Asterisk Security Release 18.20.1 Now Available

The Asterisk Development Team would like to announce security release
Asterisk 18.20.1.

The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/18.20.1
and
https://downloads.asterisk.org/pub/telephony/asterisk

The following security advisories were resolved in this release:

Change Log for Release asterisk-18.20.1

Links:

Summary:

  • res_pjsip_header_funcs: Duplicate new header value, don’t copy.
  • res_pjsip: disable raw bad packet logging
  • res_rtp_asterisk.c: Check DTLS packets against ICE candidate list
  • manager.c: Prevent path traversal with GetConfig.

What can we help you find?