Bug#651552: CVE-2011-4598: DoS
Tzafrir Cohen
tzafrir.cohen at xorcom.com
Mon Dec 19 21:55:27 UTC 2011
For the record (regarding the SIP nat issue alone):
Asterisk 1.6.22 was just released:
The release of Asterisk 1.6.2.22 corrects two flaws in sip.conf.sample
related to AST-2011-013:
* The sample file listed *two* values for the 'nat' option as being
the default. Only 'yes' is the default.
* The warning about having differing 'nat' settings confusingly
referred to both peers and users.
That said, I hope that what I wrote on README.Debian was clear enough,
regardless of the slightly confusing config file. Their warning was
completly reworded.
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.cohen at xorcom.com
+972-50-7952406 mailto:tzafrir.cohen at xorcom.com
http://www.xorcom.com iax:guest at local.xorcom.com/tzafrir
More information about the Pkg-voip-maintainers
mailing list