              Asterisk Project Security Advisory - AST-2012-006
             Copyright (c) 2012 Digium, Inc. All Rights Reserved.
Permission is hereby granted to distribute and publish this advisory in its
                          original, unaltered form

ckleea

The Asterisk Development Team has announced the release of Asterisk 1.8.12.0.
This release is available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk

The release of Asterisk 1.8.12.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!

The following are the issues resolved in this release:

* --- Prevent chanspy from binding to zombie channels
(Closes issue ASTERISK-19493. Reported by lvl)

* --- Fix Dial m and r options and forked calls generating warnings
     for voice frames.
(Closes issue ASTERISK-16901. Reported by Chris Gentle)

* --- Remove ISDN hold restriction for non-bridged calls.
(Closes issue ASTERISK-19388. Reported by Birger Harzenetter)

* --- Fix copying of CDR(accountcode) to local channels.
(Closes issue ASTERISK-19384. Reported by jamicque)

* --- Ensure Asterisk acknowledges ACKs to 4xx on Replaces errors
(Closes issue ASTERISK-19303. Reported by Jon Tsiros)

* --- Eliminate double close of file descriptor in manager.c
(Closes issue ASTERISK-18453. Reported by Jaco Kroon)

For a full list of changes in this release, please see the ChangeLog:

http://downloads.asterisk.org/pu ... /ChangeLog-1.8.12.0

Thank you for your continued support of Asterisk!

ckleea

The Asterisk Development Team has announced the release of Asterisk 10.4.0.
This release is available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk

The release of Asterisk 10.4.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!

The following are the issues resolved in this release:

* --- Prevent chanspy from binding to zombie channels
(Closes issue ASTERISK-19493. Reported by lvl)

* --- Fix Dial m and r options and forked calls generating warnings
     for voice frames.
(Closes issue ASTERISK-16901. Reported by Chris Gentle)

* --- Remove ISDN hold restriction for non-bridged calls.
(Closes issue ASTERISK-19388. Reported by Birger Harzenetter)

* --- Fix copying of CDR(accountcode) to local channels.
(Closes issue ASTERISK-19384. Reported by jamicque)

* --- Ensure Asterisk acknowledges ACKs to 4xx on Replaces errors
(Closes issue ASTERISK-19303. Reported by Jon Tsiros)

* --- Eliminate double close of file descriptor in manager.c
(Closes issue ASTERISK-18453. Reported by Jaco Kroon)

For a full list of changes in this release, please see the ChangeLog:

http://downloads.asterisk.org/pu ... sk/ChangeLog-10.4.0

Thank you for your continued support of Asterisk!

ckleea

The Asterisk Development Team has announced security releases for Certified
Asterisk 1.8.11 and Asterisk 1.8 and 10. The available security releases are
released as versions 1.8.11-cert2, 1.8.12.1, and 10.4.1.

These releases are available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk/releases

The release of Asterisk 1.8.11-cert2, 1.8.12.1, and 10.4.1 resolve the following
two issues:

* A remotely exploitable crash vulnerability exists in the IAX2 channel
driver if an established call is placed on hold without a suggested music
class. Asterisk will attempt to use an invalid pointer to the music
on hold class name, potentially causing a crash.

* A remotely exploitable crash vulnerability was found in the Skinny (SCCP)
Channel driver. When an SCCP client closes its connection to the server,
a pointer in a structure is set to NULL.  If the client was not in the
on-hook state at the time the connection was closed, this pointer is later
dereferenced. This allows remote authenticated connections the ability to
cause a crash in the server, denying services to legitimate users.

These issues and their resolution are described in the security advisories.

For more information about the details of these vulnerabilities, please read
security advisories AST-2012-007 and AST-2012-008, which were released at the
same time as this announcement.

For a full list of changes in the current releases, please see the ChangeLogs:

http://downloads.asterisk.org/pu ... ngeLog-1.8.11-cert2
http://downloads.asterisk.org/pu ... /ChangeLog-1.8.12.1
http://downloads.asterisk.org/pu ... es/ChangeLog-10.4.1

The security advisories are available at:

* http://downloads.asterisk.org/pub/security/AST-2012-007.pdf
* http://downloads.asterisk.org/pub/security/AST-2012-008.pdf

Thank you for your continued support of Asterisk!

ckleea

Asterisk Project Security Advisory - AST-2012-007

         Product        Asterisk
         Summary        Remote crash vulnerability in IAX2 channel driver.
   Nature of Advisory   Remote crash
     Susceptibility     Established calls
        Severity        Moderate
     Exploits Known     No
       Reported On      March 21, 2012
       Reported By      mgrobecker
        Posted On       May 29, 2012
     Last Updated On    May 29, 2012
    Advisory Contact    Richard Mudgett < rmudgett AT digium DOT com >
        CVE Name        CVE-2012-2947

   Description  A remotely exploitable crash vulnerability exists in the
                IAX2 channel driver if an established call is placed on
                hold without a suggested music class. For this to occur,
                the following must take place:

                1. The setting mohinterpret=passthrough must be set on the
                end placing the call on hold.

                2. A call must be established.

                3. The call is placed on hold without a suggested
                music-on-hold class name.

                When these conditions are true, Asterisk will attempt to
                use an invalid pointer to a music-on-hold class name. Use
                of the invalid pointer will either cause a crash or the
                music-on-hold class name will be garbage.

   Resolution  Asterisk now sets the extra data parameter to null if the
               received control frame does not have any extra data.

                              Affected Versions
               Product              Release Series
         Certified Asterisk          1.8.11-cert    All versions
        Asterisk Open Source            1.8.x       All versions
        Asterisk Open Source             10.x       All versions

                                 Corrected In
                  Product                              Release
            Certified Asterisk                      1.8.11-cert2
           Asterisk Open Source                   1.8.12.1, 10.4.1

                                      Patches
                               SVN URL                                    Revision
http://downloads.asterisk.org/pu ... 07-1.8.11-cert.diff v1.8.11-cert
http://downloads.asterisk.org/pub/security/AST-2012-007-1.8.diff         v1.8
http://downloads.asterisk.org/pub/security/AST-2012-007-10.diff          v10

      Links     https://issues.asterisk.org/jira/browse/ASTERISK-19597

   Asterisk Project Security Advisories are posted at
   http://www.asterisk.org/security

   This document may be superseded by later versions; if so, the latest
   version will be posted at
   http://downloads.digium.com/pub/security/AST-2012-007.pdf and
   http://downloads.digium.com/pub/security/AST-2012-007.html

                               Revision History
         Date                  Editor                 Revisions Made
   05/29/2012         Richard Mudgett           Initial release.

              Asterisk Project Security Advisory - AST-2012-007
             Copyright (c) 2012 Digium, Inc. All Rights Reserved.
Permission is hereby granted to distribute and publish this advisory in its
                          original, unaltered form.

ckleea

Asterisk Project Security Advisory - AST-2012-008

         Product         Asterisk
         Summary         Skinny Channel Driver Remote Crash Vulnerability
    Nature of Advisory   Denial of Service
      Susceptibility     Remote authenticated sessions
         Severity        Minor
      Exploits Known     No
       Reported On       May 22, 2012
       Reported By       Christoph Hebeisen
        Posted On        May 29, 2012
     Last Updated On     May 29, 2012
     Advisory Contact    Matt Jordan < mjordan AT digium DOT com >
         CVE Name        CVE-2012-2948

   Description  As reported by Telus Labs:

                "A Null-pointer dereference has been identified in the SCCP
                (Skinny) channel driver of Asterisk. When an SCCP client
                closes its connection to the server, a pointer in a
                structure is set to Null. If the client was not in the
                on-hook state at the time the connection was closed, this
                pointer is later dereferenced.

                A remote attacker with a valid SCCP ID can can use this
                vulnerability by closing a connection to the Asterisk
                server in certain call states (e.g. "Off hook") to crash
                the server. Successful exploitation of this vulnerability
                would result in termination of the server, causing denial
                of service to legitimate users."

   Resolution  The pointer to the device in the structure is now checked
               before it is dereferenced in the channel event callbacks and
               message handling functions.

                              Affected Versions
               Product              Release Series
        Asterisk Open Source            1.8.x       All Versions
        Asterisk Open Source             10.x       All Versions
         Certified Asterisk          1.8.11-cert    1.8.11-cert1

                                 Corrected In
                  Product                              Release
           Asterisk Open Source                   1.8.12.1, 10.4.1
            Certified Asterisk                      1.8.11-cert2

                                      Patches
                               SVN URL                                    Revision
http://downloads.asterisk.org/pub/security/AST-2012-008-1.8.diff         v1.8
http://downloads.asterisk.org/pub/security/AST-2012-008-10.diff          v10
http://downloads.asterisk.org/pu ... 08-1.8.11-cert.diff v1.8.11-cert

      Links     https://issues.asterisk.org/jira/browse/ASTERISK-19905

   Asterisk Project Security Advisories are posted at
   http://www.asterisk.org/security

   This document may be superseded by later versions; if so, the latest
   version will be posted at
   http://downloads.digium.com/pub/security/AST-2012-008.pdf and
   http://downloads.digium.com/pub/security/AST-2012-008.html

                               Revision History
         Date                  Editor                 Revisions Made
   05/25/2012         Matt Jordan               Initial Release

              Asterisk Project Security Advisory - AST-2012-008
             Copyright (c) 2012 Digium, Inc. All Rights Reserved.
Permission is hereby granted to distribute and publish this advisory in its
                          original, unaltered form.

ckleea

The Asterisk Development Team has announced the release of Asterisk 1.8.12.2.
This release is available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk

The release of Asterisk 1.8.12.2 resolves an issue reported by the
community and would have not been possible without your participation.
Thank you!

The following is the issue resolved in this release:

* --- Resolve crash in subscribing for MWI notifications
(Closes issue ASTERISK-19827. Reported by B. R)

For a full list of changes in this release, please see the ChangeLog:

http://downloads.asterisk.org/pu ... /ChangeLog-1.8.12.2

Thank you for your continued support of Asterisk!

ckleea

The Asterisk Development Team has announced the release of Asterisk 10.4.2.
This release is available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk

The release of Asterisk 10.4.2 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!

The following are the issues resolved in this release:

* --- Resolve crash in subscribing for MWI notifications
(Closes issue ASTERISK-19827. Reported by B. R)

* --- Fix crash in ConfBridge when user announcement is played for
     more than 2 users
(Closes issue ASTERISK-19899. Reported by Florian Gilcher)

For a full list of changes in this release, please see the ChangeLog:

http://downloads.asterisk.org/pu ... sk/ChangeLog-10.4.2

Thank you for your continued support of Asterisk!

ckleea

The Asterisk Development Team has announced the release of Asterisk 1.8.13.0.
This release is available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk

The release of Asterisk 1.8.13.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!

The following is a sample of the issues resolved in this release:

* --- Turn off warning message when bind address is set to any.
(Closes issue ASTERISK-19456. Reported by Michael L. Young)

* --- Prevent overflow in calculation in ast_tvdiff_ms on 32-bit
     machines
(Closes issue ASTERISK-19727. Reported by Ben Klang)

* --- Make DAHDISendCallreroutingFacility wait 5 seconds for a reply
     before disconnecting the call.
(Closes issue ASTERISK-19708. Reported by mehdi Shirazi)

* --- Fix recalled party B feature flags for a failed DTMF atxfer.
(Closes issue ASTERISK-19383. Reported by lgfsantos)

* --- Fix DTMF atxfer running h exten after the wrong bridge ends.
(Closes issue ASTERISK-19717. Reported by Mario)

For a full list of changes in this release, please see the ChangeLog:

http://downloads.asterisk.org/pu ... /ChangeLog-1.8.13.0

Thank you for your continued support of Asterisk!

ckleea

The Asterisk Development Team has announced the release of Asterisk 10.5.0.
This release is available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk

The release of Asterisk 10.5.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!

The following is a sample of the issues resolved in this release:

* --- Turn off warning message when bind address is set to any.
(Closes issue ASTERISK-19456. Reported by Michael L. Young)

* --- Prevent overflow in calculation in ast_tvdiff_ms on 32-bit
     machines
(Closes issue ASTERISK-19727. Reported by Ben Klang)

* --- Make DAHDISendCallreroutingFacility wait 5 seconds for a reply
     before disconnecting the call.
(Closes issue ASTERISK-19708. Reported by mehdi Shirazi)

* --- Fix recalled party B feature flags for a failed DTMF atxfer.
(Closes issue ASTERISK-19383. Reported by lgfsantos)

* --- Fix DTMF atxfer running h exten after the wrong bridge ends.
(Closes issue ASTERISK-19717. Reported by Mario)

For a full list of changes in this release, please see the ChangeLog:

http://downloads.asterisk.org/pu ... sk/ChangeLog-10.5.0

Thank you for your continued support of Asterisk!

ckleea

The Asterisk Development Team has announced a security release for Asterisk 10.
This security release is released as version 10.5.1.

The release is available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk/releases

The release of Asterisk 10.5.1 resolves the following issue:

* A remotely exploitable crash vulnerability was found in the Skinny (SCCP)
Channel driver. When an SCCP client sends an Off Hook message, followed by
a Key Pad Button Message, a structure that was previously set to NULL is
dereferenced.  This allows remote authenticated connections the ability to
cause a crash in the server, denying services to legitimate users.

This issue and its resolution is described in the security advisory.

For more information about the details of this vulnerability, please read
security advisory AST-2012-009, which was released at the same time as this
announcement.

For a full list of changes in the current releases, please see the ChangeLog:

http://downloads.asterisk.org/pu ... es/ChangeLog-10.5.1

The security advisory is available at:

* http://downloads.asterisk.org/pub/security/AST-2012-009.pdf

Thank you for your continued support of Asterisk!

ckleea

Asterisk Project Security Advisory - AST-2012-009

         Product         Asterisk
         Summary         Skinny Channel Driver Remote Crash Vulnerability
    Nature of Advisory   Denial of Service
      Susceptibility     Remote authenticated sessions
         Severity        Minor
      Exploits Known     No
       Reported On       May 30, 2012
       Reported By       Christoph Hebeisen, TELUS Security Labs
        Posted On        June 14, 2012
     Last Updated On     June 14, 2012
     Advisory Contact    Matt Jordan < mjordan AT digium DOT com >
         CVE Name        CVE-2012-3553

   Description  AST-2012-008 previously dealt with a denial of service
                attack exploitable in the Skinny channel driver that
                occurred when certain messages are sent after a previously
                registered station sends an Off Hook message. Unresolved in
                that patch is an issue in the Asterisk 10 releases,
                wherein, if a Station Key Pad Button Message is processed
                after an Off Hook message, the channel driver will
                inappropriately dereference a Null pointer.

                Similar to AST-2012-008, a remote attacker with a valid
                SCCP ID can can use this vulnerability by closing a
                connection to the Asterisk server when a station is in the
                "Off Hook" call state and crash the server.

   Resolution  The presence of a device for a line is now checked in the
               appropriate channel callbacks, preventing the crash.

                              Affected Versions
               Product              Release Series
        Asterisk Open Source             10.x       All Versions

                                 Corrected In
                    Product                              Release
              Asterisk Open Source                        10.5.1

                                   Patches
                              SVN URL                              Revision
  http://downloads.asterisk.org/pub/security/AST-2012-009-10.diff v10

      Links     https://issues.asterisk.org/jira/browse/ASTERISK-19905

   Asterisk Project Security Advisories are posted at
   http://www.asterisk.org/security

   This document may be superseded by later versions; if so, the latest
   version will be posted at
   http://downloads.digium.com/pub/security/AST-2012-009.pdf and
   http://downloads.digium.com/pub/security/AST-2012-009.html

                               Revision History
         Date                  Editor                 Revisions Made
   06/14/2012         Matt Jordan               Initial Release

              Asterisk Project Security Advisory - AST-2012-009
             Copyright (c) 2012 Digium, Inc. All Rights Reserved.
Permission is hereby granted to distribute and publish this advisory in its
                          original, unaltered form.

ckleea

The Asterisk Development Team has announced security releases for Certified
Asterisk 1.8.11 and Asterisk 1.8 and 10. The available security releases are
released as versions 1.8.11-cert4, 1.8.13.1, 10.5.2, and 10.5.2-digiumphones.

These releases are available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk/releases

The release of Asterisk 1.8.11-cert4, 1.8.13.1, 10.5.2, and 10.5.2-digiumphones
resolve the following two issues:

* If Asterisk sends a re-invite and an endpoint responds to the re-invite with
  a provisional response but never sends a final response, then the SIP dialog
  structure is never freed and the RTP ports for the call are never released. If
  an attacker has the ability to place a call, they could create a denial of
  service by using all available RTP ports.

* If a single voicemail account is manipulated by two parties simultaneously,
  a condition can occur where memory is freed twice causing a crash.

These issues and their resolution are described in the security advisories.

For more information about the details of these vulnerabilities, please read
security advisories AST-2012-010 and AST-2012-011, which were released at the
same time as this announcement.

For a full list of changes in the current releases, please see the ChangeLogs:

http://downloads.asterisk.org/pu ... ngeLog-1.8.11-cert4
http://downloads.asterisk.org/pu ... /ChangeLog-1.8.13.1
http://downloads.asterisk.org/pu ... es/ChangeLog-10.5.2
http://downloads.asterisk.org/pu ... 10.5.2-digiumphones

The security advisories are available at:

* http://downloads.asterisk.org/pub/security/AST-2012-010.pdf
* http://downloads.asterisk.org/pub/security/AST-2012-011.pdf

Thank you for your continued support of Asterisk!

ckleea

Asterisk Project Security Advisory - AST-2012-010

         Product        Asterisk
         Summary        Possible resource leak on uncompleted re-invite
                        transactions
    Nature of Advisory  Denial of Service
      Susceptibility    Remote authenticated sessions
         Severity       Minor
      Exploits Known    No
       Reported On      June 13, 2012
       Reported By      Steve Davies
        Posted On       July 5, 2012
     Last Updated On    July 5, 2012
     Advisory Contact   Terry Wilson <twilson@digium.com>
         CVE Name       TBD

    Description  If Asterisk sends a re-invite and an endpoint responds to
                 the re-invite with a provisional response but never sends a
                 final response, then the SIP dialog structure is never
                 freed and the RTP ports for the call are never released. If
                 an attacker has the ability to place a call, they could
                 create a denial of service by using all available RTP
                 ports.

    Resolution  A re-invite that receives a provisional response without a
                final response is detected and properly cleaned up at
                hangup.

                               Affected Versions
                Product                Release Series
         Asterisk Open Source               1.8.x         All versions
         Asterisk Open Source               10.x          All versions
       Asterisk Business Edition            C.3.x         All versions
          Certified Asterisk            1.8.11-certx      All versions
         Asterisk Digiumphones       10.x.x-digiumphones  All versions

                                  Corrected In
                   Product                              Release
             Asterisk Open Source                   1.8.13.1, 10.5.2
          Asterisk Business Edition                     C.3.7.5
              Certified Asterisk                      1.8.11-cert4
            Asterisk Digiumphones                 10.5.2-digiumphones

                                    Patches
                                 URL                                Revision
   http://downloads.asterisk.org/pub/security/AST-2012-010-1.8.diff Asterisk
                                                                    1.8
   http://downloads.asterisk.org/pub/security/AST-2012-010-10.diff  Asterisk
                                                                    10

       Links     https://issues.asterisk.org/jira/browse/ASTERISK-19992

    Asterisk Project Security Advisories are posted at
    http://www.asterisk.org/security

    This document may be superseded by later versions; if so, the latest
    version will be posted at
    http://downloads.digium.com/pub/security/AST-2012-010.pdf and
    http://downloads.digium.com/pub/security/AST-2012-010.html

                                Revision History
          Date                  Editor                 Revisions Made
    06/27/2012         Terry Wilson              Initial Release

               Asterisk Project Security Advisory - AST-2012-010
              Copyright (c) 2012 Digium, Inc. All Rights Reserved.
  Permission is hereby granted to distribute and publish this advisory in its
                           original, unaltered form.

ckleea

Asterisk Project Security Advisory - AST-2012-011

         Product        Asterisk
         Summary        Remote crash vulnerability in voice mail application
    Nature of Advisory  Denial of Service
      Susceptibility    Remote authenticated sessions
         Severity       Moderate
      Exploits Known    No
       Reported On      June 13, 2012
       Reported By      Nicolas Bouliane - Avencall Security Labs
        Posted On       June 27, 2012
     Last Updated On    July 5, 2012
     Advisory Contact   Kinsey Moore <kmoore@digium.com>
         CVE Name       CVE-2012-3812

    Description  If a single voicemail account is manipulated by two parties
                 simultaneously, a condition can occur where memory is freed
                 twice causing a crash.

    Resolution  Management of the memory in question has been reworked so
                that double frees and out of bounds array access do not
                occur. Upgrade to the latest release.

                               Affected Versions
              Product              Release Series
       Asterisk Open Source             1.8.x         1.8.11 and newer
       Asterisk Open Source             10.x          10.3 and newer
        Certified Asterisk          1.8.11-certx      All versions
       Asterisk Digiumphones     10.x.x-digiumphones  All versions

                                  Corrected In
                  Product                              Release
            Asterisk Open Source                   1.8.13.1, 10.5.2
             Certified Asterisk                      1.8.11-cert4
           Asterisk Digiumphones                 10.5.2-digiumphones

                                      Patches
                                 URL                                  Revision
   http://downloads.asterisk.org/pub/security/AST-2012-011-1.8.diff Asterisk
                                                                    1.8,
                                                                    Certified
                                                                    Asterisk
   http://downloads.asterisk.org/pub/security/AST-2012-011-10.diff  Asterisk 10,
                                                                    Asterisk
                                                                    Digiumphones

       Links     https://issues.asterisk.org/jira/browse/ASTERISK-20052

    Asterisk Project Security Advisories are posted at
    http://www.asterisk.org/security

    This document may be superseded by later versions; if so, the latest
    version will be posted at
    http://downloads.digium.com/pub/security/AST-2012-011.pdf and
    http://downloads.digium.com/pub/security/AST-2012-011.html

                                Revision History
          Date                  Editor                 Revisions Made
    06/27/2012         Kinsey Moore              Initial Release

               Asterisk Project Security Advisory - AST-2012-011
              Copyright (c) 2012 Digium, Inc. All Rights Reserved.
  Permission is hereby granted to distribute and publish this advisory in its
                           original, unaltered form.