The Asterisk Development Team would like to announce security releases
Asterisk 18.26.4 and Certified Asterisk certified-18.9-cert17.
The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/18.26.4
https://github.com/asterisk/asterisk/releases/tag/certified-18.9-cert17
and
https://downloads.asterisk.org/pub/telephony/asterisk
https://downloads.asterisk.org/pub/telephony/certified-asterisk
Repository: https://github.com/asterisk/asterisk
Tags: 18.26.4 , certified-18.9-cert17
Change Log for Release asterisk-18.26.4 and certified-asterisk-18.9-cert17
Links:
Summary:
- Commits: 1
- Commit Authors: 1
- Issues Resolved: 0
- Security Advisories Resolved: 1
- GHSA-557q-795j-wfx2: Resource exhaustion (DoS) vulnerability: remotely exploitable leak of RTP UDP ports and internal resources
User Notes:
Upgrade Notes:
Developer Notes:
Commit Authors:
- George Joseph: (1)
Issue and Commit Detail:
Closed Issues:
- !GHSA-557q-795j-wfx2: Resource exhaustion (DoS) vulnerability: remotely exploitable leak of RTP UDP ports and internal resources
Commits By Author:
-
George Joseph (1):
- pjproject: Update bundled to 2.15.1.
Commit List:
- pjproject: Update bundled to 2.15.1.
Commit Details:
pjproject: Update bundled to 2.15.1.
Author: George Joseph
Date: 2025-08-25
This resolves a security issue where RTP ports weren’t being released
causing possible resource exhaustion issues.
Resolves: #GHSA-557q-795j-wfx2