Hello,
Kamailio SIP Server v5.1.5 stable release is out.
This is a maintenance release of the latest stable branch, 5.1, that
includes fixes since the release of v5.1.4. There is no change to
database schema or configuration language structure that you have to do
on previous installations of v5.1.x. Deployments running previous v5.1.x
versions are strongly recommended to be upgraded to v5.1.5.
For more details about version 5.1.5 (including links and guidelines to
download the tarball or from GIT repository), visit:
* https://www.kamailio.org/w/2018/08/kamailio-v5-1-5-released/
RPM, Debian/Ubuntu packages will be available soon as well.
Many thanks to all contributing and using Kamailio!
Reference: CVE-2018-14767
We strongly advise you to update your Kamailio installation to the
latest stable release for security reasons.
All supported releases (5.0. and 5.1) contains an important security fix
in the Kamailio core related to the handling of “To” headers.
The issues were fixed before the 5.0.7, and 5.1.4 releases in the
respective stable branches. So if you are already running the 5.0.7 or
5.1.4 release then you have already the fixes deployed.
For more details, please see the post on kamailio.org:
https://www.kamailio.org/w/2018/07/kamailio-security-announcement-for-kamai…
Please address any detailed technical questions related to the two bugs
to the developer list at sr-dev(a)lists.kamailio.org.
For questions about the configuration workarounds please contact the
user list at sr-users(a)lists.kamailio.org.
In case of confidential remarks related to this or other security
issues, please address them to the Kamailio Management team.
