-certified/18.9-cert2
\ No newline at end of file
+certified/18.9-cert3
\ No newline at end of file
+2022-12-01 20:11 +0000 Asterisk Development Team <asteriskteam@digium.com>
+
+ * asterisk certified/18.9-cert3 Released.
+
+2022-12-01 13:54 +0000 [4e9c0bc880] Asterisk Development Team <asteriskteam@digium.com>
+
+ * Update CHANGES and UPGRADE.txt for certified/18.9-cert3
+2022-12-01 13:52 +0000 [28a23f6595] Asterisk Development Team <asteriskteam@digium.com>
+
+ * Update for certified/18.9-cert3
+
+2022-06-06 18:11 +0000 [de142180a3] Mike Bradeen <mbradeen@sangoma.com>
+
+ * ooh323c: not checking for IE minimum length
+
+ When decoding q.931 encoded calling/called number
+ now checking for length being less than minimum required.
+
+ ASTERISK-30103
+
+ Change-Id: I3dcfce0f35eca258dc450f87c92d4d7af402c2e7
+
+2022-10-03 13:54 +0000 [2285ffd5eb] Mike Bradeen <mbradeen@sangoma.com>
+
+ * manager: prevent file access outside of config dir
+
+ Add live_dangerously flag to manager and use this flag to
+ determine if a configuation file outside of AST_CONFIG_DIR
+ should be read.
+
+ ASTERISK-30176
+
+ Change-Id: I46b26af4047433b49ae5c8a85cb8cda806a07404
+
+2022-11-30 12:02 +0000 [9d74efa30f] Ben Ford <bford@digium.com>
+
+ * pjproject: 2.13 security fixes
+
+ Backports two security fixes (c4d3498 and 450baca) from pjproject 2.13.
+ The first one was modified due to merge conflicts specifically with
+ certified.
+
+ ASTERISK-30338
+
+ Change-Id: I86fdc003d5d22cb66e7cc6dc3313a8194f27eb69
+
+2022-10-10 09:35 +0000 [dd76b53ca6] George Joseph <gjoseph@digium.com>
+
+ * pjsip_transport_events: Fix possible use after free on transport
+
+ It was possible for a module that registered for transport monitor
+ events to pass in a pjsip_transport that had already been freed.
+ This caused pjsip_transport_events to crash when looking up the
+ monitor for the transport. The fix is a two pronged approach.
+
+ 1. We now increment the reference count on pjsip_transports when we
+ create monitors for them, then decrement the count when the
+ transport is going to be destroyed.
+
+ 2. There are now APIs to register and unregister monitor callbacks
+ by "transport key" which is a string concatenation of the remote ip
+ address and port. This way the module needing to monitor the
+ transport doesn't have to hold on to the transport object itself to
+ unregister. It just has to save the transport_key.
+
+ * Added the pjsip_transport reference increment and decrement.
+
+ * Changed the internal transport monitor container key from the
+ transport->obj_name (which may not be unique anyway) to the
+ transport_key.
+
+ * Added a helper macro AST_SIP_MAKE_REMOTE_IPADDR_PORT_STR() that
+ fills a buffer with the transport_key using a passed-in
+ pjsip_transport.
+
+ * Added the following functions:
+ ast_sip_transport_monitor_register_key
+ ast_sip_transport_monitor_register_replace_key
+ ast_sip_transport_monitor_unregister_key
+ and marked their non-key counterparts as deprecated.
+
+ * Updated res_pjsip_pubsub and res_pjsip_outbound_register to use
+ the new "key" monitor functions.
+
+ NOTE: res_pjsip_registrar also uses the transport monitor
+ functionality but doesn't have a persistent object other than
+ contact to store a transport key. At this time, it continues to
+ use the non-key monitor functions.
+
+ ASTERISK-30244
+
+ Change-Id: I1a20baf2a8643c272dcf819871d6c395f148f00b
+
+2022-11-07 09:30 +0000 [ed798d30f8] Jaco Kroon <jaco@uls.co.za>
+
+ * Build system: Avoid executable stack.
+
+ Found in res_geolocation, but I believe others may have similar issues,
+ thus not linking to a specific issue.
+
+ Essentially gcc doesn't mark the stack for being non-executable unless
+ it's compiling the source, this informs ld via gcc to mark the object as
+ not requiring an executable stack (which a binary blob obviously
+ doesn't).
+
+ ASTERISK-30321
+
+ Change-Id: I71bcc2fd1fe0c82a28b3257405d6f2b566fd9bfc
+ Signed-off-by: Jaco Kroon <jaco@uls.co.za>
+
+2022-11-16 05:40 +0000 [e50b2bfad9] Joshua C. Colp <jcolp@sangoma.com>
+
+ * res_agi: Respect "transmit_silence" option for "RECORD FILE".
+
+ The "RECORD FILE" command in res_agi has its own
+ implementation for actually doing the recording. This
+ has resulted in it not actually obeying the option
+ "transmit_silence" when recording.
+
+ This change causes it to now send silence if the
+ option is enabled.
+
+ ASTERISK-30314
+
+ Change-Id: Ib3a85601ff35d1b904f836691bad8a4b7e957174
+
+2022-10-13 11:19 +0000 [1a72025c35] Mike Bradeen <mbradeen@sangoma.com>
+
+ * res_pjsip: prevent crash on websocket disconnect
+
+ When a websocket (or potentially any stateful connection) is quickly
+ created then destroyed, it is possible that the qualify thread will
+ destroy the transaction before the initialzing thread is finished
+ with it.
+
+ Depending on the timing, this can cause an assertion within pjsip.
+
+ To prevent this, ast_send_stateful_response will now create the group
+ lock and add a reference to it before creating the transaction.
+
+ While this should resolve the crash, there is still the potential that
+ the contact will not be cleaned up properly, see:ASTERISK~29286. As a
+ result, the contact has to 'time out' before it will be removed.
+
+ ASTERISK-28689
+
+ Change-Id: Id050fded2247a04d8f0fc5b8a2cf3e5482cb8cee
+
+2022-09-29 15:55 +0000 [f107e4fd87] Mike Bradeen <mbradeen@sangoma.com>
+
+ * audiohook: add directional awareness
+
+ Add enum to allow setting optional direction. If set to only one
+ direction, only feed matching-direction frames to the associated
+ slin factory.
+
+ This prevents mangling the transcoder on non-mixed frames when the
+ READ and WRITE frames would have otherwise required it. Also
+ removes the need to mute or discard the un-wanted frames as they
+ are no longer added in the first place.
+
+ res_stasis_snoop is changed to use this addition to set direction
+ on audiohook based on spy direction.
+
+ If no direction is set, the ast_audiohook_init will init this enum
+ to BOTH which maintains existing functionality.
+
+ ASTERISK-30252
+
+ Change-Id: If8716bad334562a5d812be4eeb2a92e4f3be28eb
+
+2022-09-27 09:35 +0000 [6e842ae100] George Joseph <gjoseph@digium.com>
+
+ * res_geolocation: Update wiki documentation
+
+ Also added a note to the geolocation.conf.sample file
+ and added a README to the res/res_geolocation/wiki
+ directory.
+
+ Change-Id: I89c3c5db8c0701b33127993622d5e4f904bddfbc
+
2022-09-28 12:57 +0000 Asterisk Development Team <asteriskteam@digium.com>
* asterisk certified/18.9-cert2 Released.
+++ /dev/null
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><title>Release Summary - asterisk-certified/18.9-cert2</title><h1 align="center"><a name="top">Release Summary</a></h1><h3 align="center">asterisk-certified/18.9-cert2</h3><h3 align="center">Date: 2022-09-28</h3><h3 align="center"><asteriskteam@digium.com></h3><hr><h2 align="center">Table of Contents</h2><ol>
-<li><a href="#summary">Summary</a></li>
-<li><a href="#contributors">Contributors</a></li>
-<li><a href="#closed_issues">Closed Issues</a></li>
-<li><a href="#commits">Other Changes</a></li>
-<li><a href="#diffstat">Diffstat</a></li>
-</ol><hr><a name="summary"><h2 align="center">Summary</h2></a><center><a href="#top">[Back to Top]</a></center><p>This release is a point release of an existing major version. The changes included were made to address problems that have been identified in this release series, or are minor, backwards compatible new features or improvements. Users should be able to safely upgrade to this version if this release series is already in use. Users considering upgrading from a previous version are strongly encouraged to review the UPGRADE.txt document as well as the CHANGES document for information about upgrading to this release series.</p><p>The data in this summary reflects changes that have been made since the previous release, asterisk-certified/18.9-cert1.</p><hr><a name="contributors"><h2 align="center">Contributors</h2></a><center><a href="#top">[Back to Top]</a></center><p>This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.</p><table width="100%" border="0">
-<tr><th width="33%">Coders</th><th width="33%">Testers</th><th width="33%">Reporters</th></tr>
-<tr valign="top"><td width="33%">22 George Joseph <gjoseph@digium.com><br/>4 Mike Bradeen <mbradeen@sangoma.com><br/>2 Naveen Albert <asterisk@phreaknet.org><br/>1 Kevin Harwell <kharwell@sangoma.com><br/>1 Sean Bright <sean.bright@gmail.com><br/>1 Asterisk Development Team <asteriskteam@digium.com><br/></td><td width="33%"><td width="33%">12 George Joseph <gjoseph@digium.com><br/>2 N A <mail@interlinked.x10host.com><br/>2 Joshua C. Colp <jcolp@digium.com><br/>1 Dan Cropp <dan@amtelco.com><br/>1 Daniel Thümen <daniel.thuemen@auerswald.de><br/>1 Michael Bradeen <mbradeen@sangoma.com><br/>1 Sean Bright<br/>1 Dan Cropp<br/>1 Kevin Harwell <default.enum@gmail.com><br/></td></tr>
-</table><hr><a name="closed_issues"><h2 align="center">Closed Issues</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all issues from the issue tracker that were closed by changes that went into this release.</p><h3>Bug</h3><h4>Category: Contrib/General</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29453">ASTERISK-29453</a>: alembic: incoming_call_offer_pref and outgoing_call_offer_pref missing in "ps_endpoints" table<br/>Reported by: Daniel Thümen<ul>
-<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=a7c71b1b714095329ec2fb6be59a763dcaae7231">[a7c71b1b71]</a> Mike Bradeen -- alembic: add missing ps_endpoints columns</li>
-</ul><br><h4>Category: Core/BuildSystem</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30044">ASTERISK-30044</a>: GCC 12 issues<br/>Reported by: George Joseph<ul>
-<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=8d4a298cd4ba6409836ff002433f6eb1b50e3e92">[8d4a298cd4]</a> George Joseph -- GCC12: Fixes for 18+. state_id_by_topic comparing wrong value</li>
-<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=c0612ccc283a8ca6edc86535884486f206cfc3dc">[c0612ccc28]</a> George Joseph -- GCC12: Fixes for 16+</li>
-</ul><br><h4>Category: Core/Sorcery</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29453">ASTERISK-29453</a>: alembic: incoming_call_offer_pref and outgoing_call_offer_pref missing in "ps_endpoints" table<br/>Reported by: Daniel Thümen<ul>
-<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=a7c71b1b714095329ec2fb6be59a763dcaae7231">[a7c71b1b71]</a> Mike Bradeen -- alembic: add missing ps_endpoints columns</li>
-</ul><br><h4>Category: Resources/res_geolocation</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30234">ASTERISK-30234</a>: res_geolocation: ...may be used uninitialized error in geoloc_config.c<br/>Reported by: George Joseph<ul>
-<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=002272ad8b3c2a7e3394b70cace2ac17d582f722">[002272ad8b]</a> George Joseph -- res_geolocation: Fix issues exposed by compiling with -O2</li>
-</ul><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30215">ASTERISK-30215</a>: Inbound SIP INVITE with Geo Location causing a Segmentation Fault<br/>Reported by: Dan Cropp<ul>
-<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=3196ba7fcb2b946278797752451e63bb4d96341e">[3196ba7fcb]</a> George Joseph -- res_geolocation: Fix segfault when there's an empty element</li>
-</ul><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30190">ASTERISK-30190</a>: res_geolocation: GEOLOC_PROFILE isn't returning correct values on incoming channel<br/>Reported by: George Joseph<ul>
-<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=aeb465fdf1b67d52d82b9d2564426ce6e6700430">[aeb465fdf1]</a> George Joseph -- res_geolocation: Add two new options to GEOLOC_PROFILE</li>
-</ul><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30167">ASTERISK-30167</a>: res_geolocation: Refactor for issues found by users<br/>Reported by: George Joseph<ul>
-<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=1bb1d3b5efa5493b7369e49937ffdd3e8fb004a8">[1bb1d3b5ef]</a> George Joseph -- res_geolocation: Address user issues, remove complexity, plug leaks</li>
-</ul><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30138">ASTERISK-30138</a>: Compile failure in res_geolocation/geoloc_eprofile.c when optimization is enabled<br/>Reported by: George Joseph<ul>
-<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=336209b319f704bd3a893a86abd5b643f46582f5">[336209b319]</a> George Joseph -- geoloc_eprofile.c: Fix setting of loc_src in set_loc_src()</li>
-</ul><br><h4>Category: Resources/res_pjsip</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29453">ASTERISK-29453</a>: alembic: incoming_call_offer_pref and outgoing_call_offer_pref missing in "ps_endpoints" table<br/>Reported by: Daniel Thümen<ul>
-<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=a7c71b1b714095329ec2fb6be59a763dcaae7231">[a7c71b1b71]</a> Mike Bradeen -- alembic: add missing ps_endpoints columns</li>
-</ul><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30072">ASTERISK-30072</a>: res_pjsip: allow TLS verification of wildcard cert-bearing servers<br/>Reported by: Kevin Harwell<ul>
-<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=2074cf07f652dc7f1b70ad068a67d63bbde0938b">[2074cf07f6]</a> Kevin Harwell -- res_pjsip: allow TLS verification of wildcard cert-bearing servers</li>
-</ul><br><h4>Category: Tests/testsuite</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-26826">ASTERISK-26826</a>: testsuite: Add support for Python 3<br/>Reported by: Joshua C. Colp<ul>
-<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=b10cfb34e901bf2dc5843e65b36cc54955d177be">[b10cfb34e9]</a> Mike Bradeen -- CI: Fixing path issue on venv check</li>
-<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=7b7ba8cbd1b64fc52afd788941184fe1c364bd6b">[7b7ba8cbd1]</a> Mike Bradeen -- CI: use Python3 virtual environment</li>
-</ul><br><h4>Category: Third-Party/pjproject</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29804">ASTERISK-29804</a>: bundled_pjproject: sip_inv is missing multipart support in some cases<br/>Reported by: George Joseph<ul>
-<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=2ff2ccedc62c8e3f7456e7afea104c5546c2a7a7">[2ff2ccedc6]</a> George Joseph -- bundled_pjproject: Add more support for multipart bodies</li>
-</ul><br><h3>Improvement</h3><h4>Category: Documentation</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29898">ASTERISK-29898</a>: documentation: Add default attributes to documentation<br/>Reported by: N A<ul>
-<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=bdcaf87bf249c64228862961550c947bf02da164">[bdcaf87bf2]</a> Naveen Albert -- documentation: Adds missing default attributes.</li>
-</ul><br><h4>Category: Resources/res_geolocation</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30185">ASTERISK-30185</a>: res_geolocation: Allow location parameters to be specified in profiles<br/>Reported by: George Joseph<ul>
-<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=22fc2b58d2f02e90377f13fa8b1f25a9dd950544">[22fc2b58d2]</a> George Joseph -- res_geolocation: Allow location parameters on the profile object</li>
-</ul><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30177">ASTERISK-30177</a>: res_geolocation: Add option to suppress empty elements<br/>Reported by: George Joseph<ul>
-<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=d6f6a30a49e0e8ab5d7978aaba207ca575b423c9">[d6f6a30a49]</a> George Joseph -- res_geolocation: Add profile parameter suppress_empty_ca_elements</li>
-</ul><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30182">ASTERISK-30182</a>: res_geolocation: Add built-in profiles to use in fully dynamic configurations<br/>Reported by: George Joseph<ul>
-<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=e9ae638978fb2470e1c5c871c827e3207eed8a1e">[e9ae638978]</a> George Joseph -- res_geolocation: Add built-in profiles</li>
-</ul><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30127">ASTERISK-30127</a>: Create core Geolocation capability for Asterisk<br/>Reported by: George Joseph<ul>
-<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=547e3590ef8ef3e83ad3cf49dc3740c8651ba2d0">[547e3590ef]</a> George Joseph -- Geolocation: Core Capability Preview</li>
-</ul><br><h4>Category: Resources/res_pjsip</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30178">ASTERISK-30178</a>: extend user_eq_phone behavior to local uri's<br/>Reported by: Michael Bradeen<ul>
-<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=fc2f8368e5a2e1b5be8f1687ae0a8ea8affed67b">[fc2f8368e5]</a> Mike Bradeen -- res_pjsip: Add user=phone on From and PAID for usereqphone=yes</li>
-</ul><br><h4>Category: Resources/res_pjsip_geolocation</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30241">ASTERISK-30241</a>: res_pjsip_gelocation: Downgrade some NOTICE scope trace debugs to DEBUG level<br/>Reported by: N A<ul>
-<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=29495aafce8afae02c98be5faa2392f75a43d8a8">[29495aafce]</a> Naveen Albert -- res_pjsip_geolocation: Change some notices to debugs.</li>
-</ul><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30128">ASTERISK-30128</a>: Create PJSIP interface module for Geolocation<br/>Reported by: George Joseph<ul>
-<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=b17e95a7924e114c931a8613ee925fa8f4063c29">[b17e95a792]</a> George Joseph -- Geolocation: chan_pjsip Capability Preview</li>
-</ul><br><hr><a name="commits"><h2 align="center">Commits Not Associated with an Issue</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all changes that went into this release that did not reference a JIRA issue.</p><table width="100%" border="1">
-<tr><th>Revision</th><th>Author</th><th>Summary</th></tr>
-<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=e21d1e769570a2637e28d56055287261b906f67e">e21d1e7695</a></td><td>Asterisk Development Team</td><td>Update CHANGES and UPGRADE.txt for certified/18.9-cert2</td></tr>
-<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=f08a172893a67aaea9262888d712aa0acc27093b">f08a172893</a></td><td>George Joseph</td><td>Geolocation: Wiki Documentation</td></tr>
-<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=5e3a2dd5b0a5f785295f7217380d194ad0504948">5e3a2dd5b0</a></td><td>George Joseph</td><td>pjsip_config.xml: Fix omissions caused by wrong cherry-pick order</td></tr>
-<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=cc26b1d52bac5959c685a80f6469f8ec508ca7ed">cc26b1d52b</a></td><td>George Joseph</td><td>Geolocation: Base Asterisk Prereqs</td></tr>
-<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=4e604f03a7241c531eb767cbb8c42f10241bf4cb">4e604f03a7</a></td><td>George Joseph</td><td>xml.c, config,c: Add stylesheets and variable list string parsing</td></tr>
-<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=157a9e64c1470f37ea134811b758f25f83ce3349">157a9e64c1</a></td><td>George Joseph</td><td>core: Config and XML tweaks needed for geolocation</td></tr>
-<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=4afe2355beb249c67d1c21bd2102c1f497052b3a">4afe2355be</a></td><td>George Joseph</td><td>res_pjsip: Add utils for checking media types</td></tr>
-<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=23bc002815554872dd1f3325c130a881a8cc1347">23bc002815</a></td><td>George Joseph</td><td>bundled_pjproject: Add additional multipart search utils</td></tr>
-<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=d3d525315589c6c240d3f0e13691f3f5df5de8f9">d3d5253155</a></td><td>George Joseph</td><td>bundled_pjproject: Create generic pjsip_hdr_find functions</td></tr>
-<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=39b9607d4df3fbf28dddf9a220523bb876434cc6">39b9607d4d</a></td><td>George Joseph</td><td>Makefile: Allow XML documentation to exist outside source files</td></tr>
-<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=65a63e534a26b70123e5090989044363e45ef5d5">65a63e534a</a></td><td>Sean Bright</td><td>res_pjsip.c: Correct minor typos in 'realm' documentation.</td></tr>
-</table><hr><a name="diffstat"><h2 align="center">Diffstat Results</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.</p><pre>b/CHANGES | 80
-b/Makefile | 58
-b/Makefile.rules | 15
-b/addons/Makefile | 4
-b/apps/app_festival.c | 2
-b/build_tools/get_sourceable_makeopts | 54
-b/build_tools/make_xml_documentation | 247
-b/build_tools/menuselect-deps.in | 1
-b/channels/chan_sip.c | 4
-b/channels/sig_analog.c | 4
-b/configs/samples/geolocation.conf.sample | 316
-b/configs/samples/pjsip.conf.sample | 25
-b/configure | 12
-b/configure.ac | 6
-b/contrib/ast-db-manage/config/versions/58e440314c2a_allow_wildcard_certs.py | 29
-b/contrib/ast-db-manage/config/versions/7197536bb68d_geoloc_endpoint_params.py | 22
-b/contrib/ast-db-manage/config/versions/9f3692b1654b_add_stir_shaken_profile_and_codec_.py | 58
-b/doc/appdocsxml.dtd | 4
-b/funcs/func_scramble.c | 2
-b/include/asterisk/config.h | 75
-b/include/asterisk/pbx.h | 22
-b/include/asterisk/res_geolocation.h | 413 +
-b/include/asterisk/res_pjsip.h | 60
-b/include/asterisk/stringfields.h | 65
-b/include/asterisk/strings.h | 29
-b/include/asterisk/xml.h | 134
-b/main/cdr.c | 4
-b/main/config.c | 97
-b/main/datastore.c | 4
-b/main/pbx.c | 15
-b/main/pbx_variables.c | 54
-b/main/stasis_state.c | 2
-b/main/stun.c | 8
-b/main/utils.c | 69
-b/main/xml.c | 197
-b/makeopts.in | 2
-b/res/Makefile | 5
-b/res/res_ari.c | 4
-b/res/res_config_pgsql.c | 2
-b/res/res_geolocation.c | 125
-b/res/res_geolocation.exports.in | 6
-b/res/res_geolocation/eprofile_to_pidf.xslt | 235
-b/res/res_geolocation/geoloc_civicaddr.c | 151
-b/res/res_geolocation/geoloc_common.c | 36
-b/res/res_geolocation/geoloc_config.c | 761 ++
-b/res/res_geolocation/geoloc_datastore.c | 325
-b/res/res_geolocation/geoloc_dialplan.c | 376 +
-b/res/res_geolocation/geoloc_doc.xml | 310
-b/res/res_geolocation/geoloc_eprofile.c | 1343 ++++
-b/res/res_geolocation/geoloc_gml.c | 367 +
-b/res/res_geolocation/geoloc_private.h | 162
-b/res/res_geolocation/pidf_lo_test.xml | 33
-b/res/res_geolocation/pidf_to_eprofile.xslt | 213
-b/res/res_geolocation/wiki/AsteriskImplementation.md | 183
-b/res/res_geolocation/wiki/CivicAddress.md | 167
-b/res/res_geolocation/wiki/GML.md | 60
-b/res/res_geolocation/wiki/Geolocation.md | 74
-b/res/res_geolocation/wiki/ReferenceInformation.md | 33
-b/res/res_geolocation/wiki/URI.md | 86
-b/res/res_pjsip.c | 3319 ----------
-b/res/res_pjsip.exports.in | 1
-b/res/res_pjsip/config_transport.c | 31
-b/res/res_pjsip/pjsip_config.xml | 2384 +++++++
-b/res/res_pjsip/pjsip_configuration.c | 39
-b/res/res_pjsip/pjsip_manager.xml | 901 ++
-b/res/res_pjsip/pjsip_transport_events.c | 122
-b/res/res_pjsip_geolocation.c | 666 ++
-b/res/res_pjsip_sdp_rtp.c | 5
-b/res/res_pjsip_session.c | 7
-b/res/res_tonedetect.c | 2
-b/tests/CI/runTestsuite.sh | 15
-b/tests/test_config.c | 83
-b/tests/test_strings.c | 139
-b/tests/test_vector.c | 2
-b/third-party/pjproject/patches/0130-sip_inv-Additional-multipart-support-2919-2920.patch | 661 +
-b/third-party/pjproject/patches/0150-Create-generic-pjsip_hdr_find-functions.patch | 176
-b/third-party/pjproject/patches/0160-Additional-multipart-improvements.patch | 576 +
-doc/CHANGES-staging/func_odbc_esc_backslashes.txt | 7
-78 files changed, 12994 insertions(+), 3392 deletions(-)</pre><br></html>
\ No newline at end of file
+++ /dev/null
- Release Summary
-
- asterisk-certified/18.9-cert2
-
- Date: 2022-09-28
-
- <asteriskteam@digium.com>
-
- ----------------------------------------------------------------------
-
- Table of Contents
-
- 1. Summary
- 2. Contributors
- 3. Closed Issues
- 4. Other Changes
- 5. Diffstat
-
- ----------------------------------------------------------------------
-
- Summary
-
- [Back to Top]
-
- This release is a point release of an existing major version. The changes
- included were made to address problems that have been identified in this
- release series, or are minor, backwards compatible new features or
- improvements. Users should be able to safely upgrade to this version if
- this release series is already in use. Users considering upgrading from a
- previous version are strongly encouraged to review the UPGRADE.txt
- document as well as the CHANGES document for information about upgrading
- to this release series.
-
- The data in this summary reflects changes that have been made since the
- previous release, asterisk-certified/18.9-cert1.
-
- ----------------------------------------------------------------------
-
- Contributors
-
- [Back to Top]
-
- This table lists the people who have submitted code, those that have
- tested patches, as well as those that reported issues on the issue tracker
- that were resolved in this release. For coders, the number is how many of
- their patches (of any size) were committed into this release. For testers,
- the number is the number of times their name was listed as assisting with
- testing a patch. Finally, for reporters, the number is the number of
- issues that they reported that were affected by commits that went into
- this release.
-
- Coders Testers Reporters
- 22 George Joseph 12 George Joseph
- 4 Mike Bradeen 2 N A
- 2 Naveen Albert 2 Joshua C. Colp
- 1 Kevin Harwell 1 Dan Cropp
- 1 Sean Bright 1 Daniel Thümen
- 1 Asterisk Development Team 1 Michael Bradeen
- 1 Sean Bright
- 1 Dan Cropp
- 1 Kevin Harwell
-
- ----------------------------------------------------------------------
-
- Closed Issues
-
- [Back to Top]
-
- This is a list of all issues from the issue tracker that were closed by
- changes that went into this release.
-
- Bug
-
- Category: Contrib/General
-
- ASTERISK-29453: alembic: incoming_call_offer_pref and
- outgoing_call_offer_pref missing in "ps_endpoints" table
- Reported by: Daniel Thümen
- * [a7c71b1b71] Mike Bradeen -- alembic: add missing ps_endpoints columns
-
- Category: Core/BuildSystem
-
- ASTERISK-30044: GCC 12 issues
- Reported by: George Joseph
- * [8d4a298cd4] George Joseph -- GCC12: Fixes for 18+. state_id_by_topic
- comparing wrong value
- * [c0612ccc28] George Joseph -- GCC12: Fixes for 16+
-
- Category: Core/Sorcery
-
- ASTERISK-29453: alembic: incoming_call_offer_pref and
- outgoing_call_offer_pref missing in "ps_endpoints" table
- Reported by: Daniel Thümen
- * [a7c71b1b71] Mike Bradeen -- alembic: add missing ps_endpoints columns
-
- Category: Resources/res_geolocation
-
- ASTERISK-30234: res_geolocation: ...may be used uninitialized error in
- geoloc_config.c
- Reported by: George Joseph
- * [002272ad8b] George Joseph -- res_geolocation: Fix issues exposed by
- compiling with -O2
- ASTERISK-30215: Inbound SIP INVITE with Geo Location causing a
- Segmentation Fault
- Reported by: Dan Cropp
- * [3196ba7fcb] George Joseph -- res_geolocation: Fix segfault when
- there's an empty element
- ASTERISK-30190: res_geolocation: GEOLOC_PROFILE isn't returning correct
- values on incoming channel
- Reported by: George Joseph
- * [aeb465fdf1] George Joseph -- res_geolocation: Add two new options to
- GEOLOC_PROFILE
- ASTERISK-30167: res_geolocation: Refactor for issues found by users
- Reported by: George Joseph
- * [1bb1d3b5ef] George Joseph -- res_geolocation: Address user issues,
- remove complexity, plug leaks
- ASTERISK-30138: Compile failure in res_geolocation/geoloc_eprofile.c when
- optimization is enabled
- Reported by: George Joseph
- * [336209b319] George Joseph -- geoloc_eprofile.c: Fix setting of
- loc_src in set_loc_src()
-
- Category: Resources/res_pjsip
-
- ASTERISK-29453: alembic: incoming_call_offer_pref and
- outgoing_call_offer_pref missing in "ps_endpoints" table
- Reported by: Daniel Thümen
- * [a7c71b1b71] Mike Bradeen -- alembic: add missing ps_endpoints columns
- ASTERISK-30072: res_pjsip: allow TLS verification of wildcard cert-bearing
- servers
- Reported by: Kevin Harwell
- * [2074cf07f6] Kevin Harwell -- res_pjsip: allow TLS verification of
- wildcard cert-bearing servers
-
- Category: Tests/testsuite
-
- ASTERISK-26826: testsuite: Add support for Python 3
- Reported by: Joshua C. Colp
- * [b10cfb34e9] Mike Bradeen -- CI: Fixing path issue on venv check
- * [7b7ba8cbd1] Mike Bradeen -- CI: use Python3 virtual environment
-
- Category: Third-Party/pjproject
-
- ASTERISK-29804: bundled_pjproject: sip_inv is missing multipart support in
- some cases
- Reported by: George Joseph
- * [2ff2ccedc6] George Joseph -- bundled_pjproject: Add more support for
- multipart bodies
-
- Improvement
-
- Category: Documentation
-
- ASTERISK-29898: documentation: Add default attributes to documentation
- Reported by: N A
- * [bdcaf87bf2] Naveen Albert -- documentation: Adds missing default
- attributes.
-
- Category: Resources/res_geolocation
-
- ASTERISK-30185: res_geolocation: Allow location parameters to be specified
- in profiles
- Reported by: George Joseph
- * [22fc2b58d2] George Joseph -- res_geolocation: Allow location
- parameters on the profile object
- ASTERISK-30177: res_geolocation: Add option to suppress empty elements
- Reported by: George Joseph
- * [d6f6a30a49] George Joseph -- res_geolocation: Add profile parameter
- suppress_empty_ca_elements
- ASTERISK-30182: res_geolocation: Add built-in profiles to use in fully
- dynamic configurations
- Reported by: George Joseph
- * [e9ae638978] George Joseph -- res_geolocation: Add built-in profiles
- ASTERISK-30127: Create core Geolocation capability for Asterisk
- Reported by: George Joseph
- * [547e3590ef] George Joseph -- Geolocation: Core Capability Preview
-
- Category: Resources/res_pjsip
-
- ASTERISK-30178: extend user_eq_phone behavior to local uri's
- Reported by: Michael Bradeen
- * [fc2f8368e5] Mike Bradeen -- res_pjsip: Add user=phone on From and
- PAID for usereqphone=yes
-
- Category: Resources/res_pjsip_geolocation
-
- ASTERISK-30241: res_pjsip_gelocation: Downgrade some NOTICE scope trace
- debugs to DEBUG level
- Reported by: N A
- * [29495aafce] Naveen Albert -- res_pjsip_geolocation: Change some
- notices to debugs.
- ASTERISK-30128: Create PJSIP interface module for Geolocation
- Reported by: George Joseph
- * [b17e95a792] George Joseph -- Geolocation: chan_pjsip Capability
- Preview
-
- ----------------------------------------------------------------------
-
- Commits Not Associated with an Issue
-
- [Back to Top]
-
- This is a list of all changes that went into this release that did not
- reference a JIRA issue.
-
- +------------------------------------------------------------------------+
- | Revision | Author | Summary |
- |------------+----------------------+------------------------------------|
- | e21d1e7695 | Asterisk Development | Update CHANGES and UPGRADE.txt for |
- | | Team | certified/18.9-cert2 |
- |------------+----------------------+------------------------------------|
- | f08a172893 | George Joseph | Geolocation: Wiki Documentation |
- |------------+----------------------+------------------------------------|
- | 5e3a2dd5b0 | George Joseph | pjsip_config.xml: Fix omissions |
- | | | caused by wrong cherry-pick order |
- |------------+----------------------+------------------------------------|
- | cc26b1d52b | George Joseph | Geolocation: Base Asterisk Prereqs |
- |------------+----------------------+------------------------------------|
- | 4e604f03a7 | George Joseph | xml.c, config,c: Add stylesheets |
- | | | and variable list string parsing |
- |------------+----------------------+------------------------------------|
- | 157a9e64c1 | George Joseph | core: Config and XML tweaks needed |
- | | | for geolocation |
- |------------+----------------------+------------------------------------|
- | 4afe2355be | George Joseph | res_pjsip: Add utils for checking |
- | | | media types |
- |------------+----------------------+------------------------------------|
- | 23bc002815 | George Joseph | bundled_pjproject: Add additional |
- | | | multipart search utils |
- |------------+----------------------+------------------------------------|
- | d3d5253155 | George Joseph | bundled_pjproject: Create generic |
- | | | pjsip_hdr_find functions |
- |------------+----------------------+------------------------------------|
- | 39b9607d4d | George Joseph | Makefile: Allow XML documentation |
- | | | to exist outside source files |
- |------------+----------------------+------------------------------------|
- | 65a63e534a | Sean Bright | res_pjsip.c: Correct minor typos |
- | | | in 'realm' documentation. |
- +------------------------------------------------------------------------+
-
- ----------------------------------------------------------------------
-
- Diffstat Results
-
- [Back to Top]
-
- This is a summary of the changes to the source code that went into this
- release that was generated using the diffstat utility.
-
- b/CHANGES | 80
- b/Makefile | 58
- b/Makefile.rules | 15
- b/addons/Makefile | 4
- b/apps/app_festival.c | 2
- b/build_tools/get_sourceable_makeopts | 54
- b/build_tools/make_xml_documentation | 247
- b/build_tools/menuselect-deps.in | 1
- b/channels/chan_sip.c | 4
- b/channels/sig_analog.c | 4
- b/configs/samples/geolocation.conf.sample | 316
- b/configs/samples/pjsip.conf.sample | 25
- b/configure | 12
- b/configure.ac | 6
- b/contrib/ast-db-manage/config/versions/58e440314c2a_allow_wildcard_certs.py | 29
- b/contrib/ast-db-manage/config/versions/7197536bb68d_geoloc_endpoint_params.py | 22
- b/contrib/ast-db-manage/config/versions/9f3692b1654b_add_stir_shaken_profile_and_codec_.py | 58
- b/doc/appdocsxml.dtd | 4
- b/funcs/func_scramble.c | 2
- b/include/asterisk/config.h | 75
- b/include/asterisk/pbx.h | 22
- b/include/asterisk/res_geolocation.h | 413 +
- b/include/asterisk/res_pjsip.h | 60
- b/include/asterisk/stringfields.h | 65
- b/include/asterisk/strings.h | 29
- b/include/asterisk/xml.h | 134
- b/main/cdr.c | 4
- b/main/config.c | 97
- b/main/datastore.c | 4
- b/main/pbx.c | 15
- b/main/pbx_variables.c | 54
- b/main/stasis_state.c | 2
- b/main/stun.c | 8
- b/main/utils.c | 69
- b/main/xml.c | 197
- b/makeopts.in | 2
- b/res/Makefile | 5
- b/res/res_ari.c | 4
- b/res/res_config_pgsql.c | 2
- b/res/res_geolocation.c | 125
- b/res/res_geolocation.exports.in | 6
- b/res/res_geolocation/eprofile_to_pidf.xslt | 235
- b/res/res_geolocation/geoloc_civicaddr.c | 151
- b/res/res_geolocation/geoloc_common.c | 36
- b/res/res_geolocation/geoloc_config.c | 761 ++
- b/res/res_geolocation/geoloc_datastore.c | 325
- b/res/res_geolocation/geoloc_dialplan.c | 376 +
- b/res/res_geolocation/geoloc_doc.xml | 310
- b/res/res_geolocation/geoloc_eprofile.c | 1343 ++++
- b/res/res_geolocation/geoloc_gml.c | 367 +
- b/res/res_geolocation/geoloc_private.h | 162
- b/res/res_geolocation/pidf_lo_test.xml | 33
- b/res/res_geolocation/pidf_to_eprofile.xslt | 213
- b/res/res_geolocation/wiki/AsteriskImplementation.md | 183
- b/res/res_geolocation/wiki/CivicAddress.md | 167
- b/res/res_geolocation/wiki/GML.md | 60
- b/res/res_geolocation/wiki/Geolocation.md | 74
- b/res/res_geolocation/wiki/ReferenceInformation.md | 33
- b/res/res_geolocation/wiki/URI.md | 86
- b/res/res_pjsip.c | 3319 ----------
- b/res/res_pjsip.exports.in | 1
- b/res/res_pjsip/config_transport.c | 31
- b/res/res_pjsip/pjsip_config.xml | 2384 +++++++
- b/res/res_pjsip/pjsip_configuration.c | 39
- b/res/res_pjsip/pjsip_manager.xml | 901 ++
- b/res/res_pjsip/pjsip_transport_events.c | 122
- b/res/res_pjsip_geolocation.c | 666 ++
- b/res/res_pjsip_sdp_rtp.c | 5
- b/res/res_pjsip_session.c | 7
- b/res/res_tonedetect.c | 2
- b/tests/CI/runTestsuite.sh | 15
- b/tests/test_config.c | 83
- b/tests/test_strings.c | 139
- b/tests/test_vector.c | 2
- b/third-party/pjproject/patches/0130-sip_inv-Additional-multipart-support-2919-2920.patch | 661 +
- b/third-party/pjproject/patches/0150-Create-generic-pjsip_hdr_find-functions.patch | 176
- b/third-party/pjproject/patches/0160-Additional-multipart-improvements.patch | 576 +
- doc/CHANGES-staging/func_odbc_esc_backslashes.txt | 7
- 78 files changed, 12994 insertions(+), 3392 deletions(-)
--- /dev/null
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><title>Release Summary - asterisk-certified/18.9-cert3</title><h1 align="center"><a name="top">Release Summary</a></h1><h3 align="center">asterisk-certified/18.9-cert3</h3><h3 align="center">Date: 2022-12-01</h3><h3 align="center"><asteriskteam@digium.com></h3><hr><h2 align="center">Table of Contents</h2><ol>
+<li><a href="#summary">Summary</a></li>
+<li><a href="#contributors">Contributors</a></li>
+<li><a href="#closed_issues">Closed Issues</a></li>
+<li><a href="#open_issues">Open Issues</a></li>
+<li><a href="#commits">Other Changes</a></li>
+<li><a href="#diffstat">Diffstat</a></li>
+</ol><hr><a name="summary"><h2 align="center">Summary</h2></a><center><a href="#top">[Back to Top]</a></center><p>This release has been made to address one or more security vulnerabilities that have been identified. A security advisory document has been published for each vulnerability that includes additional information. Users of versions of Asterisk that are affected are strongly encouraged to review the advisories and determine what action they should take to protect their systems from these issues.</p><p>Security Advisories:</p><ul>
+<li><a href="http://downloads.asterisk.org/pub/security/AST-2022-007,AST-2022-008,AST-2022-009.html">AST-2022-007,AST-2022-008,AST-2022-009</a></li>
+</ul><p>The data in this summary reflects changes that have been made since the previous release, asterisk-certified/18.9-cert2.</p><hr><a name="contributors"><h2 align="center">Contributors</h2></a><center><a href="#top">[Back to Top]</a></center><p>This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.</p><table width="100%" border="0">
+<tr><th width="33%">Coders</th><th width="33%">Testers</th><th width="33%">Reporters</th></tr>
+<tr valign="top"><td width="33%">4 Mike Bradeen <mbradeen@sangoma.com><br/>2 Asterisk Development Team <asteriskteam@digium.com><br/>2 George Joseph <gjoseph@digium.com><br/>1 Jaco Kroon <jaco@uls.co.za><br/>1 Joshua C. Colp <jcolp@sangoma.com><br/>1 Ben Ford <bford@digium.com><br/></td><td width="33%"><td width="33%">2 Michael Bradeen <mbradeen@sangoma.com><br/>1 George Joseph <gjoseph@digium.com><br/>1 shawty <shawty.d.ds@googlemail.com><br/>1 nappsoft <infos@nappsoft.ch><br/>1 Joshua C. Colp <jcolp@digium.com><br/>1 Benjamin Keith Ford <bford@digium.com><br/>1 Jesse Ross <jesseross92@gmail.com><br/></td></tr>
+</table><hr><a name="closed_issues"><h2 align="center">Closed Issues</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all issues from the issue tracker that were closed by changes that went into this release.</p><h3>Security</h3><h4>Category: Addons/chan_ooh323</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30103">ASTERISK-30103</a>: chan_ooh323 Vulnerability in calling/called party IE<br/>Reported by: Michael Bradeen<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=de142180a3aa26f866681a54fff81436ebb596aa">[de142180a3]</a> Mike Bradeen -- ooh323c: not checking for IE minimum length</li>
+</ul><br><h4>Category: Core/ManagerInterface</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30176">ASTERISK-30176</a>: manager: GetConfig can read files outside of Asterisk<br/>Reported by: shawty<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=2285ffd5ebe4471d24541b39267dcd2c7af0bc0b">[2285ffd5eb]</a> Mike Bradeen -- manager: prevent file access outside of config dir</li>
+</ul><br><h4>Category: pjproject/pjsip</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30338">ASTERISK-30338</a>: pjproject: Backport security fixes from 2.13<br/>Reported by: Benjamin Keith Ford<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=9d74efa30f7bc418b84fe92e03cc3d14d285d286">[9d74efa30f]</a> Ben Ford -- pjproject: 2.13 security fixes</li>
+</ul><br><h3>Bug</h3><h4>Category: Core/BuildSystem</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30321">ASTERISK-30321</a>: Build: Embedded blobs have executable stacks<br/>Reported by: George Joseph<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=ed798d30f8e619596f3e808899eca61123664ea7">[ed798d30f8]</a> Jaco Kroon -- Build system: Avoid executable stack.</li>
+</ul><br><h4>Category: Resources/res_agi</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30314">ASTERISK-30314</a>: res_agi: RECORD FILE doesn't respect "transmit_silence" asterisk.conf option<br/>Reported by: Joshua C. Colp<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=e50b2bfad937dc18a9b175a7b39a18ccc593bf7c">[e50b2bfad9]</a> Joshua C. Colp -- res_agi: Respect "transmit_silence" option for "RECORD FILE".</li>
+</ul><br><h4>Category: Resources/res_pjsip_pubsub</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30244">ASTERISK-30244</a>: res_pjsip_pubsub: Occasional crash when TCP/TLS connection terminated and subscription persistence is removed<br/>Reported by: nappsoft<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=dd76b53ca6a869efa8996cf9c767946be93a2893">[dd76b53ca6]</a> George Joseph -- pjsip_transport_events: Fix possible use after free on transport</li>
+</ul><br><h4>Category: pjproject/pjsip</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-28689">ASTERISK-28689</a>: res_pjsip: Crash when locking group lock when sending stateful response<br/>Reported by: Jesse Ross<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=1a72025c353359233504ef78d26443be6fea46a3">[1a72025c35]</a> Mike Bradeen -- res_pjsip: prevent crash on websocket disconnect</li>
+</ul><br><hr><a name="open_issues"><h2 align="center">Open Issues</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all open issues from the issue tracker that were referenced by changes that went into this release.</p><h3>Bug</h3><h4>Category: Resources/res_stasis_snoop</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30252">ASTERISK-30252</a>: Unidirectional snoop on resampled channel causes garbled audio<br/>Reported by: Michael Bradeen<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=f107e4fd87b700a7db17b0179b40cf8d06b4ab5f">[f107e4fd87]</a> Mike Bradeen -- audiohook: add directional awareness</li>
+</ul><br><hr><a name="commits"><h2 align="center">Commits Not Associated with an Issue</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all changes that went into this release that did not reference a JIRA issue.</p><table width="100%" border="1">
+<tr><th>Revision</th><th>Author</th><th>Summary</th></tr>
+<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=4e9c0bc8804b909986657436029e13d32108a3f9">4e9c0bc880</a></td><td>Asterisk Development Team</td><td>Update CHANGES and UPGRADE.txt for certified/18.9-cert3</td></tr>
+<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=28a23f659590b7b667b62bd2f8b7e5a0c96c3edf">28a23f6595</a></td><td>Asterisk Development Team</td><td>Update for certified/18.9-cert3</td></tr>
+<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=6e842ae10062766ca307fe1a490fbadb739247c0">6e842ae100</a></td><td>George Joseph</td><td>res_geolocation: Update wiki documentation</td></tr>
+</table><hr><a name="diffstat"><h2 align="center">Diffstat Results</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.</p><pre>Makefile.rules | 4
+UPGRADE.txt | 13
+addons/ooh323c/src/ooq931.c | 15
+configs/samples/asterisk.conf.sample | 11
+configs/samples/geolocation.conf.sample | 2
+include/asterisk/audiohook.h | 9
+include/asterisk/manager.h | 12
+include/asterisk/res_pjsip.h | 83 +++
+main/audiohook.c | 22
+main/manager.c | 42 +
+main/options.c | 1
+res/res_agi.c | 15
+res/res_geolocation/wiki/AsteriskImplementation.md | 251 +++++++--
+res/res_geolocation/wiki/GML.md | 38 +
+res/res_geolocation/wiki/Geolocation.md | 2
+res/res_geolocation/wiki/README.txt | 31 +
+res/res_geolocation/wiki/URI.md | 5
+res/res_pjsip.c | 47 +
+res/res_pjsip/pjsip_transport_events.c | 214 +++++++-
+res/res_pjsip_outbound_registration.c | 28 -
+res/res_pjsip_pubsub.c | 25
+res/res_stasis_snoop.c | 22
+third-party/pjproject/patches/0200-cert-18.9-potential-buffer-overflow-in-pjlib-scanner-and-pjmedia.patch | 254 ++++++++++
+23 files changed, 997 insertions(+), 149 deletions(-)</pre><br></html>
\ No newline at end of file
--- /dev/null
+ Release Summary
+
+ asterisk-certified/18.9-cert3
+
+ Date: 2022-12-01
+
+ <asteriskteam@digium.com>
+
+ ----------------------------------------------------------------------
+
+ Table of Contents
+
+ 1. Summary
+ 2. Contributors
+ 3. Closed Issues
+ 4. Open Issues
+ 5. Other Changes
+ 6. Diffstat
+
+ ----------------------------------------------------------------------
+
+ Summary
+
+ [Back to Top]
+
+ This release has been made to address one or more security vulnerabilities
+ that have been identified. A security advisory document has been published
+ for each vulnerability that includes additional information. Users of
+ versions of Asterisk that are affected are strongly encouraged to review
+ the advisories and determine what action they should take to protect their
+ systems from these issues.
+
+ Security Advisories:
+
+ * AST-2022-007,AST-2022-008,AST-2022-009
+
+ The data in this summary reflects changes that have been made since the
+ previous release, asterisk-certified/18.9-cert2.
+
+ ----------------------------------------------------------------------
+
+ Contributors
+
+ [Back to Top]
+
+ This table lists the people who have submitted code, those that have
+ tested patches, as well as those that reported issues on the issue tracker
+ that were resolved in this release. For coders, the number is how many of
+ their patches (of any size) were committed into this release. For testers,
+ the number is the number of times their name was listed as assisting with
+ testing a patch. Finally, for reporters, the number is the number of
+ issues that they reported that were affected by commits that went into
+ this release.
+
+ Coders Testers Reporters
+ 4 Mike Bradeen 2 Michael Bradeen
+ 2 Asterisk Development Team 1 George Joseph
+ 2 George Joseph 1 shawty
+ 1 Jaco Kroon 1 nappsoft
+ 1 Joshua C. Colp 1 Joshua C. Colp
+ 1 Ben Ford 1 Benjamin Keith Ford
+ 1 Jesse Ross
+
+ ----------------------------------------------------------------------
+
+ Closed Issues
+
+ [Back to Top]
+
+ This is a list of all issues from the issue tracker that were closed by
+ changes that went into this release.
+
+ Security
+
+ Category: Addons/chan_ooh323
+
+ ASTERISK-30103: chan_ooh323 Vulnerability in calling/called party IE
+ Reported by: Michael Bradeen
+ * [de142180a3] Mike Bradeen -- ooh323c: not checking for IE minimum
+ length
+
+ Category: Core/ManagerInterface
+
+ ASTERISK-30176: manager: GetConfig can read files outside of Asterisk
+ Reported by: shawty
+ * [2285ffd5eb] Mike Bradeen -- manager: prevent file access outside of
+ config dir
+
+ Category: pjproject/pjsip
+
+ ASTERISK-30338: pjproject: Backport security fixes from 2.13
+ Reported by: Benjamin Keith Ford
+ * [9d74efa30f] Ben Ford -- pjproject: 2.13 security fixes
+
+ Bug
+
+ Category: Core/BuildSystem
+
+ ASTERISK-30321: Build: Embedded blobs have executable stacks
+ Reported by: George Joseph
+ * [ed798d30f8] Jaco Kroon -- Build system: Avoid executable stack.
+
+ Category: Resources/res_agi
+
+ ASTERISK-30314: res_agi: RECORD FILE doesn't respect "transmit_silence"
+ asterisk.conf option
+ Reported by: Joshua C. Colp
+ * [e50b2bfad9] Joshua C. Colp -- res_agi: Respect "transmit_silence"
+ option for "RECORD FILE".
+
+ Category: Resources/res_pjsip_pubsub
+
+ ASTERISK-30244: res_pjsip_pubsub: Occasional crash when TCP/TLS connection
+ terminated and subscription persistence is removed
+ Reported by: nappsoft
+ * [dd76b53ca6] George Joseph -- pjsip_transport_events: Fix possible use
+ after free on transport
+
+ Category: pjproject/pjsip
+
+ ASTERISK-28689: res_pjsip: Crash when locking group lock when sending
+ stateful response
+ Reported by: Jesse Ross
+ * [1a72025c35] Mike Bradeen -- res_pjsip: prevent crash on websocket
+ disconnect
+
+ ----------------------------------------------------------------------
+
+ Open Issues
+
+ [Back to Top]
+
+ This is a list of all open issues from the issue tracker that were
+ referenced by changes that went into this release.
+
+ Bug
+
+ Category: Resources/res_stasis_snoop
+
+ ASTERISK-30252: Unidirectional snoop on resampled channel causes garbled
+ audio
+ Reported by: Michael Bradeen
+ * [f107e4fd87] Mike Bradeen -- audiohook: add directional awareness
+
+ ----------------------------------------------------------------------
+
+ Commits Not Associated with an Issue
+
+ [Back to Top]
+
+ This is a list of all changes that went into this release that did not
+ reference a JIRA issue.
+
+ +------------------------------------------------------------------------+
+ | Revision | Author | Summary |
+ |------------+----------------------+------------------------------------|
+ | 4e9c0bc880 | Asterisk Development | Update CHANGES and UPGRADE.txt for |
+ | | Team | certified/18.9-cert3 |
+ |------------+----------------------+------------------------------------|
+ | 28a23f6595 | Asterisk Development | Update for certified/18.9-cert3 |
+ | | Team | |
+ |------------+----------------------+------------------------------------|
+ | 6e842ae100 | George Joseph | res_geolocation: Update wiki |
+ | | | documentation |
+ +------------------------------------------------------------------------+
+
+ ----------------------------------------------------------------------
+
+ Diffstat Results
+
+ [Back to Top]
+
+ This is a summary of the changes to the source code that went into this
+ release that was generated using the diffstat utility.
+
+ Makefile.rules | 4
+ UPGRADE.txt | 13
+ addons/ooh323c/src/ooq931.c | 15
+ configs/samples/asterisk.conf.sample | 11
+ configs/samples/geolocation.conf.sample | 2
+ include/asterisk/audiohook.h | 9
+ include/asterisk/manager.h | 12
+ include/asterisk/res_pjsip.h | 83 +++
+ main/audiohook.c | 22
+ main/manager.c | 42 +
+ main/options.c | 1
+ res/res_agi.c | 15
+ res/res_geolocation/wiki/AsteriskImplementation.md | 251 +++++++--
+ res/res_geolocation/wiki/GML.md | 38 +
+ res/res_geolocation/wiki/Geolocation.md | 2
+ res/res_geolocation/wiki/README.txt | 31 +
+ res/res_geolocation/wiki/URI.md | 5
+ res/res_pjsip.c | 47 +
+ res/res_pjsip/pjsip_transport_events.c | 214 +++++++-
+ res/res_pjsip_outbound_registration.c | 28 -
+ res/res_pjsip_pubsub.c | 25
+ res/res_stasis_snoop.c | 22
+ third-party/pjproject/patches/0200-cert-18.9-potential-buffer-overflow-in-pjlib-scanner-and-pjmedia.patch | 254 ++++++++++
+ 23 files changed, 997 insertions(+), 149 deletions(-)
projects / thirdparty / asterisk.git / commitdiff
