Asterisk is a hybrid TDM and packet voice PBX (Private Branch eXchange) and IVR platform with ACD functionality. It acts as middleware between the Internet (IAX, SIP, MGCP, Skinny, H.323), telephony channels (like Zaptel, T1, PRI, E1, FXO, FXS, VoIP, VoFR, ISDN, modems, Internet Phone Jack, etc.), and applications (like voice-mail, conferencing, directories, MP3 players, intercoms, etc.). It has many advanced features such as a codec translation API. The base distribution includes several channel backends, as well as applications. However, the beauty of Asterisk is its ability to be extended using its APIs, dynamic module loader, and AGI scripting interface. End users can even write their own applications that run on the system in C or any scripting language of their choice.
Diese Version enthält zahlreiche Bugfixes. Einer von ihnen ist für ein Sicherheitsproblem in chan_sip. Das Problem ist, dass SIP-Dialog Geschichte der Erinnerung werden unabhängig davon, ob die Option gespeichert hierfür war ein-oder ausgeschaltet. Dies könnte dazu missbraucht werden, ein System mit chan_sip um über genügend Arbeitsspeicher ausgeführt verursachen.
Minor security fixes, Current
This version contains numerous bugfixes. One of these is for a security issue in chan_sip. The issue is that SIP dialog history was being stored in memory regardless of whether the option for this was turned on or off. This could be abused to cause a system using chan_sip to run out of memory.