Security Advisories

Stay up to date with the latest security advisories for the
Asterisk Project.

AST-2015-001: File descriptor leak when incompatible codecs are offered

January 28, 2015

http://downloads.asterisk.org/pub/security/AST-2015-001.pdf

https://downloads.asterisk.org/pub/security/AST-2015-001.pdf

AST-2014-019: Remote Crash Vulnerability in WebSocket Server

December 10, 2014

http://downloads.asterisk.org/pub/security/AST-2014-019.pdf

https://downloads.asterisk.org/pub/security/AST-2014-019.pdf

AST-2014-018: AMI permission escalation through DB dialplan function

November 20, 2014

http://downloads.asterisk.org/pub/security/AST-2014-018.pdf

https://downloads.asterisk.org/pub/security/AST-2014-018.pdf

AST-2014-017: Permission escalation through ConfBridge actions/dialplan functions

November 20, 2014

http://downloads.asterisk.org/pub/security/AST-2014-017.pdf

https://downloads.asterisk.org/pub/security/AST-2014-017.pdf

AST-2014-016: Remote crash vulnerability in PJSIP channel driver

November 20, 2014

http://downloads.asterisk.org/pub/security/AST-2014-016.pdf

https://downloads.asterisk.org/pub/security/AST-2014-016.pdf