By Richard Chirgwin
Admins of the popular IP telephony application Asterisk have a lovely end to the week ahead of them - there's two moderate vulnerabilities, and one critical mess, that need patches.
The worst of the three is this one: a bug in the Realtime Transport Protocol (RTP) stack that exposes a system to information disclosure.
formatting link