Asterisk certified/18.9-cert3 Now Available (Security Release)

The Asterisk Development Team would like to announce the release of Asterisk certified/18.9-cert3.
This release is available for immediate download at
The release of Asterisk certified/18.9-cert3 resolves issues reported by the
community and would have not been possible without your participation.Thank you!

The following issue is resolved in this release:

Bugs fixed in this release:

[ASTERISK-30103] chan_ooh323 vulnerability in calling/called party IE (Reported By: Michael Bradeen)

[ASTERISK-30176] GetConfig can read files outside of Asterisk (Reported By: shawty)

[ASTERISK-30244] Occasional crash when TCP/TLS connection terminated and subscription persistence is removed (Reported By: nappsoft)

[ASTERISK-30338] Backport 2.13 security fixes from pjproject

For a full list of changes in this release, please see the ChangeLog:

Thank you for your continued support of Asterisk!

What can we help you find?