-certified/13.13-cert4
\ No newline at end of file
+certified/13.13-cert5
\ No newline at end of file
+2017-08-31 15:48 +0000 Asterisk Development Team <asteriskteam@digium.com>
+
+ * asterisk certified/13.13-cert5 Released.
+
+2017-07-01 19:24 +0000 [7ca7306012] Corey Farrell <git@cfware.com>
+
+ * AST-2017-006: Fix app_minivm application MinivmNotify command injection
+
+ An admin can configure app_minivm with an externnotify program to be run
+ when a voicemail is received. The app_minivm application MinivmNotify
+ uses ast_safe_system() for this purpose which is vulnerable to command
+ injection since the Caller-ID name and number values given to externnotify
+ can come from an external untrusted source.
+
+ * Add ast_safe_execvp() function. This gives modules the ability to run
+ external commands with greater safety compared to ast_safe_system().
+ Specifically when some parameters are filled by untrusted sources the new
+ function does not allow malicious input to break argument encoding. This
+ may be of particular concern where CALLERID(name) or CALLERID(num) may be
+ used as a parameter to a script run by ast_safe_system() which could
+ potentially allow arbitrary command execution.
+
+ * Changed app_minivm.c:run_externnotify() to use the new ast_safe_execvp()
+ instead of ast_safe_system() to avoid command injection.
+
+ * Document code injection potential from untrusted data sources for other
+ shell commands that are under user control.
+
+ ASTERISK-27103
+
+ Change-Id: I7552472247a84cde24e1358aaf64af160107aef1
+
+2017-05-22 10:36 +0000 [1724a8c98f] Joshua Colp <jcolp@digium.com>
+
+ * res_rtp_asterisk: Only learn a new source in learn state.
+
+ This change moves the logic which learns a new source address
+ for RTP so it only occurs in the learning state. The learning
+ state is entered on initial allocation of RTP or if we are
+ told that the remote address for the media has changed. While
+ in the learning state if we continue to receive media from
+ the original source we restart the learning process. It is
+ only once we receive a sufficient number of RTP packets from
+ the new source that we will switch to it. Once this is done
+ the closed state is entered where all packets that do not
+ originate from the expected source are dropped.
+
+ The learning process has also been improved to take into
+ account the time between received packets so a flood of them
+ while in the learning state does not cause media to be switched.
+
+ Finally RTCP now drops packets which are not for the learned
+ SSRC if strict RTP is enabled.
+
+ ASTERISK-27013
+
+ Change-Id: I56a96e993700906355e79bc880ad9d4ad3ab129c
+
+2017-07-11 07:26 +0000 [b189f8c5cf] George Joseph <gjoseph@digium.com>
+
+ * res_musiconhold: Add kill_escalation_delay, kill_method to class
+
+ By default, when res_musiconhold reloads or unloads, it sends a HUP
+ signal to custom applications (and all descendants), waits 100ms,
+ then sends a TERM signal, waits 100ms, then finally sends a KILL
+ signal. An application which is interacting with an external
+ device and/or spawns children of its own may not be able to exit
+ cleanly in the default times, expecially if sent a KILL signal, or
+ if it's children are getting signals directly from
+ res_musiconhoild.
+
+ * To allow extra time, the 'kill_escalation_delay'
+ class option can be used to set the number of milliseconds
+ res_musiconhold waits before escalating kill signals, with the
+ default being the current 100ms.
+
+ * To control to whom the signals are sent, the "kill_method" class
+ option can be set to "process_group" (the default, existing
+ behavior), which sends signals to the application and its
+ descendants directly, or "process" which sends signals only to the
+ application itself.
+
+ Change-Id: Iff70a1a9405685a9021a68416830c0db5158603b
+
+2017-06-29 18:27 +0000 [aa10dd31d0] Richard Mudgett <rmudgett@digium.com>
+
+ * pjsip_distributor.c: Fix deadlock with TCP type transports.
+
+ When a SIP message comes in on a transport, pjproject obtains the lock on
+ the transport and pulls the data out of the socket. Unlike UDP, the TCP
+ transport does not allow concurrent access. Without concurrency the
+ transport lock is not released when the transport's message complete
+ callback is called. The processing continues and eventually Asterisk
+ starts processing the SIP message. The first thing Asterisk tries to do
+ is determine the associated dialog of the message to determine the
+ associated serializer. To get the associated serializer safely requires
+ us to get the dialog lock.
+
+ To send a request or response message for a dialog, pjproject obtains the
+ dialog lock and then obtains the transport lock. Deadlock can result
+ because of the opposite order the locks are obtained.
+
+ * Fix the deadlock by obtaining the serializer associated with the dialog
+ another way that doesn't involve obtaining the dialog lock. In this case,
+ we use an ao2 container to hold the associated endpoint and serializer.
+ The new locks are held a brief time and won't overlap other existing lock
+ times.
+
+ ASTERISK-27090 #close
+
+ Change-Id: I9ed63f4da9649e9db6ed4be29c360968917a89bd
+
+2017-06-29 14:50 +0000 [ef4a035371] George Joseph <gjoseph@digium.com>
+
+ * chan_pjsip: Fix ability to send UPDATE on COLP
+
+ When connected_line_method is "invite", we're supposed to determine
+ if the client can support UPDATE and if it can, send UPDATE instead
+ of INVITE to avoid the SDP renegotiation. Not only was pjproject
+ not setting the PJSIP_INV_SUPPORT_UPDATE flag, we were testing
+ that invite_tsx wasn't NULL which isn't always the case.
+
+ * Updated chan_pjsip/update_connected_line_information to drop the
+ requirement that invite_tsx isn't NULL.
+ * Submitted patch to pjproject sip_inv.c that sets the
+ PJSIP_INV_SUPPORT_UPDATE flag correctly.
+ * Updated pjsip.conf.sample to clarify what happens when "invite"
+ is specified.
+
+ ASTERISK-27095
+
+ Change-Id: Ic2381b3567b8052c616d96fbe79564c530e81560
+
+2017-06-20 15:41 +0000 [89aabfe10b] Kevin Harwell <kharwell@digium.com>
+
+ * core_local: local channel data not being properly unref'ed and unlocked
+
+ In an earlier version of Asterisk a local channel [un]lock all functions were
+ added in order to keep a crash from occurring when a channel hung up too early
+ during an attended transfer. Unfortunately, when a transfer failure occurs and
+ depending on the timing, the local channels sometime do not get properly
+ unlocked and deref'ed after being locked and ref'ed. This happens because the
+ underlying local channel structure gets NULLed out before unlocking.
+
+ This patch reworks those [un]lock functions and makes sure the values that get
+ locked and ref'ed later get unlocked and deref'ed.
+
+ ASTERISK-27074 #close
+
+ Change-Id: Ice96653e29bd9d6674ed5f95feb6b448ab148b09
+
+2017-06-20 16:01 +0000 [9dcac3b7e3] Kevin Harwell <kharwell@digium.com>
+
+ * bridge: stuck channel(s) after failed attended transfer
+
+ If an attended transfer failed it was possible for some of the channels
+ involved to get "stuck" because Asterisk was not hanging up the transfer target.
+
+ This patch ensures Asterisk hangs up the transfer target when an attended
+ transfer failure occurs.
+
+ ASTERISK-27075 #close
+
+ Change-Id: I98a6ecd92d3461ab98c36f0d9451d23adaf3e5f9
+
+2017-06-13 14:17 +0000 [adfdfdee61] Kevin Harwell <kharwell@digium.com>
+
+ * res_pjsip_refer/session: Calls dropped during transfer
+
+ When doing an attended transfer it's possible for the transferer, after
+ receiving an accepted response from Asterisk, to send a BYE to Asterisk,
+ which can then be processed before Asterisk has time to start and/or
+ complete the transfer process. This of course causes the transfer to not
+ complete successfully, thus dropping the call.
+
+ This patch makes it so any BYEs received from the transferer, after the REFER,
+ that initiate a session end are deferred until the transfer is complete. This
+ allows the channel that would have otherwise been hung up by Asterisk to
+ remain available throughout the transfer process.
+
+ ASTERISK-27053 #close
+
+ Change-Id: I43586db79079457d92d71f1fd993be9a3b409d5a
+
2017-05-19 20:45 +0000 Asterisk Development Team <asteriskteam@digium.com>
* asterisk certified/13.13-cert4 Released.
+++ /dev/null
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><title>Release Summary - asterisk-certified/13.13-cert4</title><h1 align="center"><a name="top">Release Summary</a></h1><h3 align="center">asterisk-certified/13.13-cert4</h3><h3 align="center">Date: 2017-05-19</h3><h3 align="center"><asteriskteam@digium.com></h3><hr><h2 align="center">Table of Contents</h2><ol>
-<li><a href="#summary">Summary</a></li>
-<li><a href="#contributors">Contributors</a></li>
-<li><a href="#closed_issues">Closed Issues</a></li>
-<li><a href="#diffstat">Diffstat</a></li>
-</ol><hr><a name="summary"><h2 align="center">Summary</h2></a><center><a href="#top">[Back to Top]</a></center><p>This release is a point release of an existing major version. The changes included were made to address problems that have been identified in this release series, or are minor, backwards compatible new features or improvements. Users should be able to safely upgrade to this version if this release series is already in use. Users considering upgrading from a previous version are strongly encouraged to review the UPGRADE.txt document as well as the CHANGES document for information about upgrading to this release series.</p><p>The data in this summary reflects changes that have been made since the previous release, asterisk-certified/13.13-cert3.</p><hr><a name="contributors"><h2 align="center">Contributors</h2></a><center><a href="#top">[Back to Top]</a></center><p>This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.</p><table width="100%" border="0">
-<tr><th width="33%">Coders</th><th width="33%">Testers</th><th width="33%">Reporters</th></tr>
-<tr valign="top"><td width="33%">2 Mark Michelson <mmichelson@digium.com><br/>1 George Joseph <gjoseph@digium.com><br/></td><td width="33%"><td width="33%">3 Sandro Gauci <sandro@enablesecurity.com><br/></td></tr>
-</table><hr><a name="closed_issues"><h2 align="center">Closed Issues</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all issues from the issue tracker that were closed by changes that went into this release.</p><h3>Bug</h3><h4>Category: Channels/chan_skinny</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-26940">ASTERISK-26940</a>: Asterisk Skinny memory exhaustion vulnerability leads to DoS<br/>Reported by: Sandro Gauci<ul>
-<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=7e8b57db672b851efe4cef4a75499f21e410f5a2">[7e8b57db67]</a> gtjoseph -- AST-2017-004: chan_skinny: Add EOF check in skinny_session</li>
-</ul><br><h4>Category: pjproject/pjsip</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-26939">ASTERISK-26939</a>: Out of bound memory access in PJSIP multipart parser crashes Asterisk<br/>Reported by: Sandro Gauci<ul>
-<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=d0e628e792a471986f8fbc0fe258714e386b6a02">[d0e628e792]</a> Mark Michelson -- AST-2017-003: Handle zero-length body parts correctly.</li>
-</ul><a href="https://issues.asterisk.org/jira/browse/ASTERISK-26938">ASTERISK-26938</a>: Heap overflow in CSEQ header parsing affects Asterisk chan_pjsip and PJSIP<br/>Reported by: Sandro Gauci<ul>
-<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=14e57ba5b5d6e821395ccdd1fcc4d363ac92cf33">[14e57ba5b5]</a> Mark Michelson -- AST-2017-002: Ensure transaction key buffer is large enough.</li>
-</ul><br><hr><a name="diffstat"><h2 align="center">Diffstat Results</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.</p><pre>channels/chan_skinny.c | 122 +++++-----
-third-party/pjproject/patches/0058-Parse-zero-length-multipart-body-parts-correctly.patch | 41 +++
-third-party/pjproject/patches/0059-Ensure-2543-transaction-key-buffer-is-large-enough.patch | 24 +
-3 files changed, 131 insertions(+), 56 deletions(-)</pre><br></html>
\ No newline at end of file
+++ /dev/null
- Release Summary
-
- asterisk-certified/13.13-cert4
-
- Date: 2017-05-19
-
- <asteriskteam@digium.com>
-
- ----------------------------------------------------------------------
-
- Table of Contents
-
- 1. Summary
- 2. Contributors
- 3. Closed Issues
- 4. Diffstat
-
- ----------------------------------------------------------------------
-
- Summary
-
- [Back to Top]
-
- This release is a point release of an existing major version. The changes
- included were made to address problems that have been identified in this
- release series, or are minor, backwards compatible new features or
- improvements. Users should be able to safely upgrade to this version if
- this release series is already in use. Users considering upgrading from a
- previous version are strongly encouraged to review the UPGRADE.txt
- document as well as the CHANGES document for information about upgrading
- to this release series.
-
- The data in this summary reflects changes that have been made since the
- previous release, asterisk-certified/13.13-cert3.
-
- ----------------------------------------------------------------------
-
- Contributors
-
- [Back to Top]
-
- This table lists the people who have submitted code, those that have
- tested patches, as well as those that reported issues on the issue tracker
- that were resolved in this release. For coders, the number is how many of
- their patches (of any size) were committed into this release. For testers,
- the number is the number of times their name was listed as assisting with
- testing a patch. Finally, for reporters, the number is the number of
- issues that they reported that were affected by commits that went into
- this release.
-
- Coders Testers Reporters
- 2 Mark Michelson 3 Sandro Gauci
- 1 George Joseph
-
- ----------------------------------------------------------------------
-
- Closed Issues
-
- [Back to Top]
-
- This is a list of all issues from the issue tracker that were closed by
- changes that went into this release.
-
- Bug
-
- Category: Channels/chan_skinny
-
- ASTERISK-26940: Asterisk Skinny memory exhaustion vulnerability leads to
- DoS
- Reported by: Sandro Gauci
- * [7e8b57db67] gtjoseph -- AST-2017-004: chan_skinny: Add EOF check in
- skinny_session
-
- Category: pjproject/pjsip
-
- ASTERISK-26939: Out of bound memory access in PJSIP multipart parser
- crashes Asterisk
- Reported by: Sandro Gauci
- * [d0e628e792] Mark Michelson -- AST-2017-003: Handle zero-length body
- parts correctly.
- ASTERISK-26938: Heap overflow in CSEQ header parsing affects Asterisk
- chan_pjsip and PJSIP
- Reported by: Sandro Gauci
- * [14e57ba5b5] Mark Michelson -- AST-2017-002: Ensure transaction key
- buffer is large enough.
-
- ----------------------------------------------------------------------
-
- Diffstat Results
-
- [Back to Top]
-
- This is a summary of the changes to the source code that went into this
- release that was generated using the diffstat utility.
-
- channels/chan_skinny.c | 122 +++++-----
- third-party/pjproject/patches/0058-Parse-zero-length-multipart-body-parts-correctly.patch | 41 +++
- third-party/pjproject/patches/0059-Ensure-2543-transaction-key-buffer-is-large-enough.patch | 24 +
- 3 files changed, 131 insertions(+), 56 deletions(-)
--- /dev/null
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><title>Release Summary - asterisk-certified/13.13-cert5</title><h1 align="center"><a name="top">Release Summary</a></h1><h3 align="center">asterisk-certified/13.13-cert5</h3><h3 align="center">Date: 2017-08-31</h3><h3 align="center"><asteriskteam@digium.com></h3><hr><h2 align="center">Table of Contents</h2><ol>
+<li><a href="#summary">Summary</a></li>
+<li><a href="#contributors">Contributors</a></li>
+<li><a href="#closed_issues">Closed Issues</a></li>
+<li><a href="#commits">Other Changes</a></li>
+<li><a href="#diffstat">Diffstat</a></li>
+</ol><hr><a name="summary"><h2 align="center">Summary</h2></a><center><a href="#top">[Back to Top]</a></center><p>This release has been made to address one or more security vulnerabilities that have been identified. A security advisory document has been published for each vulnerability that includes additional information. Users of versions of Asterisk that are affected are strongly encouraged to review the advisories and determine what action they should take to protect their systems from these issues.</p><p>Security Advisories:</p><ul>
+<li><a href="http://downloads.asterisk.org/pub/security/AST-2017-005,AST-2017-006.html">AST-2017-005,AST-2017-006</a></li>
+</ul><p>The data in this summary reflects changes that have been made since the previous release, asterisk-certified/13.13-cert4.</p><hr><a name="contributors"><h2 align="center">Contributors</h2></a><center><a href="#top">[Back to Top]</a></center><p>This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.</p><table width="100%" border="0">
+<tr><th width="33%">Coders</th><th width="33%">Testers</th><th width="33%">Reporters</th></tr>
+<tr valign="top"><td width="33%">3 Kevin Harwell <kharwell@digium.com><br/>2 George Joseph <gjoseph@digium.com><br/>1 Richard Mudgett <rmudgett@digium.com><br/>1 Corey Farrell <git@cfware.com><br/>1 Joshua Colp <jcolp@digium.com><br/></td><td width="33%"><td width="33%">3 Kevin Harwell <kharwell@digium.com><br/>1 Richard Mudgett <rmudgett@digium.com><br/>1 Joshua Colp <jcolp@digium.com><br/>1 George Joseph <gjoseph@digium.com><br/>1 Corey Farrell <git@cfware.com><br/></td></tr>
+</table><hr><a name="closed_issues"><h2 align="center">Closed Issues</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all issues from the issue tracker that were closed by changes that went into this release.</p><h3>Bug</h3><h4>Category: Applications/app_minivm</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-27103">ASTERISK-27103</a>: core: ast_safe_system command injection possible.<br/>Reported by: Corey Farrell<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=7ca730601211c595ad56c91259a1d229d712abf2">[7ca7306012]</a> Corey Farrell -- AST-2017-006: Fix app_minivm application MinivmNotify command injection</li>
+</ul><br><h4>Category: Applications/app_mixmonitor</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-27103">ASTERISK-27103</a>: core: ast_safe_system command injection possible.<br/>Reported by: Corey Farrell<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=7ca730601211c595ad56c91259a1d229d712abf2">[7ca7306012]</a> Corey Farrell -- AST-2017-006: Fix app_minivm application MinivmNotify command injection</li>
+</ul><br><h4>Category: Applications/app_system</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-27103">ASTERISK-27103</a>: core: ast_safe_system command injection possible.<br/>Reported by: Corey Farrell<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=7ca730601211c595ad56c91259a1d229d712abf2">[7ca7306012]</a> Corey Farrell -- AST-2017-006: Fix app_minivm application MinivmNotify command injection</li>
+</ul><br><h4>Category: Applications/app_voicemail</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-27103">ASTERISK-27103</a>: core: ast_safe_system command injection possible.<br/>Reported by: Corey Farrell<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=7ca730601211c595ad56c91259a1d229d712abf2">[7ca7306012]</a> Corey Farrell -- AST-2017-006: Fix app_minivm application MinivmNotify command injection</li>
+</ul><br><h4>Category: Channels/chan_dahdi</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-27103">ASTERISK-27103</a>: core: ast_safe_system command injection possible.<br/>Reported by: Corey Farrell<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=7ca730601211c595ad56c91259a1d229d712abf2">[7ca7306012]</a> Corey Farrell -- AST-2017-006: Fix app_minivm application MinivmNotify command injection</li>
+</ul><br><h4>Category: Channels/chan_pjsip</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-27095">ASTERISK-27095</a>: chan_pjsip: When connected_line_method is set to invite, we're not trying UPDATE<br/>Reported by: George Joseph<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=ef4a035371cc4fb7781792aeb5397979413f768b">[ef4a035371]</a> George Joseph -- chan_pjsip: Fix ability to send UPDATE on COLP</li>
+</ul><br><h4>Category: Core/Bridging</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-27075">ASTERISK-27075</a>: bridge: stuck channel(s) after failed attended transfer<br/>Reported by: Kevin Harwell<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=9dcac3b7e349635e3b501a98d559950d920fb22e">[9dcac3b7e3]</a> Kevin Harwell -- bridge: stuck channel(s) after failed attended transfer</li>
+</ul><br><h4>Category: Core/Channels</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-27074">ASTERISK-27074</a>: core_local: local channel data not being properly unref'ed and unlocked<br/>Reported by: Kevin Harwell<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=89aabfe10b4e732dc66110790d1dce10d26e03a8">[89aabfe10b]</a> Kevin Harwell -- core_local: local channel data not being properly unref'ed and unlocked</li>
+</ul><br><h4>Category: Core/General</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-27103">ASTERISK-27103</a>: core: ast_safe_system command injection possible.<br/>Reported by: Corey Farrell<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=7ca730601211c595ad56c91259a1d229d712abf2">[7ca7306012]</a> Corey Farrell -- AST-2017-006: Fix app_minivm application MinivmNotify command injection</li>
+</ul><br><h4>Category: Functions/func_shell</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-27103">ASTERISK-27103</a>: core: ast_safe_system command injection possible.<br/>Reported by: Corey Farrell<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=7ca730601211c595ad56c91259a1d229d712abf2">[7ca7306012]</a> Corey Farrell -- AST-2017-006: Fix app_minivm application MinivmNotify command injection</li>
+</ul><br><h4>Category: Resources/res_monitor</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-27103">ASTERISK-27103</a>: core: ast_safe_system command injection possible.<br/>Reported by: Corey Farrell<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=7ca730601211c595ad56c91259a1d229d712abf2">[7ca7306012]</a> Corey Farrell -- AST-2017-006: Fix app_minivm application MinivmNotify command injection</li>
+</ul><br><h4>Category: Resources/res_pjsip</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-27090">ASTERISK-27090</a>: PJSIP: Deadlock using TCP transport<br/>Reported by: Richard Mudgett<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=aa10dd31d044c65aaecdd76629f53fd4cbdf013b">[aa10dd31d0]</a> Richard Mudgett -- pjsip_distributor.c: Fix deadlock with TCP type transports.</li>
+</ul><br><h4>Category: Resources/res_pjsip_refer</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-27053">ASTERISK-27053</a>: res_pjsip_refer/session: Calls dropped during transfer<br/>Reported by: Kevin Harwell<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=adfdfdee611ee13b45be1b4c019871e62c8009af">[adfdfdee61]</a> Kevin Harwell -- res_pjsip_refer/session: Calls dropped during transfer</li>
+</ul><br><h4>Category: Resources/res_pjsip_session</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-27053">ASTERISK-27053</a>: res_pjsip_refer/session: Calls dropped during transfer<br/>Reported by: Kevin Harwell<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=adfdfdee611ee13b45be1b4c019871e62c8009af">[adfdfdee61]</a> Kevin Harwell -- res_pjsip_refer/session: Calls dropped during transfer</li>
+</ul><br><h4>Category: Resources/res_rtp_asterisk</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-27013">ASTERISK-27013</a>: res_rtp_asterisk: Media can be hijacked even with strict RTP enabled<br/>Reported by: Joshua Colp<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=1724a8c98f68123d6998cc3f91acbcff8a69bf7b">[1724a8c98f]</a> Joshua Colp -- res_rtp_asterisk: Only learn a new source in learn state.</li>
+</ul><br><hr><a name="commits"><h2 align="center">Commits Not Associated with an Issue</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all changes that went into this release that did not reference a JIRA issue.</p><table width="100%" border="1">
+<tr><th>Revision</th><th>Author</th><th>Summary</th></tr>
+<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=b189f8c5cf758734e0690c824c0e118707f236ce">b189f8c5cf</a></td><td>George Joseph</td><td>res_musiconhold: Add kill_escalation_delay, kill_method to class</td></tr>
+</table><hr><a name="diffstat"><h2 align="center">Diffstat Results</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.</p><pre>CHANGES | 20
+README-SERIOUSLY.bestpractices.txt | 7
+apps/app_minivm.c | 36 +
+apps/app_mixmonitor.c | 15
+apps/app_system.c | 10
+channels/chan_pjsip.c | 3
+configs/samples/minivm.conf.sample | 2
+configs/samples/musiconhold.conf.sample | 23 +
+configs/samples/pjsip.conf.sample | 11
+funcs/func_shell.c | 5
+include/asterisk/app.h | 31 +
+include/asterisk/core_local.h | 37 +
+include/asterisk/res_pjsip_session.h | 11
+main/asterisk.c | 91 +++-
+main/bridge.c | 9
+main/core_local.c | 54 +-
+res/res_monitor.c | 13
+res/res_musiconhold.c | 129 +++---
+res/res_pjsip.c | 11
+res/res_pjsip/pjsip_distributor.c | 214 ++++++++--
+res/res_pjsip_refer.c | 8
+res/res_pjsip_session.c | 28 +
+res/res_pjsip_session.exports.in | 1
+res/res_rtp_asterisk.c | 87 ++--
+third-party/pjproject/patches/0070-Set-PJSIP_INV_SUPPORT_UPDATE-correctly-in-pjsip_inv_.patch | 9
+25 files changed, 678 insertions(+), 187 deletions(-)</pre><br></html>
\ No newline at end of file
--- /dev/null
+ Release Summary
+
+ asterisk-certified/13.13-cert5
+
+ Date: 2017-08-31
+
+ <asteriskteam@digium.com>
+
+ ----------------------------------------------------------------------
+
+ Table of Contents
+
+ 1. Summary
+ 2. Contributors
+ 3. Closed Issues
+ 4. Other Changes
+ 5. Diffstat
+
+ ----------------------------------------------------------------------
+
+ Summary
+
+ [Back to Top]
+
+ This release has been made to address one or more security vulnerabilities
+ that have been identified. A security advisory document has been published
+ for each vulnerability that includes additional information. Users of
+ versions of Asterisk that are affected are strongly encouraged to review
+ the advisories and determine what action they should take to protect their
+ systems from these issues.
+
+ Security Advisories:
+
+ * AST-2017-005,AST-2017-006
+
+ The data in this summary reflects changes that have been made since the
+ previous release, asterisk-certified/13.13-cert4.
+
+ ----------------------------------------------------------------------
+
+ Contributors
+
+ [Back to Top]
+
+ This table lists the people who have submitted code, those that have
+ tested patches, as well as those that reported issues on the issue tracker
+ that were resolved in this release. For coders, the number is how many of
+ their patches (of any size) were committed into this release. For testers,
+ the number is the number of times their name was listed as assisting with
+ testing a patch. Finally, for reporters, the number is the number of
+ issues that they reported that were affected by commits that went into
+ this release.
+
+ Coders Testers Reporters
+ 3 Kevin Harwell 3 Kevin Harwell
+ 2 George Joseph 1 Richard Mudgett
+ 1 Richard Mudgett 1 Joshua Colp
+ 1 Corey Farrell 1 George Joseph
+ 1 Joshua Colp 1 Corey Farrell
+
+ ----------------------------------------------------------------------
+
+ Closed Issues
+
+ [Back to Top]
+
+ This is a list of all issues from the issue tracker that were closed by
+ changes that went into this release.
+
+ Bug
+
+ Category: Applications/app_minivm
+
+ ASTERISK-27103: core: ast_safe_system command injection possible.
+ Reported by: Corey Farrell
+ * [7ca7306012] Corey Farrell -- AST-2017-006: Fix app_minivm application
+ MinivmNotify command injection
+
+ Category: Applications/app_mixmonitor
+
+ ASTERISK-27103: core: ast_safe_system command injection possible.
+ Reported by: Corey Farrell
+ * [7ca7306012] Corey Farrell -- AST-2017-006: Fix app_minivm application
+ MinivmNotify command injection
+
+ Category: Applications/app_system
+
+ ASTERISK-27103: core: ast_safe_system command injection possible.
+ Reported by: Corey Farrell
+ * [7ca7306012] Corey Farrell -- AST-2017-006: Fix app_minivm application
+ MinivmNotify command injection
+
+ Category: Applications/app_voicemail
+
+ ASTERISK-27103: core: ast_safe_system command injection possible.
+ Reported by: Corey Farrell
+ * [7ca7306012] Corey Farrell -- AST-2017-006: Fix app_minivm application
+ MinivmNotify command injection
+
+ Category: Channels/chan_dahdi
+
+ ASTERISK-27103: core: ast_safe_system command injection possible.
+ Reported by: Corey Farrell
+ * [7ca7306012] Corey Farrell -- AST-2017-006: Fix app_minivm application
+ MinivmNotify command injection
+
+ Category: Channels/chan_pjsip
+
+ ASTERISK-27095: chan_pjsip: When connected_line_method is set to invite,
+ we're not trying UPDATE
+ Reported by: George Joseph
+ * [ef4a035371] George Joseph -- chan_pjsip: Fix ability to send UPDATE
+ on COLP
+
+ Category: Core/Bridging
+
+ ASTERISK-27075: bridge: stuck channel(s) after failed attended transfer
+ Reported by: Kevin Harwell
+ * [9dcac3b7e3] Kevin Harwell -- bridge: stuck channel(s) after failed
+ attended transfer
+
+ Category: Core/Channels
+
+ ASTERISK-27074: core_local: local channel data not being properly unref'ed
+ and unlocked
+ Reported by: Kevin Harwell
+ * [89aabfe10b] Kevin Harwell -- core_local: local channel data not being
+ properly unref'ed and unlocked
+
+ Category: Core/General
+
+ ASTERISK-27103: core: ast_safe_system command injection possible.
+ Reported by: Corey Farrell
+ * [7ca7306012] Corey Farrell -- AST-2017-006: Fix app_minivm application
+ MinivmNotify command injection
+
+ Category: Functions/func_shell
+
+ ASTERISK-27103: core: ast_safe_system command injection possible.
+ Reported by: Corey Farrell
+ * [7ca7306012] Corey Farrell -- AST-2017-006: Fix app_minivm application
+ MinivmNotify command injection
+
+ Category: Resources/res_monitor
+
+ ASTERISK-27103: core: ast_safe_system command injection possible.
+ Reported by: Corey Farrell
+ * [7ca7306012] Corey Farrell -- AST-2017-006: Fix app_minivm application
+ MinivmNotify command injection
+
+ Category: Resources/res_pjsip
+
+ ASTERISK-27090: PJSIP: Deadlock using TCP transport
+ Reported by: Richard Mudgett
+ * [aa10dd31d0] Richard Mudgett -- pjsip_distributor.c: Fix deadlock with
+ TCP type transports.
+
+ Category: Resources/res_pjsip_refer
+
+ ASTERISK-27053: res_pjsip_refer/session: Calls dropped during transfer
+ Reported by: Kevin Harwell
+ * [adfdfdee61] Kevin Harwell -- res_pjsip_refer/session: Calls dropped
+ during transfer
+
+ Category: Resources/res_pjsip_session
+
+ ASTERISK-27053: res_pjsip_refer/session: Calls dropped during transfer
+ Reported by: Kevin Harwell
+ * [adfdfdee61] Kevin Harwell -- res_pjsip_refer/session: Calls dropped
+ during transfer
+
+ Category: Resources/res_rtp_asterisk
+
+ ASTERISK-27013: res_rtp_asterisk: Media can be hijacked even with strict
+ RTP enabled
+ Reported by: Joshua Colp
+ * [1724a8c98f] Joshua Colp -- res_rtp_asterisk: Only learn a new source
+ in learn state.
+
+ ----------------------------------------------------------------------
+
+ Commits Not Associated with an Issue
+
+ [Back to Top]
+
+ This is a list of all changes that went into this release that did not
+ reference a JIRA issue.
+
+ +------------------------------------------------------------------------+
+ | Revision | Author | Summary |
+ |------------+---------------+-------------------------------------------|
+ | | | res_musiconhold: Add |
+ | b189f8c5cf | George Joseph | kill_escalation_delay, kill_method to |
+ | | | class |
+ +------------------------------------------------------------------------+
+
+ ----------------------------------------------------------------------
+
+ Diffstat Results
+
+ [Back to Top]
+
+ This is a summary of the changes to the source code that went into this
+ release that was generated using the diffstat utility.
+
+ CHANGES | 20
+ README-SERIOUSLY.bestpractices.txt | 7
+ apps/app_minivm.c | 36 +
+ apps/app_mixmonitor.c | 15
+ apps/app_system.c | 10
+ channels/chan_pjsip.c | 3
+ configs/samples/minivm.conf.sample | 2
+ configs/samples/musiconhold.conf.sample | 23 +
+ configs/samples/pjsip.conf.sample | 11
+ funcs/func_shell.c | 5
+ include/asterisk/app.h | 31 +
+ include/asterisk/core_local.h | 37 +
+ include/asterisk/res_pjsip_session.h | 11
+ main/asterisk.c | 91 +++-
+ main/bridge.c | 9
+ main/core_local.c | 54 +-
+ res/res_monitor.c | 13
+ res/res_musiconhold.c | 129 +++---
+ res/res_pjsip.c | 11
+ res/res_pjsip/pjsip_distributor.c | 214 ++++++++--
+ res/res_pjsip_refer.c | 8
+ res/res_pjsip_session.c | 28 +
+ res/res_pjsip_session.exports.in | 1
+ res/res_rtp_asterisk.c | 87 ++--
+ third-party/pjproject/patches/0070-Set-PJSIP_INV_SUPPORT_UPDATE-correctly-in-pjsip_inv_.patch | 9
+ 25 files changed, 678 insertions(+), 187 deletions(-)
projects / thirdparty / asterisk.git / commitdiff
