Category Archives: Advisories

Asterisk Security Release 21.4.3

Read Time:22 Second

Posted by Asterisk Development Team via Fulldisclosure on Sep 05

The Asterisk Development Team would like to announce security release
Asterisk 21.4.3.

The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/21.4.3
and
https://downloads.asterisk.org/pub/telephony/asterisk

Repository: https://github.com/asterisk/asterisk
Tag: 21.4.3

## Change Log for Release asterisk-21.4.3

### Links:

– [Full ChangeLog](…

Read More

Asterisk Security Release 20.9.3

Read Time:22 Second

Posted by Asterisk Development Team via Fulldisclosure on Sep 05

The Asterisk Development Team would like to announce security release
Asterisk 20.9.3.

The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/20.9.3
and
https://downloads.asterisk.org/pub/telephony/asterisk

Repository: https://github.com/asterisk/asterisk
Tag: 20.9.3

## Change Log for Release asterisk-20.9.3

### Links:

– [Full ChangeLog](…

Read More

Asterisk Security Release 18.24.3

Read Time:22 Second

Posted by Asterisk Development Team via Fulldisclosure on Sep 05

The Asterisk Development Team would like to announce security release
Asterisk 18.24.3.

The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/18.24.3
and
https://downloads.asterisk.org/pub/telephony/asterisk

Repository: https://github.com/asterisk/asterisk
Tag: 18.24.3

## Change Log for Release asterisk-18.24.3

### Links:

– [Full ChangeLog](…

Read More

clamav-1.0.7-1.fc39

Read Time:25 Second

FEDORA-2024-05d7ee197e

Packages in this update:

clamav-1.0.7-1.fc39

Update description:

Update to 1.0.7

CVE-2024-20506: Changed the logging module to disable following symlinks on Linux and Unix systems so as to prevent an attacker with existing access to the ‘clamd’ or ‘freshclam’ services from using a symlink to corrupt system files.
CVE-2024-20505: Fixed a possible out-of-bounds read bug in the PDF file parser that could cause a denial-of-service (DoS) condition.

Read More

USN-6994-1: Netty vulnerabilities

Read Time:18 Second

It was discovered that Netty did not properly sanitize its input
parameters. A remote attacker could possibly use this issue to cause a
crash. (CVE-2023-34462)

It was discovered that Netty incorrectly handled request cancellation. A
remote attacker could possibly use this issue to cause Netty to consume
resources, leading to a denial of service. (CVE-2023-44487)

Read More