October 28, 2009, 7:34 pm
531199 - asterisk: ACL not respected on SIP INVITE (AST-2009-007)
* Tue Oct 27 2009 Jeffrey C. Ollie - 18.104.22.168-1 - Update to 22.214.171.124 to fix bug 531199: - - http://downloads.asterisk.org/pub/security/AST-2009-007.html - - A missing ACL check for handling SIP INVITEs allows a device to make - calls on networks intended to be prohibited as defined by the "deny" - and "permit" lines in sip.conf. The ACL check for handling SIP - registrations was not affected. Other bugs were handled by previous updates, including them here so that bodhi will close them out...