lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <c2a922c0-5487-4f99-8076-6c2208688475@sangoma.com>
Date: Fri, 07 Jul 2023 19:01:15 +0000
From: Asterisk Development Team via Fulldisclosure
 <fulldisclosure@...lists.org>
To: asterisk-dev@...ts.digium.com, asterisk-users@...ts.digium.com,
 asterisk-announce@...ts.digium.com, asterisk-security@...ts.digium.com,
 bugtraq@...urityfocus.com, voipsec@...psa.org,
 fulldisclosure@...lists.org, asterisk+news@...coursemail.com
Cc: Asterisk Development Team <asteriskteamsa@...goma.com>
Subject: [FD] Asterisk Release 16.30.1

The Asterisk Development Team would like to announce security release  
Asterisk 16.30.1.

The release artifacts are available for immediate download at  
https://github.com/asterisk/asterisk/releases/tag/16.30.1
and
https://downloads.asterisk.org/pub/telephony/asterisk

The following security advisories were resolved in this release:
https://github.com/asterisk/asterisk/security/advisories/GHSA-4xjp-22g4-9fxm


Change Log for Release 16.30.1
========================================

Links:
----------------------------------------

 - [Full ChangeLog](https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-16.30.1.md)  
 - [GitHub Diff](https://github.com/asterisk/asterisk/compare/16.30.0...16.30.1)  
 - [Tarball](https://downloads.asterisk.org/pub/telephony/asterisk/asterisk-16.30.1.tar.gz)  
 - [Downloads](https://downloads.asterisk.org/pub/telephony/asterisk)  

Summary:
----------------------------------------

- apply_patches: Use globbing instead of file/sort.
- bundled_pjproject: Backport 2 SSL patches from upstream
- bundled_pjproject: Backport security fixes from pjproject 2.13.1
- apply_patches: Sort patch list before applying

User Notes:
----------------------------------------


Upgrade Notes:
----------------------------------------


Closed Issues:
----------------------------------------

  - #188: [improvement]:  pjsip: Upgrade bundled version to pjproject 2.13.1 #187 
  - #193: [bug]: third-party/apply-patches doesn't sort the patch file list before applying
  - #194: [bug]: Segfault/double-free in bundled pjproject using TLS transport
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/

Powered by blists - more mailing lists