Category: Alert Feeds

  Posted by cyber security on Apr 02 A vulnerability was identified in OWASP CRS where whitespace padding in filenames can bypass file upload extension checks, allowing uploads of dangerous files such as .php, .phar, .jsp, and .jspx. This issue has been assigned CVE‑2026‑33691. Impact: Attackers may evade CRS protections and upload web shells disguised … Read More “[CVE-2026-33691] OWASP CRS whitespace padding bypass vulnerability  – Full Disclosure” »

  Posted by Egidio Romano on Apr 02 ————————————————————————— MetInfo CMS <= 8.1 (weixinreply.class.php) PHP Code Injection Vulnerability ————————————————————————— [-] Software Link: https://www.metinfo.cn [-] Affected Versions: Versions 7.9, 8.0, and 8.1. [-] Vulnerability Description: The vulnerable code is located into the… – Read More  – Full Disclosure 

  Posted by Joseph Goydish II via Fulldisclosure on Apr 02 SUMMARY Apple’s Oblivious HTTP relay for Live Caller ID Lookup (iOS 18+) routes traffic through 14 third-party endpoints across six countries. These include an anonymous Delaware LLC sharing data with OpenAI, a Russian endpoint (Yandex), and a Swiss GmbH whose privacy policy names “The … Read More “Apple OHTTP Relay: 14 Third-Party Endpoints, 6 Countries, Zero User Visibility  – Full Disclosure” »

  Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 02 SEC Consult Vulnerability Lab Security Advisory < 20260326-0 > ======================================================================= title: Local Privilege Escalation product: Vienna Assistant (MacOS) – Vienna Symphonic Library  vulnerable version: 1.2.542 fixed version: – CVE number: CVE-2026-24068              impact: high homepage:https://www.vsl.co.at/       … Read More “SEC Consult SA-20260326-0 :: Local Privilege Escalation in Vienna Assistant (MacOS) – Vienna Symphonic Library  – Full Disclosure” »

  Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 02 SEC Consult Vulnerability Lab Security Advisory < 20260401-0 > ======================================================================= title: Broken Access Control             product: Open WebUI  vulnerable version: <v0.8.11       fixed version: v0.8.11 CVE number: CVE-2026-34222              impact: high … Read More “SEC Consult SA-20260401-0 :: Broken Access Control in Open WebUI  – Full Disclosure” »

  Posted by Apple Product Security via Fulldisclosure on Mar 28 APPLE-SA-03-24-2026-1 iOS 26.4 and iPadOS 26.4 iOS 26.4 and iPadOS 26.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/126792. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. 802.1X Available for: … Read More “APPLE-SA-03-24-2026-1 iOS 26.4 and iPadOS 26.4  – Full Disclosure” »

  Posted by Apple Product Security via Fulldisclosure on Mar 28 APPLE-SA-03-24-2026-2 iOS 18.7.7 and iPadOS 18.7.7 iOS 18.7.7 and iPadOS 18.7.7 addresses the following issues. Information about the security content is also available at https://support.apple.com/126793. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. 802.1X Available for: … Read More “APPLE-SA-03-24-2026-2 iOS 18.7.7 and iPadOS 18.7.7  – Full Disclosure” »

  Posted by Apple Product Security via Fulldisclosure on Mar 28 APPLE-SA-03-24-2026-3 macOS Tahoe 26.4 macOS Tahoe 26.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/126794. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. 802.1X Available for: macOS Tahoe Impact: An … Read More “APPLE-SA-03-24-2026-3 macOS Tahoe 26.4  – Full Disclosure” »

  Posted by Apple Product Security via Fulldisclosure on Mar 28 APPLE-SA-03-24-2026-4 macOS Sequoia 15.7.5 macOS Sequoia 15.7.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/126795. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. 802.1X Available for: macOS Sequoia Impact: An … Read More “APPLE-SA-03-24-2026-4 macOS Sequoia 15.7.5  – Full Disclosure” »

  Posted by Apple Product Security via Fulldisclosure on Mar 28 APPLE-SA-03-24-2026-5 macOS Sonoma 14.8.5 macOS Sonoma 14.8.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/126796. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. 802.1X Available for: macOS Sonoma Impact: An … Read More “APPLE-SA-03-24-2026-5 macOS Sonoma 14.8.5  – Full Disclosure” »

  Posted by Apple Product Security via Fulldisclosure on Mar 28 APPLE-SA-03-24-2026-6 tvOS 26.4 tvOS 26.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/126797. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. 802.1X Available for: Apple TV HD and Apple TV … Read More “APPLE-SA-03-24-2026-6 tvOS 26.4  – Full Disclosure” »

  Posted by Apple Product Security via Fulldisclosure on Mar 28 APPLE-SA-03-24-2026-7 watchOS 26.4 watchOS 26.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/126798. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. 802.1X Available for: Apple Watch Series 6 and later … Read More “APPLE-SA-03-24-2026-7 watchOS 26.4  – Full Disclosure” »

  Posted by Apple Product Security via Fulldisclosure on Mar 28 APPLE-SA-03-24-2026-8 visionOS 26.4 visionOS 26.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/126799. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. 802.1X Available for: Apple Vision Pro (all models) Impact: … Read More “APPLE-SA-03-24-2026-8 visionOS 26.4  – Full Disclosure” »

  Posted by Apple Product Security via Fulldisclosure on Mar 28 APPLE-SA-03-24-2026-9 Safari 26.4 Safari 26.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/126800. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. WebKit Available for: macOS Sonoma and macOS Sequoia Impact: … Read More “APPLE-SA-03-24-2026-9 Safari 26.4  – Full Disclosure” »

  Posted by Apple Product Security via Fulldisclosure on Mar 28 APPLE-SA-03-24-2026-10 Xcode 26.4 Xcode 26.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/126801. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. otool Available for: macOS Tahoe 26.2 and later Impact: … Read More “APPLE-SA-03-24-2026-10 Xcode 26.4  – Full Disclosure” »

  Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Mar 19 SEC Consult Vulnerability Lab Security Advisory < 20260317-0 > ======================================================================= title: Multiple vulnerabilities           product: PEGA Infinity platform vulnerable version: CVE-2025-62181: Pega Platform versions 7.1.0 through Infinity 25.1.0                     CVE-2025-9559: … Read More “SEC Consult SA-20260317-0 :: Multiple vulnerabilities in PEGA Infinity platform  – Full Disclosure” »

  Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Mar 19 SEC Consult Vulnerability Lab Security Advisory < 20260318-0 > ======================================================================= title: Multiple Privilege Escalation Vulnerabilities product: Arturia Software Center MacOS vulnerable version: 2.12.0.3157 fixed version: – CVE number: CVE-2026-24062, CVE-2026-24063              impact: high homepage:… – Read More  – Full … Read More “SEC Consult SA-20260318-0 :: Multiple Privilege Escalation Vulnerabilities in Arturia Software Center MacOS  – Full Disclosure” »

  Posted by Apple Product Security via Fulldisclosure on Mar 19 APPLE-SA-03-17-2026-1 Background Security Improvements for iOS 26.3.1, iPadOS 26.3.1, macOS 26.3.1, and macOS 26.3.2 Background Security Improvements for iOS 26.3.1, iPadOS 26.3.1, macOS 26.3.1, and macOS 26.3.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/126604. Apple maintains a … Read More “APPLE-SA-03-17-2026-1 Background Security Improvements for iOS 26.3.1, iPadOS 26.3.1, macOS 26.3.1, and macOS 26.3.2  – Full Disclosure” »

  Posted by Qualys Security Advisory via Fulldisclosure on Mar 19 Qualys Security Advisory Good things come to those who wait: snap-confine + systemd-tmpfiles = root (CVE-2026-3888) ======================================================================== Contents ======================================================================== Summary Case study: Ubuntu Desktop 24.04 – Analysis – Exploitation Case study: Ubuntu Desktop 25.10 – Overview – Exploitation A quick note on the uutils … Read More “snap-confine + systemd-tmpfiles = root (CVE-2026-3888)  – Full Disclosure” »

  Posted by Jiqiang Feng via Fulldisclosure on Mar 16 [This is an update to communications sent March 12-14 regarding Alipay security vulnerabilities.] — On March 15, 2026, four WeChat articles documenting security vulnerabilities in Alipay were forcibly deleted from the public account AI-security-innora. The deletion was carried out by Tencent at the request of … Read More “UPDATE: Ant Group Censors 4 Security Research Articles After Initial Complaint Rejection  – Full Disclosure” »

  Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Mar 12 SEC Consult Vulnerability Lab Security Advisory < 20260224-0 > ======================================================================= title: Multiple vulnerabilities             product: CPSD CryptoPro Secure Disk for BitLocker  vulnerable version: 7.6.4.16432 (76212) fixed version: 7.6.6 / 7.7.1 CVE number: CVE-2025-10010           … Read More “SEC Consult SA-20260224-0 :: Multiple vulnerabilities in CPSD CryptoPro Secure Disk for BitLocker (CVE-2025-10010)  – Full Disclosure” »

  Posted by Apple Product Security via Fulldisclosure on Mar 12 APPLE-SA-03-11-2026-1 iOS 16.7.15 and iPadOS 16.7.15 iOS 16.7.15 and iPadOS 16.7.15 addresses the following issues. Information about the security content is also available at https://support.apple.com/126646. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. WebKit Available for: … Read More “APPLE-SA-03-11-2026-1 iOS 16.7.15 and iPadOS 16.7.15  – Full Disclosure” »

  Posted by Apple Product Security via Fulldisclosure on Mar 12 APPLE-SA-03-11-2026-2 iOS 15.8.7 and iPadOS 15.8.7 iOS 15.8.7 and iPadOS 15.8.7 addresses the following issues. Information about the security content is also available at https://support.apple.com/126632. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Kernel Available for: … Read More “APPLE-SA-03-11-2026-2 iOS 15.8.7 and iPadOS 15.8.7  – Full Disclosure” »

  Posted by GregD via Fulldisclosure on Mar 12 Hi, I’m disclosing five vulnerabilities discovered during an authorised security assessment of the Cohesity TranZman Migration Appliance (formerly Stone Ram TranZman), Release 4.0 Build 14614. CVE-2025-67840 – Web API Command Injection (CVSS 7.2 High) The /api/v1/scheduler/run and /api/v1/actions/run endpoints allow authenticated administrators to execute arbitrary commands … Read More “Cohesity TranZman Migration Appliance – 5 CVEs (command injection, LPE, unsigned patches, weak crypto)  – Full Disclosure” »

  Posted by Feng Ning via Fulldisclosure on Mar 12 Subject: Alipay DeepLink+JSBridge Attack Chain: Silent GPS Exfiltration, 17 Vulns, 6 CVEs (CVSS 9.3) # Alipay DeepLink + JSBridge Attack Chain # Silent GPS Exfiltration via Crafted URL ## Overview Researcher: Jiqiang Feng / Innora AI Security Research Vendor: Ant Group (蚂蚁集团) / Alibaba Group … Read More “Alipay DeepLink+JSBridge Attack Chain: Silent GPS Exfiltration, 17 Vulns, 6 CVEs (CVSS 9.3)  – Full Disclosure” »

  Posted by Stefan Kanthak via Fulldisclosure on Mar 12 Hi @ll, about 2 months ago I posted <https://seclists.org/fulldisclosure/2025/Dec/29> “Defense in depth — the Microsoft way (part 94): SAFER (SRPv1 and AppLocker alias SRPv2) bypass for dummies” Here’s the continuation… About 23 years ago, 64-bit Windows introduced the WoW64 subsystem, which performs a transpatent redirection … Read More “Defense in depth — the Microsoft way (part 96): yet another SAFER (SRPv1) and AppLocker (SRPv2) loophole  – Full Disclosure” »

  Posted by Daniel Owens via Fulldisclosure on Mar 12 As previously mentioned, via “Struts2 and Related Framework Array/Collection DoS” (26 October 2025), hundreds of JavaScript object notation (JSON) libraries are vulnerable to unconstrained resource consumption through large JSON arrays, which, when deserialised, create arbitrarily large collections/arrays/data structures. This work looks specifically at the Apache … Read More “JSON Deserialiser Unconstrained Resource Consumption Quick Overview  – Full Disclosure” »

  Posted by Egidio Romano on Feb 22 —————————————————————————- SmarterMail <= 9518 (MailboxId) Reflected Cross-Site Scripting Vulnerability —————————————————————————- [-] Software Link: https://www.smartertools.com/smartermail/business-email-server [-] Affected Versions: Build 9518 and prior builds. [-] Vulnerability Description: User input passed through the… – Read More  – Full Disclosure 

  Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Feb 22 SEC Consult Vulnerability Lab Security Advisory < 20260218-0 > ======================================================================= title: Multiple Critical Vulnerabilities product: NesterSoft WorkTime (on-prem/cloud) vulnerable version: <= 11.8.8 fixed version: No patch available, vendor unresponsive. CVE number: CVE-2025-15563, CVE-2025-15562, CVE-2025-15561… – Read More  – Full Disclosure 

  Posted by Apple Product Security via Fulldisclosure on Feb 16 APPLE-SA-02-11-2026-4 macOS Sequoia 15.7.4 macOS Sequoia 15.7.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/126349. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AppleMobileFileIntegrity Available for: macOS Sequoia Impact: An … Read More “APPLE-SA-02-11-2026-4 macOS Sequoia 15.7.4  – Full Disclosure” »

  Posted by Apple Product Security via Fulldisclosure on Feb 16 APPLE-SA-02-11-2026-5 macOS Sonoma 14.8.4 macOS Sonoma 14.8.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/126350. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AppleMobileFileIntegrity Available for: macOS Sonoma Impact: An … Read More “APPLE-SA-02-11-2026-5 macOS Sonoma 14.8.4  – Full Disclosure” »

  Posted by Apple Product Security via Fulldisclosure on Feb 16 APPLE-SA-02-11-2026-6 tvOS 26.3 tvOS 26.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/126351. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Bluetooth Available for: Apple TV HD and Apple TV … Read More “APPLE-SA-02-11-2026-6 tvOS 26.3  – Full Disclosure” »

  Posted by Apple Product Security via Fulldisclosure on Feb 16 APPLE-SA-02-11-2026-7 watchOS 26.3 watchOS 26.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/126352. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Bluetooth Available for: Apple Watch Series 6 and later … Read More “APPLE-SA-02-11-2026-7 watchOS 26.3  – Full Disclosure” »

  Posted by Apple Product Security via Fulldisclosure on Feb 16 APPLE-SA-02-11-2026-8 visionOS 26.3 visionOS 26.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/126353. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AppleMobileFileIntegrity Available for: Apple Vision Pro (all models) Impact: … Read More “APPLE-SA-02-11-2026-8 visionOS 26.3  – Full Disclosure” »

  Posted by Apple Product Security via Fulldisclosure on Feb 16 APPLE-SA-02-11-2026-9 Safari 26.3 Safari 26.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/126354. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. CFNetwork Available for: macOS Sonoma and macOS Sequoia Impact: … Read More “APPLE-SA-02-11-2026-9 Safari 26.3  – Full Disclosure” »

  Posted by Christian Zäske via Fulldisclosure on Feb 16 Advisory ID:               SYSS-2025-011 Product:                   MR9600, MX4200 (and potentially others) Manufacturer:              Linksys Affected Version(s):       1.0.4.205530 for MR9600, 1.0.13.210200 for MX4200 (and potentially others) Tested … Read More “[SYSS-2025-011] Linksys MX9600/MX4200 – OS Command Injection  – Full Disclosure” »

  Posted by Christian Zäske via Fulldisclosure on Feb 16 Advisory ID:               SYSS-2025-014 Product:                   MX4200 (and potentially others) Manufacturer:              Linksys Affected Version(s):       1.0.13.210200 (and potentially others) Tested Version(s):         1.0.13.210200 MX4200 … Read More “[SYSS-2025-014] Linksys MX4200 – Improper Verification of Source of a Communication Channel  – Full Disclosure” »

  Posted by Agent Spooky’s Fun Parade via Fulldisclosure on Feb 16 1. SUMMARY Two independently confirmed vulnerabilities in Jump Crypto’s Firedancer Solana validator (https://github.com/firedancer-io/firedancer, commit 7cd3b6dce): A) Three undefined behavior / logic bugs in QUIC transport parameter processing, triggerable by a malicious QUIC server with zero authentication. Enables remote connection kill or hang. B) … Read More “Firedancer Solana Validator – QUIC Transport Parameter UB and Consensus-Splitting Cast Bug  – Full Disclosure” »

  Posted by Darsh Naik on Feb 16 🔓 The Attack Path — No Login, SYSTEM Access 1. Boot into setup.exe (via USB, PXE, or OOBM like Intel vPro). 2. Click “Repair your computer” → Enter WinRE. 3. Press Shift + F10 → SYSTEM-level Command Prompt. 4. From there, attacker can: – Run `net user` … Read More “🚨 Public Disclosure: Remote BitLocker Bypass via Intel AMT — SYSTEM Access Without Login  – Full Disclosure” »

  Posted by Hanno Böck on Feb 16 During tests of electronic invoicing tools, I discovered multiple XXE and Blind XXE vulnerabilities in online tools parsing electronic invoices in XML formats. While most of the affected tools have fixed these vulnerabilities, two online tools remain vulnerable to Blind XXE attacks, allowing exfiltration of files. Disclosure … Read More “Blind XXE in Electronic Invoice online tools (validator.invoice-portal.de, xrechnung.rib.de)  – Full Disclosure” »

  Posted by Apple Product Security via Fulldisclosure on Feb 16 APPLE-SA-02-11-2026-1 iOS 26.3 and iPadOS 26.3 iOS 26.3 and iPadOS 26.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/126346. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Accessibility Available for: … Read More “APPLE-SA-02-11-2026-1 iOS 26.3 and iPadOS 26.3  – Full Disclosure” »

  Posted by Apple Product Security via Fulldisclosure on Feb 16 APPLE-SA-02-11-2026-2 iOS 18.7.5 and iPadOS 18.7.5 iOS 18.7.5 and iPadOS 18.7.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/126347. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Accessibility Available for: … Read More “APPLE-SA-02-11-2026-2 iOS 18.7.5 and iPadOS 18.7.5  – Full Disclosure” »

  Posted by Apple Product Security via Fulldisclosure on Feb 16 APPLE-SA-02-11-2026-3 macOS Tahoe 26.3 macOS Tahoe 26.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/126348. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Admin Framework Available for: macOS Tahoe Impact: … Read More “APPLE-SA-02-11-2026-3 macOS Tahoe 26.3  – Full Disclosure” »

  Posted by privexploits via Fulldisclosure on Feb 16 Advisory: Authenticated Remote Code Execution in pfSense CECVEs: CVE-2025-69690, CVE-2025-69691 Researcher: Nelson Adhepeau (privexploits () protonmail com) Date: February 2026 == RESPONSIBLE DISCLOSURE NOTICE == This advisory is published in accordance with responsible disclosure practices.  The vendor was notified on December 2, 2025, acknowledged the reports, … Read More “[Full Disclosure] CVE-2025-69690 & CVE-2025-69691 — Authenticated RCE in Netgate pfSense CE 2.7.2 and 2.8.0  – Full Disclosure” »

  Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Feb 16 SEC Consult Vulnerability Lab Security Advisory < 20260212-0 > ======================================================================= title: Multiple Vulnerabilities             product: Various Solax Power Pocket WiFi models  vulnerable version: See section below       fixed version: See section below         … Read More “SEC Consult SA-20260212-0 :: Multiple Vulnerabilities in various Solax Power Pocket WiFi models  – Full Disclosure” »

  Posted by Asterisk Development Team via Fulldisclosure on Feb 07 The Asterisk Development Team would like to announce security release Certified Asterisk 20.7-cert9. The release artifacts are available for immediate download at https://github.com/asterisk/asterisk/releases/tag/certified-20.7-cert9 and https://downloads.asterisk.org/pub/telephony/certified-asterisk Repository: https://github.com/asterisk/asterisk Tag: certified-20.7-cert9 ## Change Log for Release asterisk-certified-20.7-cert9 ###… – Read More  – Full Disclosure 

  Posted by Asterisk Development Team via Fulldisclosure on Feb 07 The Asterisk Development Team would like to announce security release Asterisk 20.18.2. The release artifacts are available for immediate download at https://github.com/asterisk/asterisk/releases/tag/20.18.2 and https://downloads.asterisk.org/pub/telephony/asterisk Repository: https://github.com/asterisk/asterisk Tag: 20.18.2 ## Change Log for Release asterisk-20.18.2 ### Links: – [Full ChangeLog](… – Read More  – Full Disclosure 

  Posted by Asterisk Development Team via Fulldisclosure on Feb 07 The Asterisk Development Team would like to announce security release Asterisk 22.8.2. The release artifacts are available for immediate download at https://github.com/asterisk/asterisk/releases/tag/22.8.2 and https://downloads.asterisk.org/pub/telephony/asterisk Repository: https://github.com/asterisk/asterisk Tag: 22.8.2 ## Change Log for Release asterisk-22.8.2 ### Links: – [Full ChangeLog](… – Read More  – Full Disclosure 

  Posted by Asterisk Development Team via Fulldisclosure on Feb 07 The Asterisk Development Team would like to announce security release Asterisk 21.12.1. The release artifacts are available for immediate download at https://github.com/asterisk/asterisk/releases/tag/21.12.1 and https://downloads.asterisk.org/pub/telephony/asterisk Repository: https://github.com/asterisk/asterisk Tag: 21.12.1 ## Change Log for Release asterisk-21.12.1 ### Links: – [Full ChangeLog](… – Read More  – Full Disclosure 

  Posted by Asterisk Development Team via Fulldisclosure on Feb 07 The Asterisk Development Team would like to announce security release Asterisk 23.2.2. The release artifacts are available for immediate download at https://github.com/asterisk/asterisk/releases/tag/23.2.2 and https://downloads.asterisk.org/pub/telephony/asterisk Repository: https://github.com/asterisk/asterisk Tag: 23.2.2 ## Change Log for Release asterisk-23.2.2 ### Links: – [Full ChangeLog](… – Read More  – Full Disclosure