[Freeswitch-dev] VoIP Security
R P Herrold
herrold at owlriver.com
Fri Apr 4 19:30:00 MSD 2014
On Fri, 4 Apr 2014, R P Herrold wrote:
Following on myself, this paper [1] touches on similar issues
which are uncovered in current Open Source crypto libraries
and tools
I know there was a comment in the JIRA [2] distrusting whether
enerprise vendors backport security fixes. I strongly
disagree with that view. Certainly the upstream of CentOS is
quite good about issuing prompt fixes which backport into a
stable API, and moving away from locally carried libraries is
a good way to get securitry updates, 'for free' into
FreeSwitch, compared to using old 'carried around' tarballs of
indeterminate security
-- Russ herrold
[1] https://www.cs.utexas.edu/~shmat/shmat_oak14.pdf
[2] https://jira.freeswitch.org/browse/FS-353
Join us at ClueCon 2013 Aug 6-8, 2013
More information about the FreeSWITCH-dev
mailing list