[Kamailio-announce] Kamailio security announcement for Kamailio core

Fred Posner fred at palner.com
Thu Aug 9 14:41:55 CEST 2018

Reference: CVE-2018-14767

We strongly advise you to update your Kamailio installation to the 
latest stable release for security reasons.

All supported releases (5.0. and 5.1) contains an important security fix 
in the Kamailio core related to the handling of “To” headers.

The issues were fixed before the 5.0.7, and 5.1.4 releases in the 
respective stable branches. So if you are already running the 5.0.7 or 
5.1.4 release then you have already the fixes deployed.

For more details, please see the post on kamailio.org:

Please address any detailed technical questions related to the two bugs 
to the developer list at sr-dev at lists.kamailio.org.

For questions about the configuration workarounds please contact the 
user list at sr-users at lists.kamailio.org.

In case of confidential remarks related to this or other security 
issues, please address them to the Kamailio Management team.

More information about the kamailio-announce mailing list