The Asterisk Development Team would like to announce
the release of asterisk-21.12.2.
The release artifacts are available for immediate download at
and
Repository: GitHub - asterisk/asterisk: The official Asterisk Project repository. · GitHub
Tag: 21.12.2
This release resolves issues reported by the community
and would have not been possible without your participation.
Thank You!
Change Log for Release asterisk-21.12.2
Links:
Summary:
- Commits: 1
- Commit Authors: 1
- Issues Resolved: 1
- Security Advisories Resolved: 0
User Notes:
Upgrade Notes:
Developer Notes:
Commit Authors:
- Mike Bradeen: (1)
Issue and Commit Detail:
Closed Issues:
- 1833: [bug]: Address security vulnerabilities in pjproject
Commits By Author:
Commit List:
- res_pjsip: Address pjproject security vulnerabilities
Commit Details:
res_pjsip: Address pjproject security vulnerabilities
Author: Mike Bradeen
Date: 2026-03-25
Address the following pjproject security vulnerabilities
GHSA-j29p-pvh2-pvqp - Buffer overflow in ICE with long username
GHSA-8fj4-fv9f-hjpc - Heap use-after-free in PJSIP presense subscription termination header
GHSA-g88q-c2hm-q7p7 - ICE session use-after-free race conditions
GHSA-x5pq-qrp4-fmrj - Out-of-bounds read in SIP multipart parsing
Resolves: #1833