I’m back, with an update from the AA50 software front. This time, it’s just a minor bug-fix update, release 220.127.116.11, that’s now available for download on the BE portal:
What are the changes?
We’ve implemented fixes to cover three security advisories:
AST-2008-002 – Two buffer overflows in RTP Codec Payload Handling
AST-2008-003 – Unauthenticated calls allowed from SIP channel driver
AST-2008-005 – HTTP Manager ID is predictable
- Changed the Bandwidth.com IP address, so setup of the provider via the GUI handles their recent change in IP.
- Fixed a uninitialized variable bug in the DTMF generation that would occasionally corrupt tone generation.
- Changed the behavior of the WAN-side Polycom provisioning so that, when WAN-side provisioning is enabled, the LAN-side DHCP server continues to operate
- The DTMF Mode on the Users tab in the GUI is now a drop-down box
- And , we fixed a bug where the ‘disallow all’ checkbox on the VoIP Providers menu disallowed all codecs, even when some were allowed
So, nothing too fancy on the new features front, but three important security fixes.