Log in
Asterisk Release certified-22.8-cert2
The Asterisk Development Team would like to announce
the release of Certified asterisk-22.8-cert2.
The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/certified-22.8-cert2
and
https://downloads.asterisk.org/pub/telephony/certified-asterisk
Repository: https://github.com/asterisk/asterisk
Tag: certified-22.8-cert2
This release resolves issues reported by the community
and would have not been possible without your participation.
Thank You!
Change Log for Release asterisk-certified-22.8-cert2
Links:
Summary:
- Commits: 1
- Commit Authors: 1
- Issues Resolved: 1
- Security Advisories Resolved: 0
User Notes:
Upgrade Notes:
Developer Notes:
Commit Authors:
- Mike Bradeen: (1)
Issue and Commit Detail:
Closed Issues:
- 1833: [bug]: Address security vulnerabilities in pjproject
Commits By Author:
-
Mike Bradeen (1):
- res_pjsip: Address pjproject security vulnerabilities
Commit List:
- res_pjsip: Address pjproject security vulnerabilities
Commit Details:
res_pjsip: Address pjproject security vulnerabilities
Author: Mike Bradeen
Date: 2026-03-25
Address the following pjproject security vulnerabilities
GHSA-j29p-pvh2-pvqp - Buffer overflow in ICE with long username
GHSA-8fj4-fv9f-hjpc - Heap use-after-free in PJSIP presense subscription termination header
GHSA-g88q-c2hm-q7p7 - ICE session use-after-free race conditions
GHSA-x5pq-qrp4-fmrj - Out-of-bounds read in SIP multipart parsing
Resolves: #1833
