Posted by Asterisk Development Team on Dec 19
The earlier announcement should not have had any User or Upgrade notes.
The Asterisk Development Team would like to announce security release
The release artifacts are available for immediate download athttps://github.com/asterisk/asterisk/releases/tag/21.0.1 https://downloads.asterisk.org/pub/telephony/asterisk
The following security advisories were resolved in this release:
Posted by Asterisk Development Team on Dec 19
The earlier release announcement should NOT have had any User or Upgrade
The Asterisk Development Team would like to announce security release
The release artifacts are available for immediate download athttps://github.com/asterisk/asterisk/releases/tag/certified-18.9-cert6 https://downloads.asterisk.org/pub/telephony/certified-asterisk
The following security advisories were resolved in this release:…
Posted by Sandro Gauci on Dec 19
# RTPEngine susceptible to Denial of Service via DTLS Hello packets during call initiation
– Fixed versions: mr12.1.1.2, mr12.0.1.3, mr11.5.1.16, mr10.5.6.3, mr10.5.6.2https://github.com/EnableSecurity/advisories/tree/master/ES2023-03-rtpengine-dtls-hello-race https://github.com/sipwise/rtpengine/commit/e969a79428ac4a15cdf1c0a1c6f266dbdc7e60b6
Posted by Sandro Gauci on Dec 19
# Asterisk susceptible to Denial of Service via DTLS Hello packets during call initiation
– Fixed versions: 18.20.1, 20.5.1, 21.0.1,18.9-cert6https://github.com/EnableSecurity/advisories/tree/master/ES2023-01-asterisk-dtls-hello-race https://github.com/asterisk/asterisk/security/advisories/GHSA-hxj9-xwr8-w8pq
Posted by Egidio Romano on Dec 19
———————————————————————————
[-] Software Links:
https://pkp.sfu.ca https://github.com/pkp/pkp-lib
[-] Affected Versions:
PKP Web Application Library (aka PKP-WAL or pkp-lib) version 3.4.0-3
Posted by SBA – Advisory via Fulldisclosure on Dec 19
# MOKOSmart MKGW1 Gateway Improper Session Management #
Link: https://github.com/sbaresearch/advisories/tree/public/2022/SBA-ADV-20220120-01_MOKOSmart_MKGW1_Gateway_Improper_Session_Management
## Vulnerability Overview ##
MOKOSmart MKGW1 Gateway devices with firmware version 1.1.1 or below do
Posted by Apple Product Security via Fulldisclosure on Dec 19
APPLE-SA-12-19-2023-1 macOS Sonoma 14.2.1
macOS Sonoma 14.2.1 addresses the following issues.https://support.apple.com/kb/HT214048 .
Apple maintains a Security Updates page athttps://support.apple.com/HT201222 which lists recent
WindowServer
Posted by Balgogan via Fulldisclosure on Dec 19
**Introduction**
MajorDoMo, a beacon in Russian home automation and particularly favored by Raspberry Pi aficionados, has been a trusted https://github.com/sergejey/majordomo ), its popularity is evident. However, lurking within its `thumb.php` module is a
FEDORA-EPEL-2023-4138b387a7
Packages in this update:
php-adodb-5.22.7-1.el8
Update description:
5.22.7, fix for CVE-2021-3850
FEDORA-EPEL-2023-2ff4055b33
Packages in this update:
php-Smarty-3.1.48-2.el7
Update description:
Fixed Cross site scripting vulnerability in Javascript escaping. This addresses CVE-2023-28447
Posts navigation
News, Advisories and much more
