TEAMFORREST

Digium, the makers of Asterisk, announced today a new release of the Asterisk Telephony Software. The updated software contains a security release affecting all previously released versions of the software. It is recommended that you make sure you have upgraded to the most current version of this software; available for free from Digium.

The announcement issued follows:

The Asterisk.org development team has announced the release of Asterisk 1.2.31.1, 1.4.22.2, 1.4.23.1, and 1.6.0.5. These releases are available for immediate download from http://downloads.digium.com/.

This update for Asterisk includes a security fix for chan_iax2. Please see the associated security adivisory for more details:

http://downloads.digium.com/pub/security/AST-2009-001.html

These updates are a fix to a previous security release (released as versions 1.2.31, 1.4.22.1, and 1.6.0.3).

The new versions are being released after additional testing revealed some issues with the way that scanning for users was blocked. Those issues have been corrected in this release.

This security issue affects the 1.2, 1.4, and 1.6 series of Asterisk.

Also note, that Asterisk 1.6.0.4-rc1 was released yesterday prior to the security update. That release has been removed as there will be no 1.6.0.4 release, but rather will be reincarnated as 1.6.0.6-rc1. The reason for the dead release is to avoid 5 digit release numbers.

ChangeLogs for the various releases are available at:

http://downloads.digium.com/pub/asterisk/ChangeLog-1.2.31.1

http://downloads.digium.com/pub/asterisk/ChangeLog-1.4.22.2

http://downloads.digium.com/pub/asterisk/ChangeLog-1.4.23.1

http://downloads.digium.com/pub/asterisk/ChangeLog-1.6.0.5

Thank you for your continued support of Asterisk!

If you would like assistance with upgrading your software, or simply would like us to verify which version you are using, please contact Team Forrest today. We will be glad to assist you.