From 49d56dc9d2c1eececb4cae27cbbb427403c3f9f5 Mon Sep 17 00:00:00 2001 From: Kevin Harwell Date: Thu, 31 Aug 2017 10:44:55 -0500 Subject: [PATCH] Update for 13.17.1 --- .version | 2 +- ChangeLog | 75 ++++ asterisk-13.17.0-summary.html | 306 ------------- asterisk-13.17.0-summary.txt | 814 ---------------------------------- asterisk-13.17.1-summary.html | 42 ++ asterisk-13.17.1-summary.txt | 162 +++++++ 6 files changed, 280 insertions(+), 1121 deletions(-) delete mode 100644 asterisk-13.17.0-summary.html delete mode 100644 asterisk-13.17.0-summary.txt create mode 100644 asterisk-13.17.1-summary.html create mode 100644 asterisk-13.17.1-summary.txt diff --git a/.version b/.version index 5504738c19..1762c59e73 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -13.17.0 \ No newline at end of file +13.17.1 \ No newline at end of file diff --git a/ChangeLog b/ChangeLog index f630fed49c..6574b856b7 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,78 @@ +2017-08-31 15:44 +0000 Asterisk Development Team + + * asterisk 13.17.1 Released. + +2017-07-24 10:48 +0000 [0e5b7743d9] George Joseph + + * pjsip_message_ip_updater: Fix issue handling "tel" URIs + + sanitize_tdata was assuming all URIs were SIP URIs so when a non + SIP uri was in the From, To or Contact headers, the unconditional + cast of a non-pjsip_sip_uri structure to pjsip_sip_uri caused + a segfault when trying to access uri->other_param. + + * Added PJSIP_URI_SCHEME_IS_SIP(uri) || PJSIP_URI_SCHEME_IS_SIPS(uri) + checks before attempting to cast or use the returned uri. + + ASTERISK-27152 + Reported-by: Ross Beer + + Change-Id: Id380df790e6622c8058a96035f8b8f4aa0b8551f + +2017-07-01 19:24 +0000 [707892089d] Corey Farrell + + * AST-2017-006: Fix app_minivm application MinivmNotify command injection + + An admin can configure app_minivm with an externnotify program to be run + when a voicemail is received. The app_minivm application MinivmNotify + uses ast_safe_system() for this purpose which is vulnerable to command + injection since the Caller-ID name and number values given to externnotify + can come from an external untrusted source. + + * Add ast_safe_execvp() function. This gives modules the ability to run + external commands with greater safety compared to ast_safe_system(). + Specifically when some parameters are filled by untrusted sources the new + function does not allow malicious input to break argument encoding. This + may be of particular concern where CALLERID(name) or CALLERID(num) may be + used as a parameter to a script run by ast_safe_system() which could + potentially allow arbitrary command execution. + + * Changed app_minivm.c:run_externnotify() to use the new ast_safe_execvp() + instead of ast_safe_system() to avoid command injection. + + * Document code injection potential from untrusted data sources for other + shell commands that are under user control. + + ASTERISK-27103 + + Change-Id: I7552472247a84cde24e1358aaf64af160107aef1 + +2017-05-22 10:36 +0000 [3ee5c6dcbe] Joshua Colp + + * res_rtp_asterisk: Only learn a new source in learn state. + + This change moves the logic which learns a new source address + for RTP so it only occurs in the learning state. The learning + state is entered on initial allocation of RTP or if we are + told that the remote address for the media has changed. While + in the learning state if we continue to receive media from + the original source we restart the learning process. It is + only once we receive a sufficient number of RTP packets from + the new source that we will switch to it. Once this is done + the closed state is entered where all packets that do not + originate from the expected source are dropped. + + The learning process has also been improved to take into + account the time between received packets so a flood of them + while in the learning state does not cause media to be switched. + + Finally RTCP now drops packets which are not for the learned + SSRC if strict RTP is enabled. + + ASTERISK-27013 + + Change-Id: I56a96e993700906355e79bc880ad9d4ad3ab129c + 2017-07-12 11:12 +0000 Asterisk Development Team * asterisk 13.17.0 Released. diff --git a/asterisk-13.17.0-summary.html b/asterisk-13.17.0-summary.html deleted file mode 100644 index 3b74101310..0000000000 --- a/asterisk-13.17.0-summary.html +++ /dev/null @@ -1,306 +0,0 @@ -Release Summary - asterisk-13.17.0

Release Summary

asterisk-13.17.0

Date: 2017-07-12

<asteriskteam@digium.com>

Table of Contents

    -
  1. Summary
    2. -
  2. Contributors
    3. -
  3. Closed Issues
    4. -
  4. Open Issues
    5. -
  5. Other Changes
    6. -
  6. Diffstat
    7. -

Summary

[Back to Top]

This release is a point release of an existing major version. The changes included were made to address problems that have been identified in this release series, or are minor, backwards compatible new features or improvements. Users should be able to safely upgrade to this version if this release series is already in use. Users considering upgrading from a previous version are strongly encouraged to review the UPGRADE.txt document as well as the CHANGES document for information about upgrading to this release series.

The data in this summary reflects changes that have been made since the previous release, asterisk-13.16.0.

Contributors

[Back to Top]

This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.

- - -
CodersTestersReporters
17 Sean Bright
12 George Joseph
10 Joshua Colp
9 Alexei Gradinari
5 Richard Mudgett
5 Kevin Harwell
2 Torrey Searle
2 Guido Falsi
2 Alexander Traud
1 Jan Friesse
1 Florian Floimair
1 Ivan Poddubny
1 Matthew Fredrickson
1 Yasin CANER
1 David M. Lee
1 Robert Mordec
1 Jørgen H
1 Rodrigo Ramirez Norambuena
1 Frederic LE FOLL
1 Corey Farrell
4 Alexei Gradinari
4 Joshua Colp
3 Kevin Harwell
3 Louis Jocelyn Paquet
3 Tzafrir Cohen
3 George Joseph
2 Guido Falsi
2 Alexander Traud
2 Michael Walton
2 Torrey Searle
1 Rusty Newton
1 Matthew Fredrickson
1 Jacek Konieczny
1 Tim Morgan
1 Etienne Allovon
1 alex
1 Kinsey Moore
1 John Harris
1 Javier Riveros
1 Sean Bright
1 Robert Mordec
1 Ross Beer
1 Chris Howard
1 mdu113
1 Andrew Nowrot
1 'alex'
1 Lorne Gaetz
1 Ben Langfeld
1 John Fawcett
1 Corey Farrell
1 Frankie Chin
1 Zach R
1 Matthias Binder
1 Christopher van de Sande
1 Stefan Engström
1 Antoine Pitrou
1 Alex
1 Etienne Lessard
1 Ryan Smith
1 Michael Maier
1 OpenBSD ports
1 Marek Cervenka
1 Ronald Raikes
1 Ove Aursand
1 Richard Mudgett
1 Frederic LE FOLL
1 wushumasters
1 Tony Mountifield
1 Jørgen H
1 Michel R. Vaillancourt
1 David Brillert
1 Yasin CANER

Closed Issues

[Back to Top]

This is a list of all issues from the issue tracker that were closed by changes that went into this release.

Bug

Category: Addons/format_mp3

ASTERISK-23951: Asterisk attempts and fails to build format_mp3 even if mp3lib was not downloaded
Reported by: Tzafrir Cohen
    -
  • [97b003f5e2] Sean Bright -- format_mp3: Re-work menuselect/build issues
    • -
  • [72213c98e3] Sean Bright -- format_mp3: Don't try to build format_mp3 if we don't have sources
    • -

Category: Applications/app_confbridge

ASTERISK-27012: app_confbridge: ConfBridge sometimes does not play user name recording while leaving
Reported by: Robert Mordec
    -
  • [f1b32de2c5] Robert Mordec -- app_confbridge: Race between removing and playing name recording while leaving
    • -

Category: Applications/app_meetme

ASTERISK-27025: channel / meetme: Fix missing parentheses
Reported by: Joshua Colp
    -
  • [dc05183f4b] Joshua Colp -- channel / app_meetme: Fix parentheses.
    • -

Category: Applications/app_queue

ASTERISK-25665: Duplicate logging in queue log for EXITEMPTY events
Reported by: Ove Aursand
    -
  • [2c43ca0ac5] Ivan Poddubny -- app_queue: Fix returning to dialplan when a queue is empty
    • -
ASTERISK-27065: call hangup after leaving app_queue
Reported by: Marek Cervenka
    -
  • [2c43ca0ac5] Ivan Poddubny -- app_queue: Fix returning to dialplan when a queue is empty
    • -
ASTERISK-26399: app_queue: Agent not called when caller is parked
Reported by: wushumasters
    -
  • [6bfcb1acc7] Joshua Colp -- app_queue: Fix members showing as being in call when not.
    • -
ASTERISK-26400: app_queue: Queue member stops being called after AMI "Redirect" action for queues with wrapuptime
Reported by: Etienne Lessard
    -
  • [6bfcb1acc7] Joshua Colp -- app_queue: Fix members showing as being in call when not.
    • -
ASTERISK-26715: app_queue: Member will not receive any new calls after doing a transfer if wrapuptime = greater than 0 and using Local channel
Reported by: David Brillert
    -
  • [6bfcb1acc7] Joshua Colp -- app_queue: Fix members showing as being in call when not.
    • -
ASTERISK-26975: app_queue: Non-zero wrapup time can cause agents not to receive queue calls after transfer queue call
Reported by: Lorne Gaetz
    -
  • [6bfcb1acc7] Joshua Colp -- app_queue: Fix members showing as being in call when not.
    • -

Category: Applications/app_voicemail/IMAP

ASTERISK-24052: app_voicemail reloads result in leaked IMAP sockets.
Reported by: Louis Jocelyn Paquet
    -
  • [8f356192d1] Alexei Gradinari -- app_voicemail: IMAP connection control
    • -
  • [3b6c327c51] Alexei Gradinari -- app_voicemail: IMAP logout on reload/unload
    • -
  • [08be5e01e8] Alexei Gradinari -- app_voicemail: IMAP logout on MWI unsubscribe
    • -

Category: Bridges/bridge_simple

ASTERISK-26973: bridge: Crash when freeing frame and snooping
Reported by: Michel R. Vaillancourt
    -
  • [adfb28882b] Kevin Harwell -- channel: ast_write frame wrongly freed after call to audiohooks
    • -

Category: Channels/chan_pjsip

ASTERISK-27039: chan_pjsip: Device state is idle when channel from endpoint is in early media
Reported by: Joshua Colp
    -
  • [1f10c6b3b0] Joshua Colp -- chan_pjsip: Update device state when in early media.
    • -
ASTERISK-26996: chan_pjsip: Flipping between codecs
Reported by: Michael Maier
    -
  • [996a4791ff] Joshua Colp -- pjsip: Extend 'asymmetric_rtp_codec' option to include us changing.
    • -
ASTERISK-26281: chan_pjsip would send INVITE to 'Unreachable' endpoints
Reported by: Jacek Konieczny
    -
  • [746c2c5745] Joshua Colp -- res_pjsip: Add support for returning only reachable contacts and use it.
    • -

Category: Channels/chan_sip/General

ASTERISK-27106: [patch] autodomain (SIP Domain Support): Add only really different domain with TLS.
Reported by: Alexander Traud
    -
  • [39d2ebbf56] Alexander Traud -- chan_sip: Only when different, add TCP|TLS in autodomain (SIP Domain Support).
    • -
  • [9f4b3b966e] Alexander Traud -- chan_sip: Fix a typo for tlsbindaddr in autodomain (SIP Domain Support).
    • -
ASTERISK-26982: chan_sip: rtcp_mux setting may cause ice completion failure/delay if client offers rtcp-mux as negotiable
Reported by: Stefan Engström
    -
  • [4479038073] Sean Bright -- chan_sip: Better ICE handling for RTCP-MUX
    • -

Category: Channels/chan_sip/SRTP

ASTERISK-25101: DTLS configuration can not be specified in the general section - documentation
Reported by: Ben Langfeld
    -
  • [971a401ce9] Sean Bright -- sip.conf.sample: Clarify where DTLS settings are permitted
    • -

Category: Codecs/General

ASTERISK-24858: [patch]Asterisk 13 PJSIP sends RTP packets in wrong byte order on Intel platform when using slin codec
Reported by: Frankie Chin
    -
  • [70e5887906] Sean Bright -- format: Reintroduce smoother flags
    • -

Category: Core/Bridging

ASTERISK-27075: bridge: stuck channel(s) after failed attended transfer
Reported by: Kevin Harwell
    -
  • [67664fbf95] Kevin Harwell -- bridge: stuck channel(s) after failed attended transfer
    • -
ASTERISK-26923: bridging: T.38 request is lost when channels are added to bridge
Reported by: Torrey Searle
    -
  • [e414833f6e] Joshua Colp -- bridge: Add a deferred queue.
    • -

Category: Core/Channels

ASTERISK-27100: channel: ast_waitfordigit_full fails to clear flag in an error branch.
Reported by: Corey Farrell
    -
  • [73520e9f58] Corey Farrell -- channel: Clear channel flag in error branch.
    • -
ASTERISK-27074: core_local: local channel data not being properly unref'ed and unlocked
Reported by: Kevin Harwell
    -
  • [1f9913f272] Kevin Harwell -- core_local: local channel data not being properly unref'ed and unlocked
    • -
ASTERISK-26923: bridging: T.38 request is lost when channels are added to bridge
Reported by: Torrey Searle
    -
  • [e414833f6e] Joshua Colp -- bridge: Add a deferred queue.
    • -
ASTERISK-27025: channel / meetme: Fix missing parentheses
Reported by: Joshua Colp
    -
  • [dc05183f4b] Joshua Colp -- channel / app_meetme: Fix parentheses.
    • -

Category: Core/General

ASTERISK-26789: Audit manipulation of channel flags without locks
Reported by: Joshua Colp
    -
  • [1618203964] Joshua Colp -- asterisk: Audit locking of channel when manipulating flags.
    • -

Category: Core/PBX

ASTERISK-27041: Core/PBX: [patch] Deadlock between dialplan execution and application unregistration
Reported by: Frederic LE FOLL
    -
  • [dc307af7f2] Frederic LE FOLL -- Core/PBX: Deadlock between dialplan execution and application unregistration.
    • -

Category: Core/RTP

ASTERISK-26978: rtp: Crash in ast_rtp_codecs_payload_code()
Reported by: Ross Beer
    -
  • [eb48e99bd4] George Joseph -- bridge_native_rtp: Keep rtp instance refs on bridge_channel
    • -
ASTERISK-24858: [patch]Asterisk 13 PJSIP sends RTP packets in wrong byte order on Intel platform when using slin codec
Reported by: Frankie Chin
    -
  • [70e5887906] Sean Bright -- format: Reintroduce smoother flags
    • -

Category: Core/Sorcery

ASTERISK-27057: Seg Fault in ast_sorcery_object_get_id at sorcery.c
Reported by: Ryan Smith
    -
  • [c2eea791e4] George Joseph -- res_pjsip_pubsub: Fix reference to released endpoint
    • -

Category: Documentation

ASTERISK-23839: AGI - RECORD FILE - documentation doesn't describe BEEP argument
Reported by: Rusty Newton
    -
  • [3eb7fbba72] Sean Bright -- res_agi: Clarify 'RECORD FILE' documentation
    • -

Category: General

ASTERISK-27108: Crash using 'data get' CLI command
Reported by: Sean Bright
    -
  • [6258de458b] Sean Bright -- core: Fix segfault when invoking 'data get' CLI command
    • -
ASTERISK-27060: Comment typo format_g729.c
Reported by: Matthew Fredrickson
    -
  • [0a40073750] Matthew Fredrickson -- formats/format_g729: Fix typo in comment
    • -

Category: PBX/pbx_realtime

ASTERISK-19291: Background in realtime
Reported by: Andrew Nowrot
    -
  • [283cc59af7] Sean Bright -- pbx_builtin: Properly handle hangup during Background
    • -

Category: Resources/res_agi

ASTERISK-23839: AGI - RECORD FILE - documentation doesn't describe BEEP argument
Reported by: Rusty Newton
    -
  • [3eb7fbba72] Sean Bright -- res_agi: Clarify 'RECORD FILE' documentation
    • -
ASTERISK-22432: Async AGI crashes Asterisk when issuing "set variable" command without args
Reported by: Antoine Pitrou
    -
  • [f306e451f6] Sean Bright -- res_agi: Prevent crash when SET VARIABLE called without arguments
    • -
ASTERISK-25662: Malformed AGI 520 Usage response
Reported by: Tony Mountifield
    -
  • [a007e438c3] Sean Bright -- res_agi: Fix malformed AGI usage response
    • -

Category: Resources/res_ari

ASTERISK-27026: res_ari: Crash when no ari.conf configuration file exists
Reported by: Ronald Raikes
    -
  • [7901b9853e] George Joseph -- res_ari: Add "module loaded" check to ari stubs
    • -

Category: Resources/res_ari_recordings

ASTERISK-27021: GET /recordings/stored returns 500 Internal Server Error
Reported by: Tim Morgan
    -
  • [cf6cf59646] Sean Bright -- stasis_recording: Correct ast_asprintf error checking
    • -

Category: Resources/res_format_attr_h264

ASTERISK-27008: res_format_attr_h264: SDP parse fails if fmtp optional parameters have a space
Reported by: John Harris
    -
  • [700ef6861a] Sean Bright -- res_format_attr_h26x: Trim blanks in fmtp attributes
    • -

Category: Resources/res_parking

ASTERISK-26399: app_queue: Agent not called when caller is parked
Reported by: wushumasters
    -
  • [6bfcb1acc7] Joshua Colp -- app_queue: Fix members showing as being in call when not.
    • -

Category: Resources/res_pjsip

ASTERISK-27090: PJSIP: Deadlock using TCP transport
Reported by: Richard Mudgett
    -
  • [0d64cbde57] Richard Mudgett -- pjsip_distributor.c: Fix deadlock with TCP type transports.
    • -

Category: Resources/res_pjsip/Bundling

ASTERISK-27052: Asterisk build process fails with flag --with-pjproject-bundled with curl download command and slow network
Reported by: alex
    -
  • [0bde568669] George Joseph -- pjproject_bundled: Use the asterisk github mirror for download
    • -

Category: Resources/res_pjsip_refer

ASTERISK-27053: res_pjsip_refer/session: Calls dropped during transfer
Reported by: Kevin Harwell
    -
  • [6cdf3191d3] Kevin Harwell -- res_pjsip_refer/session: Calls dropped during transfer
    • -

Category: Resources/res_pjsip_session

ASTERISK-27024: nat/external_media settings ignored in 14.4.1
Reported by: Christopher van de Sande
    -
  • [2dee95cc7a] Florian Floimair -- res_pjsip_session: Correct inverted test in session_outgoing_nat_hook
    • -
ASTERISK-27053: res_pjsip_refer/session: Calls dropped during transfer
Reported by: Kevin Harwell
    -
  • [6cdf3191d3] Kevin Harwell -- res_pjsip_refer/session: Calls dropped during transfer
    • -
ASTERISK-26964: res_pjsip_session: Wrong From on reinvite when request and To URI differ
Reported by: Yasin CANER
    -
  • [36628cc9c4] Yasin CANER -- res_pjsip_session : fixed wrong From Header number On Re-invite
    • -

Category: Resources/res_pjsip_transport_websocket

ASTERISK-27046: res_pjsip_transport_websocket: segfault in get_write_timeout
Reported by: Jørgen H
    -
  • [e16a669c70] Jørgen H -- res_pjsip_transport_websocket: Add NULL check in get_write_timeout
    • -

Category: Resources/res_rtp_asterisk

ASTERISK-27022: res_rtp_asterisk: Incorrect SSRC change for RTCP component
Reported by: Michael Walton
    -
  • [7dafe82751] George Joseph -- res_rtp_asterisk: Fix ssrc change for rtcp srtp
    • -
ASTERISK-24858: [patch]Asterisk 13 PJSIP sends RTP packets in wrong byte order on Intel platform when using slin codec
Reported by: Frankie Chin
    -
  • [70e5887906] Sean Bright -- format: Reintroduce smoother flags
    • -
ASTERISK-25101: DTLS configuration can not be specified in the general section - documentation
Reported by: Ben Langfeld
    -
  • [971a401ce9] Sean Bright -- sip.conf.sample: Clarify where DTLS settings are permitted
    • -
ASTERISK-26979: res_rtp_asterisk: SRTP unprotect failed with authentication failure 10 or 110
Reported by: Javier Riveros
    -
  • [e91efef2bb] Kevin Harwell -- res_rtp_asterisk: rtcp mux using the wrong srtp unprotecting algorithm
    • -
ASTERISK-26982: chan_sip: rtcp_mux setting may cause ice completion failure/delay if client offers rtcp-mux as negotiable
Reported by: Stefan Engström
    -
  • [4479038073] Sean Bright -- chan_sip: Better ICE handling for RTCP-MUX
    • -

Category: Resources/res_srtp

ASTERISK-25294: srtp's crypto_get_random deprecated
Reported by: Tzafrir Cohen
    -
  • [5e9cd1f20d] Sean Bright -- res_srtp: Add support for libsrtp2
    • -
ASTERISK-25101: DTLS configuration can not be specified in the general section - documentation
Reported by: Ben Langfeld
    -
  • [971a401ce9] Sean Bright -- sip.conf.sample: Clarify where DTLS settings are permitted
    • -
ASTERISK-26979: res_rtp_asterisk: SRTP unprotect failed with authentication failure 10 or 110
Reported by: Javier Riveros
    -
  • [e91efef2bb] Kevin Harwell -- res_rtp_asterisk: rtcp mux using the wrong srtp unprotecting algorithm
    • -

Category: Resources/res_stasis_snoop

ASTERISK-26973: bridge: Crash when freeing frame and snooping
Reported by: Michel R. Vaillancourt
    -
  • [adfb28882b] Kevin Harwell -- channel: ast_write frame wrongly freed after call to audiohooks
    • -

Category: pjproject/pjsip

ASTERISK-26333: Problems with Blind Transfer, PJSIP (Aastra 6869i)
Reported by: Matthias Binder
    -
  • [6af2dd34af] Alexei Gradinari -- res_pjsip: New endpoint option "refer_blind_progress"
    • -

Improvement

Category: Core/BuildSystem

ASTERISK-27043: Core/BuildSystem: Add defines to fix build with LibreSSL
Reported by: Guido Falsi
    -
  • [6a64f65fe6] Guido Falsi -- BuildSystem: Add patches to allow building with recent LibreSSL
    • -

Category: Core/Channels

ASTERISK-26419: audiohooks: Remove redundant codec translations when using audiohooks
Reported by: Michael Walton
    -
  • [adfb28882b] Kevin Harwell -- channel: ast_write frame wrongly freed after call to audiohooks
    • -

Category: Core/General

ASTERISK-26419: audiohooks: Remove redundant codec translations when using audiohooks
Reported by: Michael Walton
    -
  • [adfb28882b] Kevin Harwell -- channel: ast_write frame wrongly freed after call to audiohooks
    • -

Category: Core/Portability

ASTERISK-27042: Unpatched asterisk sources fail to build on FreeBSD due to missing crypt.h file
Reported by: Guido Falsi
    -
  • [44cee2f4a1] Guido Falsi -- BuildSystem: Fix build on FreeBSD due to missing crypt.h
    • -

Category: Resources/res_agi

ASTERISK-26124: res_agi: Set audio format for EAGI audio stream
Reported by: John Fawcett
    -
  • [90237dca11] Sean Bright -- res_agi: Allow configuration of audio format of EAGI pipe
    • -

Category: Resources/res_pjsip_mwi

ASTERISK-26230: [patch] res_pjsip_mwi: unsolicited mwi could block PJSIP taskprocessor on startup
Reported by: Alexei Gradinari
    -
  • [0f6a9617eb] Alexei Gradinari -- res_pjsip_mwi: update unsolicited MWI subscriptions on updating contact
    • -
  • [59c9bbe696] Alexei Gradinari -- res_pjsip_mwi: don't create mwi subscriptions if initial unsolicited disabled
    • -

Category: Resources/res_rtp_asterisk

ASTERISK-26976: libsrtp-2.x.x support
Reported by: Alex
    -
  • [5e9cd1f20d] Sean Bright -- res_srtp: Add support for libsrtp2
    • -

Open Issues

[Back to Top]

This is a list of all open issues from the issue tracker that were referenced by changes that went into this release.

Bug

Category: Bridges/bridge_simple

ASTERISK-26469: Infinite loop after a dual Redirect
Reported by: Etienne Allovon
    -
  • [b07b216235] Joshua Colp -- manager: Clear the flag on the other channel.
    • -

Category: Channels/chan_pjsip

ASTERISK-27095: chan_pjsip: When connected_line_method is set to invite, we're not trying UPDATE
Reported by: George Joseph
    -
  • [6bd7c0f37c] George Joseph -- chan_pjsip: Fix ability to send UPDATE on COLP
    • -

Category: Core/Bridging

ASTERISK-27016: Crash occurs when a channel in a 'mixing,dtmf_events' bridge is muted multiple times.
Reported by: Chris Howard
    -
  • [4910a3bf40] Joshua Colp -- channel: Fix reference counting in ast_channel_suppress.
    • -

Category: General

ASTERISK-27088: res_rtp_asterisk: Better handle ICE renegotiation and unidirectional negotiation
Reported by: Joshua Colp
    -
  • [0426b1d88a] Joshua Colp -- res_rtp_asterisk: Fix issues with ICE renegotiation.
    • -

Category: Resources/res_corosync

ASTERISK-25370: res_corosync segfaults at startup with corosync version > 2.x
Reported by: mdu113
    -
  • [005a4afa6b] Jan Friesse -- res_corosync: Change thread stack size
    • -

Category: Resources/res_pjsip_dialog_info_body_generator

ASTERISK-26919: res_pjsip_dialog_info_body_generator: Ringing&&InUse behavior difference between chan_sip and res_pjsip
Reported by: Zach R
    -
  • [a6e4899612] Alexei Gradinari -- res_pjsip: New endpoint option "notify_early_inuse_ringing"
    • -

Category: Resources/res_pjsip_mwi

ASTERISK-27051: res_pjsip_mwi: unsolicited MWI has to be unsubscribed on deleting the endpoint's last contact
Reported by: Alexei Gradinari
    -
  • [8e749c8f51] Alexei Gradinari -- res_pjsip_mwi: unsubscribe unsolicited MWI on deleting endpoint last contact
    • -

Category: Resources/res_stasis

ASTERISK-27059: res_stasis: Stolen channel references are leaking
Reported by: George Joseph
    -
  • [edfdb4dff5] George Joseph -- res_stasis: Plug reference leak on stolen channels
    • -

Category: Third-Party/pjproject

ASTERISK-27097: pjproject_bundled: We don't pass options needed for cross-compile to pjproject configure
Reported by: George Joseph
    -
  • [bbe68f139d] George Joseph -- pjproject_bundled: Allow passing configure options to bundled
    • -

Improvement

Category: Applications/app_voicemail/IMAP

ASTERISK-27068: app_voicemail: Add global option "imap_poll_logout" to specify post-polling disconnect
Reported by: Alexei Gradinari
    -
  • [8f356192d1] Alexei Gradinari -- app_voicemail: IMAP connection control
    • -

Category: Channels/chan_pjsip

ASTERISK-27066: res_pjsip: Add DTMF INFO Failback mode
Reported by: Torrey Searle
    -
  • [9fbc34d2bd] Torrey Searle -- res_pjsip: Add DTMF INFO Failback mode
    • -

Category: Resources/res_pjsip

ASTERISK-27066: res_pjsip: Add DTMF INFO Failback mode
Reported by: Torrey Searle
    -
  • [9fbc34d2bd] Torrey Searle -- res_pjsip: Add DTMF INFO Failback mode
    • -

Commits Not Associated with an Issue

[Back to Top]

This is a list of all changes that went into this release that did not reference a JIRA issue.

- - - - - - - - - - - - - - - - -
RevisionAuthorSummary
0c00ee754bGeorge JosephUpdate for 13.17.0-rc1
379fe65831George JosephFix alembic branches
905d18e8bfRichard Mudgettpjsip_distributor.c: Fix unidentified_requests hash functions.
1f59d08924Torrey Searleres/res_pjsip_t38: fix incorrect increment of media_count
764d04fa87Richard Mudgettres_pjsip_mwi.c: Eliminate RAII_VAR in contact delete observer
cecf6540dcRodrigo Ramírez Norambuenacdr: fix mistake spelling of a word for Unanswered.
b9a4ab8c8cRichard Mudgettchan_pjsip: Fix PJSIP_MEDIA_OFFER dialplan function read.
f1a209d5acRichard Mudgettapp_voicemail.c: Fix compile error when IMAP enabled.
68de35a6a0David M. LeeCFLAGS for BIND8 support
da3312457eSean Brightcodecs.conf.sample: Fix max_bandwidth speling error
590ffcaf0bSean Brighteventfd: Disable during cross compilation
5520b6c201Alexei GradinariCHANGES: correct version for a new option 'refer_blind_progress'
c093bf8072Sean Brightres_rtp_multicast: Use consistent timestamps when possible
c10341646dGeorge Josephtest_json: Fix test names with reserved words
65898c3af8George Josephunittests: Add a unit test that causes a SEGV and...

Diffstat Results

[Back to Top]

This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.

asterisk-13.16.0-summary.html                                                                   |  405 ---
-asterisk-13.16.0-summary.txt                                                                    |  952 ---------
-b/.version                                                                                      |    2
-b/CHANGES                                                                                       |   54
-b/ChangeLog                                                                                     | 1045 +++++++++-
-b/Makefile                                                                                      |    3
-b/addons/Makefile                                                                               |   10
-b/apps/app_chanspy.c                                                                            |   16
-b/apps/app_confbridge.c                                                                         |   79
-b/apps/app_dial.c                                                                               |    6
-b/apps/app_disa.c                                                                               |   10
-b/apps/app_dumpchan.c                                                                           |    4
-b/apps/app_externalivr.c                                                                        |    6
-b/apps/app_meetme.c                                                                             |    2
-b/apps/app_queue.c                                                                              |  109 -
-b/apps/app_voicemail.c                                                                          |   80
-b/asterisk-13.17.0-rc1-summary.html                                                             |  311 ++
-b/asterisk-13.17.0-rc1-summary.txt                                                              |  832 +++++++
-b/autoconf/ast_ext_lib.m4                                                                       |   36
-b/bridges/bridge_native_rtp.c                                                                   |  677 +++++-
-b/bridges/bridge_simple.c                                                                       |   32
-b/channels/chan_pjsip.c                                                                         |   68
-b/channels/chan_sip.c                                                                           |    8
-b/channels/pjsip/dialplan_functions.c                                                           |   37
-b/configs/samples/cdr.conf.sample                                                               |    2
-b/configs/samples/codecs.conf.sample                                                            |    6
-b/configs/samples/pjsip.conf.sample                                                             |   20
-b/configs/samples/sip.conf.sample                                                               |    3
-b/configs/samples/voicemail.conf.sample                                                         |    3
-b/configure                                                                                     |  434 +++-
-b/configure.ac                                                                                  |  100
-b/contrib/ast-db-manage/config/versions/164abbd708c_add_auto_info_to_endpoint_dtmf_mode.py      |   58
-b/contrib/ast-db-manage/config/versions/86bb1efa278d_add_ps_endpoints_refer_blind_progress.py   |   30
-b/contrib/ast-db-manage/config/versions/d7983954dd96_add_ps_endpoints_notify_early_inuse_.py    |   30
-b/contrib/realtime/mssql/mssql_config.sql                                                       |   46
-b/contrib/realtime/mysql/mysql_config.sql                                                       |   18
-b/contrib/realtime/oracle/oracle_config.sql                                                     |   46
-b/contrib/realtime/postgresql/postgresql_config.sql                                             |   22
-b/formats/format_g729.c                                                                         |    2
-b/include/asterisk/ari.h                                                                        |   10
-b/include/asterisk/autoconfig.h.in                                                              |    3
-b/include/asterisk/bridge_channel.h                                                             |    2
-b/include/asterisk/bridge_channel_internal.h                                                    |   11
-b/include/asterisk/bridge_technology.h                                                          |    3
-b/include/asterisk/channel.h                                                                    |   25
-b/include/asterisk/codec.h                                                                      |    3
-b/include/asterisk/core_local.h                                                                 |   37
-b/include/asterisk/format.h                                                                     |   11
-b/include/asterisk/res_pjsip.h                                                                  |   74
-b/include/asterisk/res_pjsip_presence_xml.h                                                     |    3
-b/include/asterisk/res_pjsip_session.h                                                          |   11
-b/include/asterisk/rtp_engine.h                                                                 |    9
-b/include/asterisk/smoother.h                                                                   |    1
-b/include/asterisk/test.h                                                                       |    8
-b/main/autoservice.c                                                                            |    2
-b/main/bridge.c                                                                                 |   10
-b/main/bridge_after.c                                                                           |    2
-b/main/bridge_channel.c                                                                         |   38
-b/main/channel.c                                                                                |   90
-b/main/codec_builtin.c                                                                          |   19
-b/main/core_local.c                                                                             |   54
-b/main/crypt.c                                                                                  |    2
-b/main/data.c                                                                                   |    4
-b/main/file.c                                                                                   |   20
-b/main/format.c                                                                                 |    8
-b/main/libasteriskssl.c                                                                         |    4
-b/main/manager.c                                                                                |    8
-b/main/pbx.c                                                                                    |    4
-b/main/pbx_app.c                                                                                |    7
-b/main/pbx_builtins.c                                                                           |    8
-b/main/tcptls.c                                                                                 |    4
-b/main/test.c                                                                                   |    4
-b/makeopts.in                                                                                   |    2
-b/res/res_agi.c                                                                                 |   73
-b/res/res_ari_applications.c                                                                    |    4
-b/res/res_ari_asterisk.c                                                                        |    4
-b/res/res_ari_bridges.c                                                                         |    4
-b/res/res_ari_channels.c                                                                        |    4
-b/res/res_ari_device_states.c                                                                   |    4
-b/res/res_ari_endpoints.c                                                                       |    4
-b/res/res_ari_events.c                                                                          |   33
-b/res/res_ari_mailboxes.c                                                                       |    4
-b/res/res_ari_playbacks.c                                                                       |    4
-b/res/res_ari_recordings.c                                                                      |    4
-b/res/res_ari_sounds.c                                                                          |    4
-b/res/res_corosync.c                                                                            |   29
-b/res/res_format_attr_h263.c                                                                    |    2
-b/res/res_format_attr_h264.c                                                                    |    2
-b/res/res_musiconhold.c                                                                         |    4
-b/res/res_pjsip.c                                                                               |   31
-b/res/res_pjsip/location.c                                                                      |   53
-b/res/res_pjsip/pjsip_configuration.c                                                           |    9
-b/res/res_pjsip/pjsip_distributor.c                                                             |  242 +-
-b/res/res_pjsip/presence_xml.c                                                                  |    9
-b/res/res_pjsip_dialog_info_body_generator.c                                                    |   10
-b/res/res_pjsip_mwi.c                                                                           |   87
-b/res/res_pjsip_pidf_body_generator.c                                                           |    2
-b/res/res_pjsip_pidf_eyebeam_body_supplement.c                                                  |    2
-b/res/res_pjsip_pubsub.c                                                                        |    8
-b/res/res_pjsip_refer.c                                                                         |   28
-b/res/res_pjsip_sdp_rtp.c                                                                       |   38
-b/res/res_pjsip_session.c                                                                       |   37
-b/res/res_pjsip_session.exports.in                                                              |    1
-b/res/res_pjsip_t38.c                                                                           |    2
-b/res/res_pjsip_transport_websocket.c                                                           |    4
-b/res/res_pjsip_xpidf_body_generator.c                                                          |    2
-b/res/res_rtp_asterisk.c                                                                        |   41
-b/res/res_rtp_multicast.c                                                                       |  139 +
-b/res/res_srtp.c                                                                                |   15
-b/res/res_stasis.c                                                                              |   20
-b/res/srtp/srtp_compat.h                                                                        |   29
-b/res/stasis_recording/stored.c                                                                 |    4
-b/rest-api-templates/res_ari_resource.c.mustache                                                |   35
-b/tests/test_bridging.c                                                                         |  292 ++
-b/tests/test_json.c                                                                             |   16
-b/tests/test_pbx.c                                                                              |   22
-b/third-party/configure.m4                                                                      |    5
-b/third-party/pjproject/Makefile                                                                |    2
-b/third-party/pjproject/Makefile.rules                                                          |    7
-b/third-party/pjproject/configure.m4                                                            |   24
-b/third-party/pjproject/patches/0070-Set-PJSIP_INV_SUPPORT_UPDATE-correctly-in-pjsip_inv_.patch |   16
-121 files changed, 5477 insertions(+), 2043 deletions(-)

\ No newline at end of file diff --git a/asterisk-13.17.0-summary.txt b/asterisk-13.17.0-summary.txt deleted file mode 100644 index f828bc4c2b..0000000000 --- a/asterisk-13.17.0-summary.txt +++ /dev/null @@ -1,814 +0,0 @@ - Release Summary - - asterisk-13.17.0 - - Date: 2017-07-12 - - - - ---------------------------------------------------------------------- - - Table of Contents - - 1. Summary - 2. Contributors - 3. Closed Issues - 4. Open Issues - 5. Other Changes - 6. Diffstat - - ---------------------------------------------------------------------- - - Summary - - [Back to Top] - - This release is a point release of an existing major version. The changes - included were made to address problems that have been identified in this - release series, or are minor, backwards compatible new features or - improvements. Users should be able to safely upgrade to this version if - this release series is already in use. Users considering upgrading from a - previous version are strongly encouraged to review the UPGRADE.txt - document as well as the CHANGES document for information about upgrading - to this release series. - - The data in this summary reflects changes that have been made since the - previous release, asterisk-13.16.0. - - ---------------------------------------------------------------------- - - Contributors - - [Back to Top] - - This table lists the people who have submitted code, those that have - tested patches, as well as those that reported issues on the issue tracker - that were resolved in this release. For coders, the number is how many of - their patches (of any size) were committed into this release. For testers, - the number is the number of times their name was listed as assisting with - testing a patch. Finally, for reporters, the number is the number of - issues that they reported that were affected by commits that went into - this release. - - Coders Testers Reporters - 17 Sean Bright 4 Alexei Gradinari - 12 George Joseph 4 Joshua Colp - 10 Joshua Colp 3 Kevin Harwell - 9 Alexei Gradinari 3 Louis Jocelyn Paquet - 5 Richard Mudgett 3 Tzafrir Cohen - 5 Kevin Harwell 3 George Joseph - 2 Torrey Searle 2 Guido Falsi - 2 Guido Falsi 2 Alexander Traud - 2 Alexander Traud 2 Michael Walton - 1 Jan Friesse 2 Torrey Searle - 1 Florian Floimair 1 Rusty Newton - 1 Ivan Poddubny 1 Matthew Fredrickson - 1 Matthew Fredrickson 1 Jacek Konieczny - 1 Yasin CANER 1 Tim Morgan - 1 David M. Lee 1 Etienne Allovon - 1 Robert Mordec 1 alex - 1 JA,rgen H 1 Kinsey Moore - 1 Rodrigo Ramirez Norambuena 1 John Harris - 1 Frederic LE FOLL 1 Javier Riveros - 1 Corey Farrell 1 Sean Bright - 1 Robert Mordec - 1 Ross Beer - 1 Chris Howard - 1 mdu113 - 1 Andrew Nowrot - 1 'alex' - 1 Lorne Gaetz - 1 Ben Langfeld - 1 John Fawcett - 1 Corey Farrell - 1 Frankie Chin - 1 Zach R - 1 Matthias Binder - 1 Christopher van de Sande - 1 Stefan EngstrAP:m - 1 Antoine Pitrou - 1 Alex - 1 Etienne Lessard - 1 Ryan Smith - 1 Michael Maier - 1 OpenBSD ports - 1 Marek Cervenka - 1 Ronald Raikes - 1 Ove Aursand - 1 Richard Mudgett - 1 Frederic LE FOLL - 1 wushumasters - 1 Tony Mountifield - 1 JA,rgen H - 1 Michel R. Vaillancourt - 1 David Brillert - 1 Yasin CANER - - ---------------------------------------------------------------------- - - Closed Issues - - [Back to Top] - - This is a list of all issues from the issue tracker that were closed by - changes that went into this release. - - Bug - - Category: Addons/format_mp3 - - ASTERISK-23951: Asterisk attempts and fails to build format_mp3 even if - mp3lib was not downloaded - Reported by: Tzafrir Cohen - * [97b003f5e2] Sean Bright -- format_mp3: Re-work menuselect/build - issues - * [72213c98e3] Sean Bright -- format_mp3: Don't try to build format_mp3 - if we don't have sources - - Category: Applications/app_confbridge - - ASTERISK-27012: app_confbridge: ConfBridge sometimes does not play user - name recording while leaving - Reported by: Robert Mordec - * [f1b32de2c5] Robert Mordec -- app_confbridge: Race between removing - and playing name recording while leaving - - Category: Applications/app_meetme - - ASTERISK-27025: channel / meetme: Fix missing parentheses - Reported by: Joshua Colp - * [dc05183f4b] Joshua Colp -- channel / app_meetme: Fix parentheses. - - Category: Applications/app_queue - - ASTERISK-25665: Duplicate logging in queue log for EXITEMPTY events - Reported by: Ove Aursand - * [2c43ca0ac5] Ivan Poddubny -- app_queue: Fix returning to dialplan - when a queue is empty - ASTERISK-27065: call hangup after leaving app_queue - Reported by: Marek Cervenka - * [2c43ca0ac5] Ivan Poddubny -- app_queue: Fix returning to dialplan - when a queue is empty - ASTERISK-26399: app_queue: Agent not called when caller is parked - Reported by: wushumasters - * [6bfcb1acc7] Joshua Colp -- app_queue: Fix members showing as being in - call when not. - ASTERISK-26400: app_queue: Queue member stops being called after AMI - "Redirect" action for queues with wrapuptime - Reported by: Etienne Lessard - * [6bfcb1acc7] Joshua Colp -- app_queue: Fix members showing as being in - call when not. - ASTERISK-26715: app_queue: Member will not receive any new calls after - doing a transfer if wrapuptime = greater than 0 and using Local channel - Reported by: David Brillert - * [6bfcb1acc7] Joshua Colp -- app_queue: Fix members showing as being in - call when not. - ASTERISK-26975: app_queue: Non-zero wrapup time can cause agents not to - receive queue calls after transfer queue call - Reported by: Lorne Gaetz - * [6bfcb1acc7] Joshua Colp -- app_queue: Fix members showing as being in - call when not. - - Category: Applications/app_voicemail/IMAP - - ASTERISK-24052: app_voicemail reloads result in leaked IMAP sockets. - Reported by: Louis Jocelyn Paquet - * [8f356192d1] Alexei Gradinari -- app_voicemail: IMAP connection - control - * [3b6c327c51] Alexei Gradinari -- app_voicemail: IMAP logout on - reload/unload - * [08be5e01e8] Alexei Gradinari -- app_voicemail: IMAP logout on MWI - unsubscribe - - Category: Bridges/bridge_simple - - ASTERISK-26973: bridge: Crash when freeing frame and snooping - Reported by: Michel R. Vaillancourt - * [adfb28882b] Kevin Harwell -- channel: ast_write frame wrongly freed - after call to audiohooks - - Category: Channels/chan_pjsip - - ASTERISK-27039: chan_pjsip: Device state is idle when channel from - endpoint is in early media - Reported by: Joshua Colp - * [1f10c6b3b0] Joshua Colp -- chan_pjsip: Update device state when in - early media. - ASTERISK-26996: chan_pjsip: Flipping between codecs - Reported by: Michael Maier - * [996a4791ff] Joshua Colp -- pjsip: Extend 'asymmetric_rtp_codec' - option to include us changing. - ASTERISK-26281: chan_pjsip would send INVITE to 'Unreachable' endpoints - Reported by: Jacek Konieczny - * [746c2c5745] Joshua Colp -- res_pjsip: Add support for returning only - reachable contacts and use it. - - Category: Channels/chan_sip/General - - ASTERISK-27106: [patch] autodomain (SIP Domain Support): Add only really - different domain with TLS. - Reported by: Alexander Traud - * [39d2ebbf56] Alexander Traud -- chan_sip: Only when different, add - TCP|TLS in autodomain (SIP Domain Support). - * [9f4b3b966e] Alexander Traud -- chan_sip: Fix a typo for tlsbindaddr - in autodomain (SIP Domain Support). - ASTERISK-26982: chan_sip: rtcp_mux setting may cause ice completion - failure/delay if client offers rtcp-mux as negotiable - Reported by: Stefan EngstrAP:m - * [4479038073] Sean Bright -- chan_sip: Better ICE handling for RTCP-MUX - - Category: Channels/chan_sip/SRTP - - ASTERISK-25101: DTLS configuration can not be specified in the general - section - documentation - Reported by: Ben Langfeld - * [971a401ce9] Sean Bright -- sip.conf.sample: Clarify where DTLS - settings are permitted - - Category: Codecs/General - - ASTERISK-24858: [patch]Asterisk 13 PJSIP sends RTP packets in wrong byte - order on Intel platform when using slin codec - Reported by: Frankie Chin - * [70e5887906] Sean Bright -- format: Reintroduce smoother flags - - Category: Core/Bridging - - ASTERISK-27075: bridge: stuck channel(s) after failed attended transfer - Reported by: Kevin Harwell - * [67664fbf95] Kevin Harwell -- bridge: stuck channel(s) after failed - attended transfer - ASTERISK-26923: bridging: T.38 request is lost when channels are added to - bridge - Reported by: Torrey Searle - * [e414833f6e] Joshua Colp -- bridge: Add a deferred queue. - - Category: Core/Channels - - ASTERISK-27100: channel: ast_waitfordigit_full fails to clear flag in an - error branch. - Reported by: Corey Farrell - * [73520e9f58] Corey Farrell -- channel: Clear channel flag in error - branch. - ASTERISK-27074: core_local: local channel data not being properly unref'ed - and unlocked - Reported by: Kevin Harwell - * [1f9913f272] Kevin Harwell -- core_local: local channel data not being - properly unref'ed and unlocked - ASTERISK-26923: bridging: T.38 request is lost when channels are added to - bridge - Reported by: Torrey Searle - * [e414833f6e] Joshua Colp -- bridge: Add a deferred queue. - ASTERISK-27025: channel / meetme: Fix missing parentheses - Reported by: Joshua Colp - * [dc05183f4b] Joshua Colp -- channel / app_meetme: Fix parentheses. - - Category: Core/General - - ASTERISK-26789: Audit manipulation of channel flags without locks - Reported by: Joshua Colp - * [1618203964] Joshua Colp -- asterisk: Audit locking of channel when - manipulating flags. - - Category: Core/PBX - - ASTERISK-27041: Core/PBX: [patch] Deadlock between dialplan execution and - application unregistration - Reported by: Frederic LE FOLL - * [dc307af7f2] Frederic LE FOLL -- Core/PBX: Deadlock between dialplan - execution and application unregistration. - - Category: Core/RTP - - ASTERISK-26978: rtp: Crash in ast_rtp_codecs_payload_code() - Reported by: Ross Beer - * [eb48e99bd4] George Joseph -- bridge_native_rtp: Keep rtp instance - refs on bridge_channel - ASTERISK-24858: [patch]Asterisk 13 PJSIP sends RTP packets in wrong byte - order on Intel platform when using slin codec - Reported by: Frankie Chin - * [70e5887906] Sean Bright -- format: Reintroduce smoother flags - - Category: Core/Sorcery - - ASTERISK-27057: Seg Fault in ast_sorcery_object_get_id at sorcery.c - Reported by: Ryan Smith - * [c2eea791e4] George Joseph -- res_pjsip_pubsub: Fix reference to - released endpoint - - Category: Documentation - - ASTERISK-23839: AGI - RECORD FILE - documentation doesn't describe BEEP - argument - Reported by: Rusty Newton - * [3eb7fbba72] Sean Bright -- res_agi: Clarify 'RECORD FILE' - documentation - - Category: General - - ASTERISK-27108: Crash using 'data get' CLI command - Reported by: Sean Bright - * [6258de458b] Sean Bright -- core: Fix segfault when invoking 'data - get' CLI command - ASTERISK-27060: Comment typo format_g729.c - Reported by: Matthew Fredrickson - * [0a40073750] Matthew Fredrickson -- formats/format_g729: Fix typo in - comment - - Category: PBX/pbx_realtime - - ASTERISK-19291: Background in realtime - Reported by: Andrew Nowrot - * [283cc59af7] Sean Bright -- pbx_builtin: Properly handle hangup during - Background - - Category: Resources/res_agi - - ASTERISK-23839: AGI - RECORD FILE - documentation doesn't describe BEEP - argument - Reported by: Rusty Newton - * [3eb7fbba72] Sean Bright -- res_agi: Clarify 'RECORD FILE' - documentation - ASTERISK-22432: Async AGI crashes Asterisk when issuing "set variable" - command without args - Reported by: Antoine Pitrou - * [f306e451f6] Sean Bright -- res_agi: Prevent crash when SET VARIABLE - called without arguments - ASTERISK-25662: Malformed AGI 520 Usage response - Reported by: Tony Mountifield - * [a007e438c3] Sean Bright -- res_agi: Fix malformed AGI usage response - - Category: Resources/res_ari - - ASTERISK-27026: res_ari: Crash when no ari.conf configuration file exists - Reported by: Ronald Raikes - * [7901b9853e] George Joseph -- res_ari: Add "module loaded" check to - ari stubs - - Category: Resources/res_ari_recordings - - ASTERISK-27021: GET /recordings/stored returns 500 Internal Server Error - Reported by: Tim Morgan - * [cf6cf59646] Sean Bright -- stasis_recording: Correct ast_asprintf - error checking - - Category: Resources/res_format_attr_h264 - - ASTERISK-27008: res_format_attr_h264: SDP parse fails if fmtp optional - parameters have a space - Reported by: John Harris - * [700ef6861a] Sean Bright -- res_format_attr_h26x: Trim blanks in fmtp - attributes - - Category: Resources/res_parking - - ASTERISK-26399: app_queue: Agent not called when caller is parked - Reported by: wushumasters - * [6bfcb1acc7] Joshua Colp -- app_queue: Fix members showing as being in - call when not. - - Category: Resources/res_pjsip - - ASTERISK-27090: PJSIP: Deadlock using TCP transport - Reported by: Richard Mudgett - * [0d64cbde57] Richard Mudgett -- pjsip_distributor.c: Fix deadlock with - TCP type transports. - - Category: Resources/res_pjsip/Bundling - - ASTERISK-27052: Asterisk build process fails with flag - --with-pjproject-bundled with curl download command and slow network - Reported by: alex - * [0bde568669] George Joseph -- pjproject_bundled: Use the asterisk - github mirror for download - - Category: Resources/res_pjsip_refer - - ASTERISK-27053: res_pjsip_refer/session: Calls dropped during transfer - Reported by: Kevin Harwell - * [6cdf3191d3] Kevin Harwell -- res_pjsip_refer/session: Calls dropped - during transfer - - Category: Resources/res_pjsip_session - - ASTERISK-27024: nat/external_media settings ignored in 14.4.1 - Reported by: Christopher van de Sande - * [2dee95cc7a] Florian Floimair -- res_pjsip_session: Correct inverted - test in session_outgoing_nat_hook - ASTERISK-27053: res_pjsip_refer/session: Calls dropped during transfer - Reported by: Kevin Harwell - * [6cdf3191d3] Kevin Harwell -- res_pjsip_refer/session: Calls dropped - during transfer - ASTERISK-26964: res_pjsip_session: Wrong From on reinvite when request and - To URI differ - Reported by: Yasin CANER - * [36628cc9c4] Yasin CANER -- res_pjsip_session : fixed wrong From - Header number On Re-invite - - Category: Resources/res_pjsip_transport_websocket - - ASTERISK-27046: res_pjsip_transport_websocket: segfault in - get_write_timeout - Reported by: JA,rgen H - * [e16a669c70] JA,rgen H -- res_pjsip_transport_websocket: Add NULL - check in get_write_timeout - - Category: Resources/res_rtp_asterisk - - ASTERISK-27022: res_rtp_asterisk: Incorrect SSRC change for RTCP component - Reported by: Michael Walton - * [7dafe82751] George Joseph -- res_rtp_asterisk: Fix ssrc change for - rtcp srtp - ASTERISK-24858: [patch]Asterisk 13 PJSIP sends RTP packets in wrong byte - order on Intel platform when using slin codec - Reported by: Frankie Chin - * [70e5887906] Sean Bright -- format: Reintroduce smoother flags - ASTERISK-25101: DTLS configuration can not be specified in the general - section - documentation - Reported by: Ben Langfeld - * [971a401ce9] Sean Bright -- sip.conf.sample: Clarify where DTLS - settings are permitted - ASTERISK-26979: res_rtp_asterisk: SRTP unprotect failed with - authentication failure 10 or 110 - Reported by: Javier Riveros - * [e91efef2bb] Kevin Harwell -- res_rtp_asterisk: rtcp mux using the - wrong srtp unprotecting algorithm - ASTERISK-26982: chan_sip: rtcp_mux setting may cause ice completion - failure/delay if client offers rtcp-mux as negotiable - Reported by: Stefan EngstrAP:m - * [4479038073] Sean Bright -- chan_sip: Better ICE handling for RTCP-MUX - - Category: Resources/res_srtp - - ASTERISK-25294: srtp's crypto_get_random deprecated - Reported by: Tzafrir Cohen - * [5e9cd1f20d] Sean Bright -- res_srtp: Add support for libsrtp2 - ASTERISK-25101: DTLS configuration can not be specified in the general - section - documentation - Reported by: Ben Langfeld - * [971a401ce9] Sean Bright -- sip.conf.sample: Clarify where DTLS - settings are permitted - ASTERISK-26979: res_rtp_asterisk: SRTP unprotect failed with - authentication failure 10 or 110 - Reported by: Javier Riveros - * [e91efef2bb] Kevin Harwell -- res_rtp_asterisk: rtcp mux using the - wrong srtp unprotecting algorithm - - Category: Resources/res_stasis_snoop - - ASTERISK-26973: bridge: Crash when freeing frame and snooping - Reported by: Michel R. Vaillancourt - * [adfb28882b] Kevin Harwell -- channel: ast_write frame wrongly freed - after call to audiohooks - - Category: pjproject/pjsip - - ASTERISK-26333: Problems with Blind Transfer, PJSIP (Aastra 6869i) - Reported by: Matthias Binder - * [6af2dd34af] Alexei Gradinari -- res_pjsip: New endpoint option - "refer_blind_progress" - - Improvement - - Category: Core/BuildSystem - - ASTERISK-27043: Core/BuildSystem: Add defines to fix build with LibreSSL - Reported by: Guido Falsi - * [6a64f65fe6] Guido Falsi -- BuildSystem: Add patches to allow building - with recent LibreSSL - - Category: Core/Channels - - ASTERISK-26419: audiohooks: Remove redundant codec translations when using - audiohooks - Reported by: Michael Walton - * [adfb28882b] Kevin Harwell -- channel: ast_write frame wrongly freed - after call to audiohooks - - Category: Core/General - - ASTERISK-26419: audiohooks: Remove redundant codec translations when using - audiohooks - Reported by: Michael Walton - * [adfb28882b] Kevin Harwell -- channel: ast_write frame wrongly freed - after call to audiohooks - - Category: Core/Portability - - ASTERISK-27042: Unpatched asterisk sources fail to build on FreeBSD due to - missing crypt.h file - Reported by: Guido Falsi - * [44cee2f4a1] Guido Falsi -- BuildSystem: Fix build on FreeBSD due to - missing crypt.h - - Category: Resources/res_agi - - ASTERISK-26124: res_agi: Set audio format for EAGI audio stream - Reported by: John Fawcett - * [90237dca11] Sean Bright -- res_agi: Allow configuration of audio - format of EAGI pipe - - Category: Resources/res_pjsip_mwi - - ASTERISK-26230: [patch] res_pjsip_mwi: unsolicited mwi could block PJSIP - taskprocessor on startup - Reported by: Alexei Gradinari - * [0f6a9617eb] Alexei Gradinari -- res_pjsip_mwi: update unsolicited MWI - subscriptions on updating contact - * [59c9bbe696] Alexei Gradinari -- res_pjsip_mwi: don't create mwi - subscriptions if initial unsolicited disabled - - Category: Resources/res_rtp_asterisk - - ASTERISK-26976: libsrtp-2.x.x support - Reported by: Alex - * [5e9cd1f20d] Sean Bright -- res_srtp: Add support for libsrtp2 - - ---------------------------------------------------------------------- - - Open Issues - - [Back to Top] - - This is a list of all open issues from the issue tracker that were - referenced by changes that went into this release. - - Bug - - Category: Bridges/bridge_simple - - ASTERISK-26469: Infinite loop after a dual Redirect - Reported by: Etienne Allovon - * [b07b216235] Joshua Colp -- manager: Clear the flag on the other - channel. - - Category: Channels/chan_pjsip - - ASTERISK-27095: chan_pjsip: When connected_line_method is set to invite, - we're not trying UPDATE - Reported by: George Joseph - * [6bd7c0f37c] George Joseph -- chan_pjsip: Fix ability to send UPDATE - on COLP - - Category: Core/Bridging - - ASTERISK-27016: Crash occurs when a channel in a 'mixing,dtmf_events' - bridge is muted multiple times. - Reported by: Chris Howard - * [4910a3bf40] Joshua Colp -- channel: Fix reference counting in - ast_channel_suppress. - - Category: General - - ASTERISK-27088: res_rtp_asterisk: Better handle ICE renegotiation and - unidirectional negotiation - Reported by: Joshua Colp - * [0426b1d88a] Joshua Colp -- res_rtp_asterisk: Fix issues with ICE - renegotiation. - - Category: Resources/res_corosync - - ASTERISK-25370: res_corosync segfaults at startup with corosync version > - 2.x - Reported by: mdu113 - * [005a4afa6b] Jan Friesse -- res_corosync: Change thread stack size - - Category: Resources/res_pjsip_dialog_info_body_generator - - ASTERISK-26919: res_pjsip_dialog_info_body_generator: Ringing&&InUse - behavior difference between chan_sip and res_pjsip - Reported by: Zach R - * [a6e4899612] Alexei Gradinari -- res_pjsip: New endpoint option - "notify_early_inuse_ringing" - - Category: Resources/res_pjsip_mwi - - ASTERISK-27051: res_pjsip_mwi: unsolicited MWI has to be unsubscribed on - deleting the endpoint's last contact - Reported by: Alexei Gradinari - * [8e749c8f51] Alexei Gradinari -- res_pjsip_mwi: unsubscribe - unsolicited MWI on deleting endpoint last contact - - Category: Resources/res_stasis - - ASTERISK-27059: res_stasis: Stolen channel references are leaking - Reported by: George Joseph - * [edfdb4dff5] George Joseph -- res_stasis: Plug reference leak on - stolen channels - - Category: Third-Party/pjproject - - ASTERISK-27097: pjproject_bundled: We don't pass options needed for - cross-compile to pjproject configure - Reported by: George Joseph - * [bbe68f139d] George Joseph -- pjproject_bundled: Allow passing - configure options to bundled - - Improvement - - Category: Applications/app_voicemail/IMAP - - ASTERISK-27068: app_voicemail: Add global option "imap_poll_logout" to - specify post-polling disconnect - Reported by: Alexei Gradinari - * [8f356192d1] Alexei Gradinari -- app_voicemail: IMAP connection - control - - Category: Channels/chan_pjsip - - ASTERISK-27066: res_pjsip: Add DTMF INFO Failback mode - Reported by: Torrey Searle - * [9fbc34d2bd] Torrey Searle -- res_pjsip: Add DTMF INFO Failback mode - - Category: Resources/res_pjsip - - ASTERISK-27066: res_pjsip: Add DTMF INFO Failback mode - Reported by: Torrey Searle - * [9fbc34d2bd] Torrey Searle -- res_pjsip: Add DTMF INFO Failback mode - - ---------------------------------------------------------------------- - - Commits Not Associated with an Issue - - [Back to Top] - - This is a list of all changes that went into this release that did not - reference a JIRA issue. - - +------------------------------------------------------------------------+ - | Revision | Author | Summary | - |------------+------------------+----------------------------------------| - | 0c00ee754b | George Joseph | Update for 13.17.0-rc1 | - |------------+------------------+----------------------------------------| - | 379fe65831 | George Joseph | Fix alembic branches | - |------------+------------------+----------------------------------------| - | 905d18e8bf | Richard Mudgett | pjsip_distributor.c: Fix | - | | | unidentified_requests hash functions. | - |------------+------------------+----------------------------------------| - | 1f59d08924 | Torrey Searle | res/res_pjsip_t38: fix incorrect | - | | | increment of media_count | - |------------+------------------+----------------------------------------| - | 764d04fa87 | Richard Mudgett | res_pjsip_mwi.c: Eliminate RAII_VAR in | - | | | contact delete observer | - |------------+------------------+----------------------------------------| - | cecf6540dc | Rodrigo RamArez | cdr: fix mistake spelling of a word | - | | Norambuena | for Unanswered. | - |------------+------------------+----------------------------------------| - | b9a4ab8c8c | Richard Mudgett | chan_pjsip: Fix PJSIP_MEDIA_OFFER | - | | | dialplan function read. | - |------------+------------------+----------------------------------------| - | f1a209d5ac | Richard Mudgett | app_voicemail.c: Fix compile error | - | | | when IMAP enabled. | - |------------+------------------+----------------------------------------| - | 68de35a6a0 | David M. Lee | CFLAGS for BIND8 support | - |------------+------------------+----------------------------------------| - | da3312457e | Sean Bright | codecs.conf.sample: Fix max_bandwidth | - | | | speling error | - |------------+------------------+----------------------------------------| - | 590ffcaf0b | Sean Bright | eventfd: Disable during cross | - | | | compilation | - |------------+------------------+----------------------------------------| - | 5520b6c201 | Alexei Gradinari | CHANGES: correct version for a new | - | | | option 'refer_blind_progress' | - |------------+------------------+----------------------------------------| - | c093bf8072 | Sean Bright | res_rtp_multicast: Use consistent | - | | | timestamps when possible | - |------------+------------------+----------------------------------------| - | c10341646d | George Joseph | test_json: Fix test names with | - | | | reserved words | - |------------+------------------+----------------------------------------| - | 65898c3af8 | George Joseph | unittests: Add a unit test that causes | - | | | a SEGV and... | - +------------------------------------------------------------------------+ - - ---------------------------------------------------------------------- - - Diffstat Results - - [Back to Top] - - This is a summary of the changes to the source code that went into this - release that was generated using the diffstat utility. - - asterisk-13.16.0-summary.html | 405 --- - asterisk-13.16.0-summary.txt | 952 --------- - b/.version | 2 - b/CHANGES | 54 - b/ChangeLog | 1045 +++++++++- - b/Makefile | 3 - b/addons/Makefile | 10 - b/apps/app_chanspy.c | 16 - b/apps/app_confbridge.c | 79 - b/apps/app_dial.c | 6 - b/apps/app_disa.c | 10 - b/apps/app_dumpchan.c | 4 - b/apps/app_externalivr.c | 6 - b/apps/app_meetme.c | 2 - b/apps/app_queue.c | 109 - - b/apps/app_voicemail.c | 80 - b/asterisk-13.17.0-rc1-summary.html | 311 ++ - b/asterisk-13.17.0-rc1-summary.txt | 832 +++++++ - b/autoconf/ast_ext_lib.m4 | 36 - b/bridges/bridge_native_rtp.c | 677 +++++- - b/bridges/bridge_simple.c | 32 - b/channels/chan_pjsip.c | 68 - b/channels/chan_sip.c | 8 - b/channels/pjsip/dialplan_functions.c | 37 - b/configs/samples/cdr.conf.sample | 2 - b/configs/samples/codecs.conf.sample | 6 - b/configs/samples/pjsip.conf.sample | 20 - b/configs/samples/sip.conf.sample | 3 - b/configs/samples/voicemail.conf.sample | 3 - b/configure | 434 +++- - b/configure.ac | 100 - b/contrib/ast-db-manage/config/versions/164abbd708c_add_auto_info_to_endpoint_dtmf_mode.py | 58 - b/contrib/ast-db-manage/config/versions/86bb1efa278d_add_ps_endpoints_refer_blind_progress.py | 30 - b/contrib/ast-db-manage/config/versions/d7983954dd96_add_ps_endpoints_notify_early_inuse_.py | 30 - b/contrib/realtime/mssql/mssql_config.sql | 46 - b/contrib/realtime/mysql/mysql_config.sql | 18 - b/contrib/realtime/oracle/oracle_config.sql | 46 - b/contrib/realtime/postgresql/postgresql_config.sql | 22 - b/formats/format_g729.c | 2 - b/include/asterisk/ari.h | 10 - b/include/asterisk/autoconfig.h.in | 3 - b/include/asterisk/bridge_channel.h | 2 - b/include/asterisk/bridge_channel_internal.h | 11 - b/include/asterisk/bridge_technology.h | 3 - b/include/asterisk/channel.h | 25 - b/include/asterisk/codec.h | 3 - b/include/asterisk/core_local.h | 37 - b/include/asterisk/format.h | 11 - b/include/asterisk/res_pjsip.h | 74 - b/include/asterisk/res_pjsip_presence_xml.h | 3 - b/include/asterisk/res_pjsip_session.h | 11 - b/include/asterisk/rtp_engine.h | 9 - b/include/asterisk/smoother.h | 1 - b/include/asterisk/test.h | 8 - b/main/autoservice.c | 2 - b/main/bridge.c | 10 - b/main/bridge_after.c | 2 - b/main/bridge_channel.c | 38 - b/main/channel.c | 90 - b/main/codec_builtin.c | 19 - b/main/core_local.c | 54 - b/main/crypt.c | 2 - b/main/data.c | 4 - b/main/file.c | 20 - b/main/format.c | 8 - b/main/libasteriskssl.c | 4 - b/main/manager.c | 8 - b/main/pbx.c | 4 - b/main/pbx_app.c | 7 - b/main/pbx_builtins.c | 8 - b/main/tcptls.c | 4 - b/main/test.c | 4 - b/makeopts.in | 2 - b/res/res_agi.c | 73 - b/res/res_ari_applications.c | 4 - b/res/res_ari_asterisk.c | 4 - b/res/res_ari_bridges.c | 4 - b/res/res_ari_channels.c | 4 - b/res/res_ari_device_states.c | 4 - b/res/res_ari_endpoints.c | 4 - b/res/res_ari_events.c | 33 - b/res/res_ari_mailboxes.c | 4 - b/res/res_ari_playbacks.c | 4 - b/res/res_ari_recordings.c | 4 - b/res/res_ari_sounds.c | 4 - b/res/res_corosync.c | 29 - b/res/res_format_attr_h263.c | 2 - b/res/res_format_attr_h264.c | 2 - b/res/res_musiconhold.c | 4 - b/res/res_pjsip.c | 31 - b/res/res_pjsip/location.c | 53 - b/res/res_pjsip/pjsip_configuration.c | 9 - b/res/res_pjsip/pjsip_distributor.c | 242 +- - b/res/res_pjsip/presence_xml.c | 9 - b/res/res_pjsip_dialog_info_body_generator.c | 10 - b/res/res_pjsip_mwi.c | 87 - b/res/res_pjsip_pidf_body_generator.c | 2 - b/res/res_pjsip_pidf_eyebeam_body_supplement.c | 2 - b/res/res_pjsip_pubsub.c | 8 - b/res/res_pjsip_refer.c | 28 - b/res/res_pjsip_sdp_rtp.c | 38 - b/res/res_pjsip_session.c | 37 - b/res/res_pjsip_session.exports.in | 1 - b/res/res_pjsip_t38.c | 2 - b/res/res_pjsip_transport_websocket.c | 4 - b/res/res_pjsip_xpidf_body_generator.c | 2 - b/res/res_rtp_asterisk.c | 41 - b/res/res_rtp_multicast.c | 139 + - b/res/res_srtp.c | 15 - b/res/res_stasis.c | 20 - b/res/srtp/srtp_compat.h | 29 - b/res/stasis_recording/stored.c | 4 - b/rest-api-templates/res_ari_resource.c.mustache | 35 - b/tests/test_bridging.c | 292 ++ - b/tests/test_json.c | 16 - b/tests/test_pbx.c | 22 - b/third-party/configure.m4 | 5 - b/third-party/pjproject/Makefile | 2 - b/third-party/pjproject/Makefile.rules | 7 - b/third-party/pjproject/configure.m4 | 24 - b/third-party/pjproject/patches/0070-Set-PJSIP_INV_SUPPORT_UPDATE-correctly-in-pjsip_inv_.patch | 16 - 121 files changed, 5477 insertions(+), 2043 deletions(-) diff --git a/asterisk-13.17.1-summary.html b/asterisk-13.17.1-summary.html new file mode 100644 index 0000000000..c0800c2f5e --- /dev/null +++ b/asterisk-13.17.1-summary.html @@ -0,0 +1,42 @@ +Release Summary - asterisk-13.17.1

Release Summary

asterisk-13.17.1

Date: 2017-08-31

<asteriskteam@digium.com>

Table of Contents

    +
  1. Summary
    2. +
  2. Contributors
    3. +
  3. Closed Issues
    4. +
  4. Diffstat
    5. +

Summary

[Back to Top]

This release has been made to address one or more security vulnerabilities that have been identified. A security advisory document has been published for each vulnerability that includes additional information. Users of versions of Asterisk that are affected are strongly encouraged to review the advisories and determine what action they should take to protect their systems from these issues.

Security Advisories:

The data in this summary reflects changes that have been made since the previous release, asterisk-13.17.0.

Contributors

[Back to Top]

This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.

+ + +
CodersTestersReporters
1 George Joseph
1 Corey Farrell
1 Joshua Colp
1 Ross Beer
1 Corey Farrell
1 Ross Beer
1 Joshua Colp

Closed Issues

[Back to Top]

This is a list of all issues from the issue tracker that were closed by changes that went into this release.

Bug

Category: Applications/app_minivm

ASTERISK-27103: core: ast_safe_system command injection possible.
Reported by: Corey Farrell
    +
  • [707892089d] Corey Farrell -- AST-2017-006: Fix app_minivm application MinivmNotify command injection
    • +

Category: Applications/app_mixmonitor

ASTERISK-27103: core: ast_safe_system command injection possible.
Reported by: Corey Farrell
    +
  • [707892089d] Corey Farrell -- AST-2017-006: Fix app_minivm application MinivmNotify command injection
    • +

Category: Applications/app_system

ASTERISK-27103: core: ast_safe_system command injection possible.
Reported by: Corey Farrell
    +
  • [707892089d] Corey Farrell -- AST-2017-006: Fix app_minivm application MinivmNotify command injection
    • +

Category: Applications/app_voicemail

ASTERISK-27103: core: ast_safe_system command injection possible.
Reported by: Corey Farrell
    +
  • [707892089d] Corey Farrell -- AST-2017-006: Fix app_minivm application MinivmNotify command injection
    • +

Category: Channels/chan_dahdi

ASTERISK-27103: core: ast_safe_system command injection possible.
Reported by: Corey Farrell
    +
  • [707892089d] Corey Farrell -- AST-2017-006: Fix app_minivm application MinivmNotify command injection
    • +

Category: Core/General

ASTERISK-27103: core: ast_safe_system command injection possible.
Reported by: Corey Farrell
    +
  • [707892089d] Corey Farrell -- AST-2017-006: Fix app_minivm application MinivmNotify command injection
    • +

Category: Functions/func_shell

ASTERISK-27103: core: ast_safe_system command injection possible.
Reported by: Corey Farrell
    +
  • [707892089d] Corey Farrell -- AST-2017-006: Fix app_minivm application MinivmNotify command injection
    • +

Category: General

ASTERISK-27152: Sending a "tel" uri in a From or To header in an unauthenticated message causes asterisk to crash
Reported by: Ross Beer
    +
  • [0e5b7743d9] George Joseph -- pjsip_message_ip_updater: Fix issue handling "tel" URIs
    • +

Category: Resources/res_monitor

ASTERISK-27103: core: ast_safe_system command injection possible.
Reported by: Corey Farrell
    +
  • [707892089d] Corey Farrell -- AST-2017-006: Fix app_minivm application MinivmNotify command injection
    • +

Category: Resources/res_rtp_asterisk

ASTERISK-27013: res_rtp_asterisk: Media can be hijacked even with strict RTP enabled
Reported by: Joshua Colp
    +
  • [3ee5c6dcbe] Joshua Colp -- res_rtp_asterisk: Only learn a new source in learn state.
    • +

Diffstat Results

[Back to Top]

This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.

README-SERIOUSLY.bestpractices.txt       |    7 ++
+apps/app_minivm.c                        |   36 ++++++++----
+apps/app_mixmonitor.c                    |   15 +++++
+apps/app_system.c                        |   10 +++
+configs/samples/minivm.conf.sample       |    2
+funcs/func_shell.c                       |    5 +
+include/asterisk/app.h                   |   31 +++++++++-
+main/asterisk.c                          |   91 ++++++++++++++++++++++++++-----
+res/res_monitor.c                        |   13 +++-
+res/res_pjsip/pjsip_message_ip_updater.c |   56 ++++++++++++++-----
+res/res_rtp_asterisk.c                   |   79 ++++++++++++++------------
+11 files changed, 265 insertions(+), 80 deletions(-)

\ No newline at end of file diff --git a/asterisk-13.17.1-summary.txt b/asterisk-13.17.1-summary.txt new file mode 100644 index 0000000000..7a8fc4f8d8 --- /dev/null +++ b/asterisk-13.17.1-summary.txt @@ -0,0 +1,162 @@ + Release Summary + + asterisk-13.17.1 + + Date: 2017-08-31 + + + + ---------------------------------------------------------------------- + + Table of Contents + + 1. Summary + 2. Contributors + 3. Closed Issues + 4. Diffstat + + ---------------------------------------------------------------------- + + Summary + + [Back to Top] + + This release has been made to address one or more security vulnerabilities + that have been identified. A security advisory document has been published + for each vulnerability that includes additional information. Users of + versions of Asterisk that are affected are strongly encouraged to review + the advisories and determine what action they should take to protect their + systems from these issues. + + Security Advisories: + + * AST-2017-005,AST-2017-006,AST-2017-007 + + The data in this summary reflects changes that have been made since the + previous release, asterisk-13.17.0. + + ---------------------------------------------------------------------- + + Contributors + + [Back to Top] + + This table lists the people who have submitted code, those that have + tested patches, as well as those that reported issues on the issue tracker + that were resolved in this release. For coders, the number is how many of + their patches (of any size) were committed into this release. For testers, + the number is the number of times their name was listed as assisting with + testing a patch. Finally, for reporters, the number is the number of + issues that they reported that were affected by commits that went into + this release. + + Coders Testers Reporters + 1 George Joseph 1 Ross Beer + 1 Corey Farrell 1 Corey Farrell + 1 Joshua Colp 1 Ross Beer + 1 Joshua Colp + + ---------------------------------------------------------------------- + + Closed Issues + + [Back to Top] + + This is a list of all issues from the issue tracker that were closed by + changes that went into this release. + + Bug + + Category: Applications/app_minivm + + ASTERISK-27103: core: ast_safe_system command injection possible. + Reported by: Corey Farrell + * [707892089d] Corey Farrell -- AST-2017-006: Fix app_minivm application + MinivmNotify command injection + + Category: Applications/app_mixmonitor + + ASTERISK-27103: core: ast_safe_system command injection possible. + Reported by: Corey Farrell + * [707892089d] Corey Farrell -- AST-2017-006: Fix app_minivm application + MinivmNotify command injection + + Category: Applications/app_system + + ASTERISK-27103: core: ast_safe_system command injection possible. + Reported by: Corey Farrell + * [707892089d] Corey Farrell -- AST-2017-006: Fix app_minivm application + MinivmNotify command injection + + Category: Applications/app_voicemail + + ASTERISK-27103: core: ast_safe_system command injection possible. + Reported by: Corey Farrell + * [707892089d] Corey Farrell -- AST-2017-006: Fix app_minivm application + MinivmNotify command injection + + Category: Channels/chan_dahdi + + ASTERISK-27103: core: ast_safe_system command injection possible. + Reported by: Corey Farrell + * [707892089d] Corey Farrell -- AST-2017-006: Fix app_minivm application + MinivmNotify command injection + + Category: Core/General + + ASTERISK-27103: core: ast_safe_system command injection possible. + Reported by: Corey Farrell + * [707892089d] Corey Farrell -- AST-2017-006: Fix app_minivm application + MinivmNotify command injection + + Category: Functions/func_shell + + ASTERISK-27103: core: ast_safe_system command injection possible. + Reported by: Corey Farrell + * [707892089d] Corey Farrell -- AST-2017-006: Fix app_minivm application + MinivmNotify command injection + + Category: General + + ASTERISK-27152: Sending a "tel" uri in a From or To header in an + unauthenticated message causes asterisk to crash + Reported by: Ross Beer + * [0e5b7743d9] George Joseph -- pjsip_message_ip_updater: Fix issue + handling "tel" URIs + + Category: Resources/res_monitor + + ASTERISK-27103: core: ast_safe_system command injection possible. + Reported by: Corey Farrell + * [707892089d] Corey Farrell -- AST-2017-006: Fix app_minivm application + MinivmNotify command injection + + Category: Resources/res_rtp_asterisk + + ASTERISK-27013: res_rtp_asterisk: Media can be hijacked even with strict + RTP enabled + Reported by: Joshua Colp + * [3ee5c6dcbe] Joshua Colp -- res_rtp_asterisk: Only learn a new source + in learn state. + + ---------------------------------------------------------------------- + + Diffstat Results + + [Back to Top] + + This is a summary of the changes to the source code that went into this + release that was generated using the diffstat utility. + + README-SERIOUSLY.bestpractices.txt | 7 ++ + apps/app_minivm.c | 36 ++++++++---- + apps/app_mixmonitor.c | 15 +++++ + apps/app_system.c | 10 +++ + configs/samples/minivm.conf.sample | 2 + funcs/func_shell.c | 5 + + include/asterisk/app.h | 31 +++++++++- + main/asterisk.c | 91 ++++++++++++++++++++++++++----- + res/res_monitor.c | 13 +++- + res/res_pjsip/pjsip_message_ip_updater.c | 56 ++++++++++++++----- + res/res_rtp_asterisk.c | 79 ++++++++++++++------------ + 11 files changed, 265 insertions(+), 80 deletions(-) -- 2.47.3