[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Linphone-users] About version...

From: Peio Rigaux
Subject: Re: [Linphone-users] About version...
Date: Fri, 18 Feb 2022 10:35:08 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.3.0

Indeed, we have a signature issue with the desktop version. We are working on it.

As long as you install Linphone from our website ( you are pretty safe knowing that this is the official source.


Peio Rigaux
Junior DevOps Engineer
Belledonne Communications, the company behind Linphone

Le 17/02/2022 à 21:40, Rafael Flores a écrit :

I thank you Peio


The vulnerabilities are next:

CVE-2021-43611, CVE-2021-43610 y CVE-2021-33056


I see that these are already remedied with the new version.


But when installing it asks for an authorization because the software is unknown or not signed.

That did not happen with previous versions. I send you an image to explain better.




And Windows send it this message:


Risk of install aplication because the Source is Unknow.


I thank you your help!!


De: Peio Rigaux []
Enviado el: miércoles, 16 de febrero de 2022 07:27 a. m.
Para:; Rafael Flores <>
Asunto: Re: [Linphone-users] About version...


Yes, normally for a release, we tag each associated submodule to the same release number, to simplify the process (for Core 5.0.49 you have liblinphone 5.0.49 and belle-sip 5.0.49, etc.).

Please tell me more about the vulnerability you are talking about, I need more context to know what you are talking about.

As far as I know, the only vulnerabilities reported to us were about potential crashs of the app when the incoming SIP request was malformed. These were fixed since then in release/5.0.



Peio Rigaux
Junior DevOps Engineer
Belledonne Communications, the company behind Linphone

Le 14/02/2022 à 19:54, Rafael Flores a écrit :

Hi Linphone Team and alls.


My name es Rafael and I install linphone on my office laptop. The IT department tells me that Linphone are vulnerabilities in Bellesip DLL

I understand that the Core version of LInphone is the same as Bellsip... It is correct?


If its correct With this new version I would no longer have the vulnerability problem that TI tells me.




I thank you for your attention

Linphone-users mailing list

Attachment: OpenPGP_0x99D28356FED78143.asc
Description: OpenPGP public key

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]