[Spce-user] Security Announcement related to kamailio
Hohl Matthias
matthias.hohl at telematica.at
Tue Mar 20 04:26:24 EDT 2018
Hello Daniel,
thanks for your answer.
It was just a general question and not just one for hotfixing this specific problem.
For example From 5.5.2.x to 5.5.3.x is this an upgrade process like descriped in the handbook, or is this also done with the “hotfix update” routine?
Thanks again.
Von: Daniel Grotti <dgrotti at sipwise.com>
Gesendet: Montag, 19. März 2018 17:26
An: Hohl Matthias <matthias.hohl at telematica.at>; 'Spce-user' <spce-user at lists.sipwise.com>
Cc: spce-dev at lists.sipwise.com
Betreff: Re: AW: [Spce-user] Security Announcement related to kamailio
Hi Matthias,
what you need to do is the:
# apt-get update && apt-get upgrade && ngcp-update-db-schema && ngcp-update-cfg-schema && ngcpcfg apply 'Hotfix Update'
In the handbook is describe how to upgrade. But if you run release >+mr4.5.1 you do not need to upgrade, but just update to the latest hotfixes of your current release, which are mr5.5.2.x in your case.
Cheers,
--
Daniel Grotti
Head of Customer Support
Sipwise GmbH, Campus 21/Europaring F15
AT-2345 Brunn am Gebirge
Office: +43(0)130120332
Email: dgrotti at sipwise.com <mailto:dgrotti at sipwise.com>
Website: https://www.sipwise.com
On 03/19/2018 05:21 PM, Hohl Matthias wrote:
Hello,
one short question, cause i can’t find the latest information about this in the handbook:
an Hotfix patch update within a version number (5.5.2.x to 5.5.2.y) is done with that:
# apt-get update && apt-get upgrade && ngcp-update-db-schema && ngcp-update-cfg-schema && ngcpcfg apply 'Hotfix Update'
For major (5.5.2 to 5.6.1) and minor release updating (5.5.2 to 5.5.3) it is done like descripted in the handbook, right?
https://www.sipwise.org/doc/mr5.5.3/spce/ar01s14.html#_upgrade_from_previous_versions_to_mr5_5_3
or is this for the minor release upgrade not needed?
Thanks.
Von: Spce-user <mailto:spce-user-bounces at lists.sipwise.com> <spce-user-bounces at lists.sipwise.com> Im Auftrag von Daniel Grotti
Gesendet: Montag, 19. März 2018 13:17
An: Spce-user <mailto:spce-user at lists.sipwise.com> <spce-user at lists.sipwise.com>
Cc: spce-dev at lists.sipwise.com <mailto:spce-dev at lists.sipwise.com>
Betreff: [Spce-user] Security Announcement related to kamailio
Dear SPCE users,
we would like to highlight that the last stable versions of kamailio (for the latest 3 release series: 4.4, 5.0 and 5.1) include fixes for two issues that can crash a running instance of Kamailio, therefore it is strongly
recommended to upgrade the kamailio packages on your C5 systems.
A detailed description of the security issue is reported here: CVE link not yet assigned.
The fix does not include any functional changes, so the call functionality and features will remain intact.
1. SPCE releases affected
The following list shows you which SPCE supported releases are affected:
mr3.8.x -> fixed in mr3.8.12 with package version mr3.8.12.2
mr4.5.1 -> fixed with package version mr4.5.1.2
mr4.5.2 -> fixed with package version mr4.5.2.4
mr4.5.3 -> fixed with package version mr4.5.3.3
mr4.5.4 -> fixed with package version mr4.5.4.6
mr4.5.5 -> fixed with package version mr4.5.5.2
mr4.5.6 -> fixed with package version mr4.5.6.2
mr4.5.7 -> fixed with package version mr4.5.7.2
mr5.5.1 -> fixed with package version mr5.5.1.2
mr5.5.2 -> fixed with package version mr5.5.2.2
mr5.5.3 -> fixed with package version mr5.5.3.2
mr6.0.1 -> fixed with package version mr6.0.1.2
mr6.0.2 -> fixed with package version mr6.0.2.2
mr6.1.1 -> fixed with package version mr6.1.1.2
Releases older than mr3.8 are *NOT* supported anymore and will not be hotfixed.
2. How to apply the security fix
Here you find the steps how install the security fix, depending on your current release.
2.1 SPCE release older than mr3.8.12
If you are running a release mr3.8.x, with x less than 12, then you should upgrade to mr3.8.12 in order to get the security fix.
You can follow the usual upgrade procedure described in the handbook:
[1] SPCE: https://www.sipwise.com/doc/mr3.8.12/spce/ar01s03.html#_upgrade_from_previous_release
Even though the issue affecting mr3.8.x is not so critical, we recommend to upgrade in any case to mr3.8.12.
2.2 SPCE release greater or equal to mr4.5.1
In this case the fix is provided as a hotfix, within your current release.
In order to install the fix you should upgrade your packages to the latest hotfixes.
Best Regards,
--
Daniel Grotti
Head of Customer Support
Sipwise GmbH, Campus 21/Europaring F15
AT-2345 Brunn am Gebirge
Office: +43(0)130120332
Email: dgrotti at sipwise.com <mailto:dgrotti at sipwise.com>
Website: https://www.sipwise.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sipwise.com/pipermail/spce-user_lists.sipwise.com/attachments/20180320/bf279486/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5532 bytes
Desc: not available
URL: <http://lists.sipwise.com/pipermail/spce-user_lists.sipwise.com/attachments/20180320/bf279486/attachment-0001.p7s>
More information about the Spce-user
mailing list