Digium AA50, 1.1.0.2 Security and Bugfix Release
Malcolm Davenport March 27th, 2008
Aloha,
I’m back, with an update from the AA50 software front. This time, it’s just a minor bug-fix update, release 1.1.0.2, that’s now available for download on the BE portal:
What are the changes?
We’ve implemented fixes to cover three security advisories:
AST-2008-002 - Two buffer overflows in RTP Codec Payload Handling
AST-2008-003 - Unauthenticated calls allowed from SIP channel driver
AST-2008-005 - HTTP Manager ID is predictable
We also:
- Changed the Bandwidth.com IP address, so setup of the provider via the GUI handles their recent change in IP.
- Fixed a uninitialized variable bug in the DTMF generation that would occasionally corrupt tone generation.
- Changed the behavior of the WAN-side Polycom provisioning so that, when WAN-side provisioning is enabled, the LAN-side DHCP server continues to operate
- The DTMF Mode on the Users tab in the GUI is now a drop-down box
- And , we fixed a bug where the ‘disallow all’ checkbox on the VoIP Providers menu disallowed all codecs, even when some were allowed
So, nothing too fancy on the new features front, but three important security fixes.
Cheers.
how can I add a tftp server ?
Howdy,
What are you trying to accomplish that requires a tftp daemon running on the AA50?
Cheers.