-14.7.5
\ No newline at end of file
+14.7.6
\ No newline at end of file
+2018-02-21 18:53 +0000 Asterisk Development Team <asteriskteam@digium.com>
+
+ * asterisk 14.7.6 Released.
+
+2018-01-31 13:37 +0000 [4e9849c4bc] Kevin Harwell <kharwell@digium.com>
+
+ * AST-2018-003: Crash with an invalid SDP fmtp attribute
+
+ pjproject's fmtp retrieval function failed to catch invalid fmtp attributes.
+ Because of this Asterisk would crash if given an SDP with an invalid fmtp
+ attribute.
+
+ When retrieving the format this patch now makes sure the fmtp attribute is
+ available. If not available it now returns an error status.
+
+ ASTERISK-27583 #close
+
+ Change-Id: I5cebe000ce2d846cae3af33b6d72c416e51caf2f
+
+2018-01-31 13:33 +0000 [37eb30e1d2] Kevin Harwell <kharwell@digium.com>
+
+ * AST-2018-002: Crash with an invalid SDP media format description
+
+ pjproject's media format parsing algorithm failed to catch invalid values.
+ Because of this Asterisk would crash if given an SDP with a invalid media
+ format description.
+
+ When parsing the media format description this patch now properly parses the
+ value and returns an error status if it can't successfully parse/convert the
+ value.
+
+ ASTERISK-27582 #close
+
+ Change-Id: I883b3a4ef85b6972397f7b56bf46c5779c55fdd6
+
+2018-02-06 12:07 +0000 [45db14178f] George Joseph <gjoseph@digium.com>
+
+ * AST-2018-005: res_pjsip_transport_management: Move to core
+
+ Since res_pjsip_transport_management provides several attack
+ mitigation features, its functionality moved to res_pjsip and
+ this module has been removed. This way the features will always
+ be available if res_pjsip is loaded.
+
+ ASTERISK-27618
+ Reported By: Sandro Gauci
+
+ Change-Id: I21a2d33d9dda001452ea040d350d7a075f9acf0d
+
+2018-02-06 11:28 +0000 [de0b026c4d] George Joseph <gjoseph@digium.com>
+
+ * AST-2018-005: Fix tdata leaks when calling pjsip_endpt_send_response(2)
+
+ pjsip_distributor:
+ authenticate() creates a tdata and uses it to send a challenge or
+ failure response. When pjsip_endpt_send_response2() succeeds, it
+ automatically decrements the tdata ref count but when it fails, it
+ doesn't. Since we weren't checking for a return status, we weren't
+ decrementing the count ourselves on error and were therefore leaking
+ tdatas.
+
+ res_pjsip_session:
+ session_reinvite_on_rx_request wasn't decrementing the ref count
+ if an error happened while sending a 491 response.
+ pre_session_setup wasn't decrementing the ref count if
+ while sending an error after a pjsip_inv_verify_request failure.
+
+ res_pjsip:
+ ast_sip_send_response wasn't decrementing the ref count on error.
+
+ ASTERISK-27618
+ Reported By: Sandro Gauci
+
+ Change-Id: Iab33a6c7b6fba96148ed465b690ba8534ac961bf
+
+2018-02-06 11:21 +0000 [b5657daf8b] George Joseph <gjoseph@digium.com>
+
+ * AST-2018-005: Add a check for NULL tdata in ast_sip_failover_request
+
+ It was discovered that there are some corner cases where a pjsip tsx
+ might have no last_tx so calling ast_sip_failover_request with
+ a NULL last_tx as its tdata would cause a crash.
+
+ ASTERISK-27618
+ Reported By: Sandro Gauci
+
+ Change-Id: Ic2b63f6d4ae617c4c19dcdec2a7a6156b54fd15b
+
+2018-02-07 08:09 +0000 [dd3e3153ea] Joshua Colp <jcolp@digium.com>
+
+ * AST-2018-004: Restrict the number of Accept headers in a SUBSCRIBE.
+
+ When receiving a SUBSCRIBE request the Accept headers from it are
+ stored locally. This operation has a fixed limit of 32 Accept headers
+ but this limit was not enforced. As a result it was possible for
+ memory outside of the allocated space to get written to resulting
+ in a crash.
+
+ This change enforces the limit so only 32 Accept headers are
+ processed.
+
+ ASTERISK-27640
+ Reported By: Sandro Gauci
+
+ Change-Id: I99a814b10b554b13a6021ccf41111e5bc95e7301
+
2017-12-22 22:26 +0000 Asterisk Development Team <asteriskteam@digium.com>
* asterisk 14.7.5 Released.
+++ /dev/null
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><title>Release Summary - asterisk-14.7.5</title><h1 align="center"><a name="top">Release Summary</a></h1><h3 align="center">asterisk-14.7.5</h3><h3 align="center">Date: 2017-12-22</h3><h3 align="center"><asteriskteam@digium.com></h3><hr><h2 align="center">Table of Contents</h2><ol>
-<li><a href="#summary">Summary</a></li>
-<li><a href="#contributors">Contributors</a></li>
-<li><a href="#closed_issues">Closed Issues</a></li>
-<li><a href="#diffstat">Diffstat</a></li>
-</ol><hr><a name="summary"><h2 align="center">Summary</h2></a><center><a href="#top">[Back to Top]</a></center><p>This release is a point release of an existing major version. The changes included were made to address problems that have been identified in this release series, or are minor, backwards compatible new features or improvements. Users should be able to safely upgrade to this version if this release series is already in use. Users considering upgrading from a previous version are strongly encouraged to review the UPGRADE.txt document as well as the CHANGES document for information about upgrading to this release series.</p><p>The data in this summary reflects changes that have been made since the previous release, asterisk-14.7.4.</p><hr><a name="contributors"><h2 align="center">Contributors</h2></a><center><a href="#top">[Back to Top]</a></center><p>This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.</p><table width="100%" border="0">
-<tr><th width="33%">Coders</th><th width="33%">Testers</th><th width="33%">Reporters</th></tr>
-<tr valign="top"><td width="33%">1 Kevin Harwell <kharwell@digium.com><br/></td><td width="33%"><td width="33%">1 Ross Beer <ross.beer@voicehost.co.uk><br/></td></tr>
-</table><hr><a name="closed_issues"><h2 align="center">Closed Issues</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all issues from the issue tracker that were closed by changes that went into this release.</p><h3>Bug</h3><h4>Category: Channels/chan_pjsip</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-27480">ASTERISK-27480</a>: Security: Authenticated SUBSCRIBE without Contact crashes asterisk<br/>Reported by: Ross Beer<ul>
-<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=ad5323acfabfe45bc9688e6d1b6ba13085f9f9b9">[ad5323acfa]</a> Kevin Harwell -- AST-2017-014: res_pjsip - Missing contact header can cause crash</li>
-</ul><br><hr><a name="diffstat"><h2 align="center">Diffstat Results</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.</p><pre>0 files changed</pre><br></html>
\ No newline at end of file
+++ /dev/null
- Release Summary
-
- asterisk-14.7.5
-
- Date: 2017-12-22
-
- <asteriskteam@digium.com>
-
- ----------------------------------------------------------------------
-
- Table of Contents
-
- 1. Summary
- 2. Contributors
- 3. Closed Issues
- 4. Diffstat
-
- ----------------------------------------------------------------------
-
- Summary
-
- [Back to Top]
-
- This release is a point release of an existing major version. The changes
- included were made to address problems that have been identified in this
- release series, or are minor, backwards compatible new features or
- improvements. Users should be able to safely upgrade to this version if
- this release series is already in use. Users considering upgrading from a
- previous version are strongly encouraged to review the UPGRADE.txt
- document as well as the CHANGES document for information about upgrading
- to this release series.
-
- The data in this summary reflects changes that have been made since the
- previous release, asterisk-14.7.4.
-
- ----------------------------------------------------------------------
-
- Contributors
-
- [Back to Top]
-
- This table lists the people who have submitted code, those that have
- tested patches, as well as those that reported issues on the issue tracker
- that were resolved in this release. For coders, the number is how many of
- their patches (of any size) were committed into this release. For testers,
- the number is the number of times their name was listed as assisting with
- testing a patch. Finally, for reporters, the number is the number of
- issues that they reported that were affected by commits that went into
- this release.
-
- Coders Testers Reporters
- 1 Kevin Harwell 1 Ross Beer
-
- ----------------------------------------------------------------------
-
- Closed Issues
-
- [Back to Top]
-
- This is a list of all issues from the issue tracker that were closed by
- changes that went into this release.
-
- Bug
-
- Category: Channels/chan_pjsip
-
- ASTERISK-27480: Security: Authenticated SUBSCRIBE without Contact crashes
- asterisk
- Reported by: Ross Beer
- * [ad5323acfa] Kevin Harwell -- AST-2017-014: res_pjsip - Missing
- contact header can cause crash
-
- ----------------------------------------------------------------------
-
- Diffstat Results
-
- [Back to Top]
-
- This is a summary of the changes to the source code that went into this
- release that was generated using the diffstat utility.
-
- 0 files changed
--- /dev/null
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><title>Release Summary - asterisk-14.7.6</title><h1 align="center"><a name="top">Release Summary</a></h1><h3 align="center">asterisk-14.7.6</h3><h3 align="center">Date: 2018-02-21</h3><h3 align="center"><asteriskteam@digium.com></h3><hr><h2 align="center">Table of Contents</h2><ol>
+<li><a href="#summary">Summary</a></li>
+<li><a href="#contributors">Contributors</a></li>
+<li><a href="#closed_issues">Closed Issues</a></li>
+<li><a href="#diffstat">Diffstat</a></li>
+</ol><hr><a name="summary"><h2 align="center">Summary</h2></a><center><a href="#top">[Back to Top]</a></center><p>This release has been made to address one or more security vulnerabilities that have been identified. A security advisory document has been published for each vulnerability that includes additional information. Users of versions of Asterisk that are affected are strongly encouraged to review the advisories and determine what action they should take to protect their systems from these issues.</p><p>Security Advisories:</p><ul>
+<li><a href="http://downloads.asterisk.org/pub/security/AST-2018-002,AST-2018-003,AST-2018-004,AST-2018-005.html">AST-2018-002,AST-2018-003,AST-2018-004,AST-2018-005</a></li>
+</ul><p>The data in this summary reflects changes that have been made since the previous release, asterisk-14.7.5.</p><hr><a name="contributors"><h2 align="center">Contributors</h2></a><center><a href="#top">[Back to Top]</a></center><p>This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.</p><table width="100%" border="0">
+<tr><th width="33%">Coders</th><th width="33%">Testers</th><th width="33%">Reporters</th></tr>
+<tr valign="top"><td width="33%">3 George Joseph <gjoseph@digium.com><br/>2 Kevin Harwell <kharwell@digium.com><br/>1 Joshua Colp <jcolp@digium.com><br/></td><td width="33%"><td width="33%">6 Sandro Gauci <sandro@enablesecurity.com><br/>4 Sandro Gauci<br/></td></tr>
+</table><hr><a name="closed_issues"><h2 align="center">Closed Issues</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all issues from the issue tracker that were closed by changes that went into this release.</p><h3>Security</h3><h4>Category: Channels/chan_pjsip</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-27583">ASTERISK-27583</a>: Segmentation fault occurs in asterisk with an invalid SDP fmtp attribute<br/>Reported by: Sandro Gauci<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=4e9849c4bc706f6c1ca8c7866402e732c322df6f">[4e9849c4bc]</a> Kevin Harwell -- AST-2018-003: Crash with an invalid SDP fmtp attribute</li>
+</ul><a href="https://issues.asterisk.org/jira/browse/ASTERISK-27582">ASTERISK-27582</a>: Segmentation fault occurs in Asterisk with an invalid SDP media format description<br/>Reported by: Sandro Gauci<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=37eb30e1d26c1c10063c7d01ca8fa26de1bfa297">[37eb30e1d2]</a> Kevin Harwell -- AST-2018-002: Crash with an invalid SDP media format description</li>
+</ul><a href="https://issues.asterisk.org/jira/browse/ASTERISK-27640">ASTERISK-27640</a>: SUBSCRIBE message with a large Accept value causes stack corruption<br/>Reported by: Sandro Gauci<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=dd3e3153ea1c161569e93bc87fbf788cfd0c1de7">[dd3e3153ea]</a> Joshua Colp -- AST-2018-004: Restrict the number of Accept headers in a SUBSCRIBE.</li>
+</ul><br><h4>Category: pjproject/pjsip</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-27618">ASTERISK-27618</a>: Crash occurs when sending a repeated number of INVITE messages over TCP or TLS transport<br/>Reported by: Sandro Gauci<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=45db14178f3840deb24662ff3bb45636fccfb9d8">[45db14178f]</a> George Joseph -- AST-2018-005: res_pjsip_transport_management: Move to core</li>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=de0b026c4d6b34a6d174e82a0e400f4391d07b0e">[de0b026c4d]</a> George Joseph -- AST-2018-005: Fix tdata leaks when calling pjsip_endpt_send_response(2)</li>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=b5657daf8b3e9d2dfa4ab7bf034b92a17a2d3cf3">[b5657daf8b]</a> George Joseph -- AST-2018-005: Add a check for NULL tdata in ast_sip_failover_request</li>
+</ul><br><hr><a name="diffstat"><h2 align="center">Diffstat Results</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.</p><pre>b/CHANGES | 11
+b/UPGRADE.txt | 8
+b/res/res_pjsip.c | 17
+b/res/res_pjsip/include/res_pjsip_private.h | 28 +
+b/res/res_pjsip/pjsip_distributor.c | 8
+b/res/res_pjsip/pjsip_transport_management.c | 376 ++++++++++++++
+b/res/res_pjsip_pubsub.c | 5
+b/res/res_pjsip_session.c | 8
+b/third-party/pjproject/patches/0070-sdp_media_fmt.patch | 19
+res/res_pjsip_transport_management.c | 400 ---------------
+10 files changed, 472 insertions(+), 408 deletions(-)</pre><br></html>
\ No newline at end of file
--- /dev/null
+ Release Summary
+
+ asterisk-14.7.6
+
+ Date: 2018-02-21
+
+ <asteriskteam@digium.com>
+
+ ----------------------------------------------------------------------
+
+ Table of Contents
+
+ 1. Summary
+ 2. Contributors
+ 3. Closed Issues
+ 4. Diffstat
+
+ ----------------------------------------------------------------------
+
+ Summary
+
+ [Back to Top]
+
+ This release has been made to address one or more security vulnerabilities
+ that have been identified. A security advisory document has been published
+ for each vulnerability that includes additional information. Users of
+ versions of Asterisk that are affected are strongly encouraged to review
+ the advisories and determine what action they should take to protect their
+ systems from these issues.
+
+ Security Advisories:
+
+ * AST-2018-002,AST-2018-003,AST-2018-004,AST-2018-005
+
+ The data in this summary reflects changes that have been made since the
+ previous release, asterisk-14.7.5.
+
+ ----------------------------------------------------------------------
+
+ Contributors
+
+ [Back to Top]
+
+ This table lists the people who have submitted code, those that have
+ tested patches, as well as those that reported issues on the issue tracker
+ that were resolved in this release. For coders, the number is how many of
+ their patches (of any size) were committed into this release. For testers,
+ the number is the number of times their name was listed as assisting with
+ testing a patch. Finally, for reporters, the number is the number of
+ issues that they reported that were affected by commits that went into
+ this release.
+
+ Coders Testers Reporters
+ 3 George Joseph 6 Sandro Gauci
+ 2 Kevin Harwell 4 Sandro Gauci
+ 1 Joshua Colp
+
+ ----------------------------------------------------------------------
+
+ Closed Issues
+
+ [Back to Top]
+
+ This is a list of all issues from the issue tracker that were closed by
+ changes that went into this release.
+
+ Security
+
+ Category: Channels/chan_pjsip
+
+ ASTERISK-27583: Segmentation fault occurs in asterisk with an invalid SDP
+ fmtp attribute
+ Reported by: Sandro Gauci
+ * [4e9849c4bc] Kevin Harwell -- AST-2018-003: Crash with an invalid SDP
+ fmtp attribute
+ ASTERISK-27582: Segmentation fault occurs in Asterisk with an invalid SDP
+ media format description
+ Reported by: Sandro Gauci
+ * [37eb30e1d2] Kevin Harwell -- AST-2018-002: Crash with an invalid SDP
+ media format description
+ ASTERISK-27640: SUBSCRIBE message with a large Accept value causes stack
+ corruption
+ Reported by: Sandro Gauci
+ * [dd3e3153ea] Joshua Colp -- AST-2018-004: Restrict the number of
+ Accept headers in a SUBSCRIBE.
+
+ Category: pjproject/pjsip
+
+ ASTERISK-27618: Crash occurs when sending a repeated number of INVITE
+ messages over TCP or TLS transport
+ Reported by: Sandro Gauci
+ * [45db14178f] George Joseph -- AST-2018-005:
+ res_pjsip_transport_management: Move to core
+ * [de0b026c4d] George Joseph -- AST-2018-005: Fix tdata leaks when
+ calling pjsip_endpt_send_response(2)
+ * [b5657daf8b] George Joseph -- AST-2018-005: Add a check for NULL tdata
+ in ast_sip_failover_request
+
+ ----------------------------------------------------------------------
+
+ Diffstat Results
+
+ [Back to Top]
+
+ This is a summary of the changes to the source code that went into this
+ release that was generated using the diffstat utility.
+
+ b/CHANGES | 11
+ b/UPGRADE.txt | 8
+ b/res/res_pjsip.c | 17
+ b/res/res_pjsip/include/res_pjsip_private.h | 28 +
+ b/res/res_pjsip/pjsip_distributor.c | 8
+ b/res/res_pjsip/pjsip_transport_management.c | 376 ++++++++++++++
+ b/res/res_pjsip_pubsub.c | 5
+ b/res/res_pjsip_session.c | 8
+ b/third-party/pjproject/patches/0070-sdp_media_fmt.patch | 19
+ res/res_pjsip_transport_management.c | 400 ---------------
+ 10 files changed, 472 insertions(+), 408 deletions(-)
projects / thirdparty / asterisk.git / commitdiff
