[OpenSIPS-Users] [OpenSIPS Security Alerts] [FIX][Severity Low] Dispatcher module

Bogdan-Andrei Iancu bogdan at opensips.org
Fri Sep 14 20:12:15 CEST 2012

This message was generated by the Security Alerts service ( Free Trial 14th of August - 14th of September )

SVN commit*:

*Severity*: Low

*Version*  : 1.8, trunk

*Affected modules*  : b2b_entities

*Effect*  : In-dialog UPDATEs are rejected

*Affected scenarios*: In B2B usage, a received UPDATE in-dialog requests will not be
matched against existing B2B sessions. This will break ant attempt of the end-point
to change dialog parameters.

*Description*  : Because of TAGs mixing, an UPDATE coming from the caller side did not
match its dialog.

*Risks*  : Low.

*Update*  :
- if you have an SVN checkout, only 1.8 and trunk were fixed; so
update to a revision later than 8879 (trunk) or 9244 (1.8 branch) ;
- if you have OpenSIPS from sources, download and apply the patch from
or see the attached patch;
- if using tarballs, they were already regenerated (and include the fix)
- If using the official Debian package (apt.opensips.org), they are also
re-generated including the fix.

Bogdan-Andrei Iancu
OpenSIPS Founder and Developer

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20120914/a8dfc396/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: b2b_UPDATE-9244.patch
Type: text/x-patch
Size: 518 bytes
Desc: not available
URL: <http://lists.opensips.org/pipermail/users/attachments/20120914/a8dfc396/attachment.bin>
-------------- next part --------------
Alerts mailing list
Alerts at lists.opensips.org

More information about the Users mailing list