-certified/13.21-cert4
\ No newline at end of file
+certified/13.21-cert5
\ No newline at end of file
+2019-11-21 21:29 +0000 Asterisk Development Team <asteriskteam@digium.com>
+
+ * asterisk certified/13.21-cert5 Released.
+
+2019-11-21 15:25 +0000 [171fa026d1] Asterisk Development Team <asteriskteam@digium.com>
+
+ * Update CHANGES and UPGRADE.txt for 13.21-cert5
+
+2019-10-21 14:55 +0000 [5be4005fba] Ben Ford <bford@digium.com>
+
+ * chan_sip.c: Prevent address change on unauthenticated SIP request.
+
+ If the name of a peer is known and a SIP request is sent using that
+ peer's name, the address of the peer will change even if the request
+ fails the authentication challenge. This means that an endpoint can
+ be altered and even rendered unusuable, even if it was in a working
+ state previously. This can only occur when the nat option is set to the
+ default, or auto_force_rport.
+
+ This change checks the result of authentication first to ensure it is
+ successful before setting the address and the nat option.
+
+ ASTERISK-28589 #close
+
+ Change-Id: I581c5ed1da60ca89f590bd70872de2b660de02df
+
+2019-10-24 12:41 +0000 [32e599f16a] George Joseph <gjoseph@digium.com>
+
+ * manager.c: Prevent the Originate action from running the Originate app
+
+ If an AMI user without the "system" authorization calls the
+ Originate AMI command with the Originate application,
+ the second Originate could run the "System" command.
+
+ Action: Originate
+ Channel: Local/1111
+ Application: Originate
+ Data: Local/2222,app,System,touch /tmp/owned
+
+ If the "system" authorization isn't set, we now block the
+ Originate app as well as the System, Exec, etc. apps.
+
+ ASTERISK-28580
+ Reported by: Eliel Sardañons
+
+ Change-Id: Ic4c9dedc34c426f03c8c14fce334a71386d8a5fa
+
+2019-11-08 13:21 +0000 [20535ecac0] Ben Ford <bford@digium.com>
+
+ * res_pjsip_session.c: Check for port of zero on incoming SDP.
+
+ If a re-invite comes in initiating T.38, but there is no c line in the
+ SDP and the port is also 0, a crash can occur. A check is now done on
+ the port to see if the steam is already declined, preventing the crash.
+ The logic was moved to res_pjsip_session.c because it is handled in a
+ similar manner in later versions of Asterisk.
+
+ ASTERISK-28612
+ Reported by: Salah Ahmed
+
+ Change-Id: Ifc4a0d05b32c7f2156e77fc8435a6ecaa6abada0
+
+2019-11-15 04:46 +0000 [144f7f4c7e] Joshua Colp <jcolp@digium.com>
+
+ * parking: Fix case where we can't get the parker.
+
+ ASTERISK-28616
+
+ Change-Id: Iabe31ae38d01604284fcc5c2438d44e29a32ea4d
+
+2019-11-12 05:00 +0000 [a88f1150e8] Joshua Colp <jcolp@digium.com>
+
+ * parking: Use channel snapshot instead of channel.
+
+ There exists a scenario where a thread can hold a lock on the
+ channels container while trying to lock a bridge. At the same
+ time another thread can hold the lock for said bridge while
+ attempting to retrieve a channel. This causes a deadlock.
+
+ This change fixes this scenario by retrieving a channel snapshot
+ instead of a channel, as information present in the snapshot
+ is all that is needed.
+
+ ASTERISK-28616
+
+ Change-Id: I68ceb1d62c7378addcd286e21be08a660a7cecf2
+
+2019-09-24 11:21 +0000 [e604f532ec] Kevin Harwell <kharwell@digium.com>
+
+ * res_pjsip_pubsub: change warning to debug
+
+ The following message:
+
+ "Subscription request from endpoint <blah> rejected. Expiration of 0 is invalid"
+
+ Would sometimes spam the log with warnings if Asterisk restarted and a bunch
+ of clients sent unsubscribes. This patch changes it from a warning to a debug
+ message.
+
+ Change-Id: I841ec42f65559f3135e037df0e55f89b6447a467
+
+2019-09-23 11:01 +0000 [e7c44355a6] Kevin Harwell <kharwell@digium.com>
+
+ * res_sorcery_memory_cache: stale item update leak
+
+ When a stale item was being updated the object was being retrieved, but its
+ reference was not being decremented after the update. This patch makes it so
+ the object is now appropriately de-referenced.
+
+ ASTERISK-28523
+
+ Change-Id: I9d8173d3a0416a242f4eba92fa0853279c500ec7
+
+2019-09-15 14:35 +0000 [dfd7a3474b] Joshua Colp <jcolp@digium.com>
+
+ * chan_pjsip: Relock correct channel during "fax" redirect.
+
+ When fax detection occurs on an outbound PJSIP channel the
+ redirect operation will result in a masquerade occurring and
+ the underlying channel on the session changing. The code
+ incorrectly relocked the new channel instead of the old
+ channel when returning. This resulted in the new channel
+ being locked indefinitely. The code now always acts on the
+ expected channel.
+
+ ASTERISK-28538
+
+ Change-Id: I2b2e60d07e74383ae7e90d752c036c4b02d6b3a3
+
+2019-08-08 12:10 +0000 [794c7030ae] George Joseph <gjoseph@digium.com>
+
+ * CI: Escape backslashes in printenv/sort/tr
+
+ Change-Id: I52be64c8f6af2bbe15148a856d1f10cb113e1e94
+
+2019-08-08 07:12 +0000 [c177b3566b] George Joseph <gjoseph@digium.com>
+
+ * CI: Add "throttle" label and "skip_gate" capability
+
+ To make throttling by label fully active, the "throttle" option
+ has to be specified with a specific label.
+
+ You can now specify "skip_gate" in the Gerrit comments when you
+ do a +2 code review to tell Jenkins not to actually run the
+ gate. You'd do this if you plan to manually merge the change.
+
+ Also updated the "printenv" debug output to better sort multi-line
+ comments.
+
+ Change-Id: I4c0b1085acec4805f2ca207eebac50aad81f27e2
+
+2019-08-06 10:40 +0000 [f789016ff5] George Joseph <gjoseph@digium.com>
+
+ * CI: Make node labels job-specific
+
+ Originally, the eligible nodes for a job were labelled only by
+ "swdev-docker". So basically any node could run any job. We had
+ found that allowing a node to run more than 1 gate at a time was
+ problematic so we limited the nodes to processing 1 job at a time.
+ With the creation of the Asterisk 17 branches however, we now have
+ so many active branches that getting checks and gates through in
+ a timely manner is problematic when a node can run only 1 job
+ at a time.
+
+ Now the nodes are also labelled by the job type they can run.
+ For instance: "asterisk-check", "asterisk-gate", etc. With the
+ "Throttle Concurrent Builds" plugin, we can now allow a node to
+ run more than 1 job BUT throttle by job type. For instance:
+ Allow 2 jobs but only 1 asterisk-gate at a time.
+ Now a node can run 2 checks or 1 check and 1 gate or 1 gate but
+ not 2 gates at a time.
+
+ Change-Id: I2032bf6afbcec5c341d9b852214c0c812d3d6db5
+
+2019-07-26 08:38 +0000 [1e9a9e4dca] George Joseph <gjoseph@digium.com>
+
+ * .gitreview: Update defaultbranch for certified
+
+ Change-Id: Ied1a0488a777bec513cc351c3ed8e25741bfc11f
+
+2019-07-24 15:15 +0000 [ea02f587a8] George Joseph <gjoseph@digium.com>
+
+ * CI: Don't enable non-core modules in Certified branches
+
+ We don't support non-core modules for Certified releases but we
+ were enabling them for CI builds which was causing lots of test
+ failures. Now we don't.
+
+ NOTE: This change required that the rest of the CI shell scripts
+ and jenkinsfiles be updates to the same level as certified/16.3.
+
+ Change-Id: I0b3254c08a2479f3d39151690350cce5ce5ad766
+
2019-07-11 19:26 +0000 Asterisk Development Team <asteriskteam@digium.com>
* asterisk certified/13.21-cert4 Released.
+++ /dev/null
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><title>Release Summary - asterisk-certified/13.21-cert4</title><h1 align="center"><a name="top">Release Summary</a></h1><h3 align="center">asterisk-certified/13.21-cert4</h3><h3 align="center">Date: 2019-07-11</h3><h3 align="center"><asteriskteam@digium.com></h3><hr><h2 align="center">Table of Contents</h2><ol>
-<li><a href="#summary">Summary</a></li>
-<li><a href="#contributors">Contributors</a></li>
-<li><a href="#closed_issues">Closed Issues</a></li>
-<li><a href="#commits">Other Changes</a></li>
-<li><a href="#diffstat">Diffstat</a></li>
-</ol><hr><a name="summary"><h2 align="center">Summary</h2></a><center><a href="#top">[Back to Top]</a></center><p>This release has been made to address one or more security vulnerabilities that have been identified. A security advisory document has been published for each vulnerability that includes additional information. Users of versions of Asterisk that are affected are strongly encouraged to review the advisories and determine what action they should take to protect their systems from these issues.</p><p>Security Advisories:</p><ul>
-<li><a href="http://downloads.asterisk.org/pub/security/AST-2019-002,AST-2019-003.html">AST-2019-002,AST-2019-003</a></li>
-</ul><p>The data in this summary reflects changes that have been made since the previous release, asterisk-certified/13.21-cert3.</p><hr><a name="contributors"><h2 align="center">Contributors</h2></a><center><a href="#top">[Back to Top]</a></center><p>This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.</p><table width="100%" border="0">
-<tr><th width="33%">Coders</th><th width="33%">Testers</th><th width="33%">Reporters</th></tr>
-<tr valign="top"><td width="33%">2 George Joseph <gjoseph@digium.com><br/>1 Sean Bright <sean.bright@gmail.com><br/>1 Chris-Savinovich <csavinovich@digium.com><br/>1 Francesco Castellano <francesco.castellano@messagenet.it><br/></td><td width="33%"><td width="33%">1 Eyal Hasson <eyal@kolhl.com><br/>1 Gil Richard<br/>1 Gil Richard <grichard@intertalksystems.com><br/>1 Francesco Castellano <francesco.castellano@messagenet.it><br/></td></tr>
-</table><hr><a name="closed_issues"><h2 align="center">Closed Issues</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all issues from the issue tracker that were closed by changes that went into this release.</p><h3>Security</h3><h4>Category: Channels/chan_sip/Interoperability</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-28465">ASTERISK-28465</a>: Broken SDP can cause a segfault in a T.38 reINVITE<br/>Reported by: Francesco Castellano<ul>
-<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=07048050b0a1e77e704ed06aa103a450fa1e64ea">[07048050b0]</a> Francesco Castellano -- chan_sip: Handle invalid SDP answer to T.38 re-invite</li>
-</ul><br><h4>Category: Resources/res_pjsip_messaging</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-28447">ASTERISK-28447</a>: res_pjsip_messaging: In-dialog MESSAGE with no body causes crash<br/>Reported by: Gil Richard<ul>
-<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=521581b762e9a72f1bcc6c4321db3fc53fdb084a">[521581b762]</a> George Joseph -- res_pjsip_messaging: Check for body in in-dialog message</li>
-</ul><br><h3>Bug</h3><h4>Category: Core/PBX</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-28140">ASTERISK-28140</a>: repeated segmentation faults <br/>Reported by: Eyal Hasson<ul>
-<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=79207ec9f1f6864b138ecbde1a69ea2acc1b823e">[79207ec9f1]</a> George Joseph -- backtrace: Refactor ast_bt_get_symbols so it doesn't crash</li>
-</ul><br><hr><a name="commits"><h2 align="center">Commits Not Associated with an Issue</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all changes that went into this release that did not reference a JIRA issue.</p><table width="100%" border="1">
-<tr><th>Revision</th><th>Author</th><th>Summary</th></tr>
-<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=e2e3def2d9a02506be87855570c85b5c9628033f">e2e3def2d9</a></td><td>Sean Bright</td><td>core: Add some documentation to the malloc_trim code</td></tr>
-<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=7a7e3dfa5c3bb1a2a16fdb5b502ff4db95d3d538">7a7e3dfa5c</a></td><td>Chris-Savinovich</td><td>core: Merge malloc_trim patch</td></tr>
-</table><hr><a name="diffstat"><h2 align="center">Diffstat Results</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.</p><pre>asterisk-certified-13.21-cert3-summary.html | 108
-asterisk-certified-13.21-cert3-summary.txt | 258
-b/.version | 2
-b/CHANGES | 9
-b/ChangeLog |56052 +++++++++++-----------------
-b/UPGRADE.txt | 7
-b/asterisk-13.21.0-rc1-summary.html | 348
-b/asterisk-13.21.0-rc1-summary.txt | 825
-b/channels/chan_sip.c | 8
-b/configure | 2
-b/configure.ac | 2
-b/include/asterisk/autoconfig.h.in | 3
-b/include/asterisk/backtrace.h | 19
-b/main/astmm.c | 8
-b/main/backtrace.c | 330
-b/main/cli.c | 46
-b/main/logger.c | 42
-b/main/utils.c | 8
-b/res/res_pjsip_messaging.c | 7
-b/tests/test_pbx.c | 22
-20 files changed, 24152 insertions(+), 33954 deletions(-)</pre><br></html>
\ No newline at end of file
+++ /dev/null
- Release Summary
-
- asterisk-certified/13.21-cert4
-
- Date: 2019-07-11
-
- <asteriskteam@digium.com>
-
- ----------------------------------------------------------------------
-
- Table of Contents
-
- 1. Summary
- 2. Contributors
- 3. Closed Issues
- 4. Other Changes
- 5. Diffstat
-
- ----------------------------------------------------------------------
-
- Summary
-
- [Back to Top]
-
- This release has been made to address one or more security vulnerabilities
- that have been identified. A security advisory document has been published
- for each vulnerability that includes additional information. Users of
- versions of Asterisk that are affected are strongly encouraged to review
- the advisories and determine what action they should take to protect their
- systems from these issues.
-
- Security Advisories:
-
- * AST-2019-002,AST-2019-003
-
- The data in this summary reflects changes that have been made since the
- previous release, asterisk-certified/13.21-cert3.
-
- ----------------------------------------------------------------------
-
- Contributors
-
- [Back to Top]
-
- This table lists the people who have submitted code, those that have
- tested patches, as well as those that reported issues on the issue tracker
- that were resolved in this release. For coders, the number is how many of
- their patches (of any size) were committed into this release. For testers,
- the number is the number of times their name was listed as assisting with
- testing a patch. Finally, for reporters, the number is the number of
- issues that they reported that were affected by commits that went into
- this release.
-
- Coders Testers Reporters
- 2 George Joseph 1 Eyal Hasson
- 1 Sean Bright 1 Gil Richard
- 1 Chris-Savinovich 1 Gil Richard
- 1 Francesco Castellano 1 Francesco Castellano
-
- ----------------------------------------------------------------------
-
- Closed Issues
-
- [Back to Top]
-
- This is a list of all issues from the issue tracker that were closed by
- changes that went into this release.
-
- Security
-
- Category: Channels/chan_sip/Interoperability
-
- ASTERISK-28465: Broken SDP can cause a segfault in a T.38 reINVITE
- Reported by: Francesco Castellano
- * [07048050b0] Francesco Castellano -- chan_sip: Handle invalid SDP
- answer to T.38 re-invite
-
- Category: Resources/res_pjsip_messaging
-
- ASTERISK-28447: res_pjsip_messaging: In-dialog MESSAGE with no body causes
- crash
- Reported by: Gil Richard
- * [521581b762] George Joseph -- res_pjsip_messaging: Check for body in
- in-dialog message
-
- Bug
-
- Category: Core/PBX
-
- ASTERISK-28140: repeated segmentation faults
- Reported by: Eyal Hasson
- * [79207ec9f1] George Joseph -- backtrace: Refactor ast_bt_get_symbols
- so it doesn't crash
-
- ----------------------------------------------------------------------
-
- Commits Not Associated with an Issue
-
- [Back to Top]
-
- This is a list of all changes that went into this release that did not
- reference a JIRA issue.
-
- +------------------------------------------------------------------------+
- | Revision | Author | Summary |
- |------------+------------------+----------------------------------------|
- | e2e3def2d9 | Sean Bright | core: Add some documentation to the |
- | | | malloc_trim code |
- |------------+------------------+----------------------------------------|
- | 7a7e3dfa5c | Chris-Savinovich | core: Merge malloc_trim patch |
- +------------------------------------------------------------------------+
-
- ----------------------------------------------------------------------
-
- Diffstat Results
-
- [Back to Top]
-
- This is a summary of the changes to the source code that went into this
- release that was generated using the diffstat utility.
-
- asterisk-certified-13.21-cert3-summary.html | 108
- asterisk-certified-13.21-cert3-summary.txt | 258
- b/.version | 2
- b/CHANGES | 9
- b/ChangeLog |56052 +++++++++++-----------------
- b/UPGRADE.txt | 7
- b/asterisk-13.21.0-rc1-summary.html | 348
- b/asterisk-13.21.0-rc1-summary.txt | 825
- b/channels/chan_sip.c | 8
- b/configure | 2
- b/configure.ac | 2
- b/include/asterisk/autoconfig.h.in | 3
- b/include/asterisk/backtrace.h | 19
- b/main/astmm.c | 8
- b/main/backtrace.c | 330
- b/main/cli.c | 46
- b/main/logger.c | 42
- b/main/utils.c | 8
- b/res/res_pjsip_messaging.c | 7
- b/tests/test_pbx.c | 22
- 20 files changed, 24152 insertions(+), 33954 deletions(-)
--- /dev/null
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><title>Release Summary - asterisk-certified/13.21-cert5</title><h1 align="center"><a name="top">Release Summary</a></h1><h3 align="center">asterisk-certified/13.21-cert5</h3><h3 align="center">Date: 2019-11-21</h3><h3 align="center"><asteriskteam@digium.com></h3><hr><h2 align="center">Table of Contents</h2><ol>
+<li><a href="#summary">Summary</a></li>
+<li><a href="#contributors">Contributors</a></li>
+<li><a href="#closed_issues">Closed Issues</a></li>
+<li><a href="#commits">Other Changes</a></li>
+<li><a href="#diffstat">Diffstat</a></li>
+</ol><hr><a name="summary"><h2 align="center">Summary</h2></a><center><a href="#top">[Back to Top]</a></center><p>This release has been made to address one or more security vulnerabilities that have been identified. A security advisory document has been published for each vulnerability that includes additional information. Users of versions of Asterisk that are affected are strongly encouraged to review the advisories and determine what action they should take to protect their systems from these issues.</p><p>Security Advisories:</p><ul>
+<li><a href="http://downloads.asterisk.org/pub/security/AST-2019-006,AST-2019-007,AST-2019-008.html">AST-2019-006,AST-2019-007,AST-2019-008</a></li>
+</ul><p>The data in this summary reflects changes that have been made since the previous release, asterisk-certified/13.21-cert4.</p><hr><a name="contributors"><h2 align="center">Contributors</h2></a><center><a href="#top">[Back to Top]</a></center><p>This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.</p><table width="100%" border="0">
+<tr><th width="33%">Coders</th><th width="33%">Testers</th><th width="33%">Reporters</th></tr>
+<tr valign="top"><td width="33%">6 George Joseph <gjoseph@digium.com><br/>3 Joshua Colp <jcolp@digium.com><br/>2 Kevin Harwell <kharwell@digium.com><br/>2 Ben Ford <bford@digium.com><br/>1 Asterisk Development Team <asteriskteam@digium.com><br/></td><td width="33%"><td width="33%">3 Joshua C. Colp <jcolp@digium.com><br/>1 Eliel Sardañons <eliels@gmail.com><br/>1 Salah Ahmed <txrubel@gmail.com><br/>1 Eliel Sardañons<br/>1 Salah Ahmed<br/>1 Cyril Ramière <cyril.ramiere@ino.global><br/>1 Andrey V. T. <avt1203@gmail.com><br/></td></tr>
+</table><hr><a name="closed_issues"><h2 align="center">Closed Issues</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all issues from the issue tracker that were closed by changes that went into this release.</p><h3>Security</h3><h4>Category: Channels/chan_sip/General</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-28589">ASTERISK-28589</a>: chan_sip: Depending on configuration an INVITE can alter Addr of a peer<br/>Reported by: Andrey V. T.<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=5be4005fba891184ee2323ca82cd1520d924d293">[5be4005fba]</a> Ben Ford -- chan_sip.c: Prevent address change on unauthenticated SIP request.</li>
+</ul><br><h4>Category: Core/ManagerInterface</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-28580">ASTERISK-28580</a>: Bypass SYSTEM write permission in manager action allows system commands execution<br/>Reported by: Eliel Sardañons<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=32e599f16a87263bb59954fa31ad8449d7a7900a">[32e599f16a]</a> George Joseph -- manager.c: Prevent the Originate action from running the Originate app</li>
+</ul><br><h3>Bug</h3><h4>Category: Channels/chan_pjsip</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-28538">ASTERISK-28538</a>: chan_pjsip: Deadlock on fax detection<br/>Reported by: Joshua C. Colp<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=dfd7a3474ba2c07c29c498c06bd67ff175c97fd2">[dfd7a3474b]</a> Joshua Colp -- chan_pjsip: Relock correct channel during "fax" redirect.</li>
+</ul><br><h4>Category: General</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-28523">ASTERISK-28523</a>: Asterisk 16.5.0 Memory leak<br/>Reported by: Cyril Ramière<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=e7c44355a634dde9646443476d82de6f627a5aef">[e7c44355a6]</a> Kevin Harwell -- res_sorcery_memory_cache: stale item update leak</li>
+</ul><br><h4>Category: Resources/res_parking</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-28616">ASTERISK-28616</a>: parking: Deadlock when multi call parking<br/>Reported by: Joshua C. Colp<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=144f7f4c7ed1b8b988a2e11dddb86376f71c0002">[144f7f4c7e]</a> Joshua Colp -- parking: Fix case where we can't get the parker.</li>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=a88f1150e8bd1a249f165080d910c6af22bb31ca">[a88f1150e8]</a> Joshua Colp -- parking: Use channel snapshot instead of channel.</li>
+</ul><br><h4>Category: Resources/res_pjsip_t38</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-28612">ASTERISK-28612</a>: res_pjsip_t38: crash on reinvite with zero port and no c= line<br/>Reported by: Salah Ahmed<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=20535ecac0566ecf46c39a123cc802ba9e621d9d">[20535ecac0]</a> Ben Ford -- res_pjsip_session.c: Check for port of zero on incoming SDP.</li>
+</ul><br><hr><a name="commits"><h2 align="center">Commits Not Associated with an Issue</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all changes that went into this release that did not reference a JIRA issue.</p><table width="100%" border="1">
+<tr><th>Revision</th><th>Author</th><th>Summary</th></tr>
+<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=171fa026d12f8f0d7e37b625c3c6a548ceb35de9">171fa026d1</a></td><td>Asterisk Development Team</td><td>Update CHANGES and UPGRADE.txt for 13.21-cert5</td></tr>
+<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=e604f532ecaa7dcfa9a93c49eb15bf119b268039">e604f532ec</a></td><td>Kevin Harwell</td><td>res_pjsip_pubsub: change warning to debug</td></tr>
+<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=794c7030aef1e8b60de5d0900b3e71f9c972d04d">794c7030ae</a></td><td>George Joseph</td><td>CI: Escape backslashes in printenv/sort/tr</td></tr>
+<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=c177b3566b4fd896d5719e63d5d60e1a47bd5294">c177b3566b</a></td><td>George Joseph</td><td>CI: Add "throttle" label and "skip_gate" capability</td></tr>
+<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=f789016ff57e22dc56dfd9dfee3930cd550dbf6d">f789016ff5</a></td><td>George Joseph</td><td>CI: Make node labels job-specific</td></tr>
+<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=1e9a9e4dca149d6b17b6565e74ad73c03289a287">1e9a9e4dca</a></td><td>George Joseph</td><td>.gitreview: Update defaultbranch for certified</td></tr>
+<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=ea02f587a8cd7b8db899b04e41f64d2bda73a84b">ea02f587a8</a></td><td>George Joseph</td><td>CI: Don't enable non-core modules in Certified branches</td></tr>
+</table><hr><a name="diffstat"><h2 align="center">Diffstat Results</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.</p><pre>.gitreview | 2
+UPGRADE.txt | 10 +
+channels/chan_pjsip.c | 38 ++++--
+channels/chan_sip.c | 28 ++--
+main/manager.c | 1
+res/parking/parking_bridge.c | 33 +++--
+res/res_pjsip_pubsub.c | 2
+res/res_pjsip_session.c | 7 +
+res/res_sorcery_memory_cache.c | 1
+tests/CI/buildAsterisk.sh | 185 ++++++++++++++++++++++++---------
+tests/CI/gateTestGroups.json | 9 +
+tests/CI/gates.jenkinsfile | 126 ++++++++++++++--------
+tests/CI/installAsterisk.sh | 5
+tests/CI/periodic-dailyTestGroups.json | 8 +
+tests/CI/periodics-daily.jenkinsfile | 67 +++++++++--
+tests/CI/ref_debug.jenkinsfile | 44 +++++--
+tests/CI/runTestsuite.sh | 16 +-
+tests/CI/runUnittests.sh | 100 ++++++++++++++---
+tests/CI/setupRealtime.sh | 162 +++++++++++++++++++---------
+tests/CI/teardownRealtime.sh | 8 +
+tests/CI/unittests.jenkinsfile | 87 ++++++++++-----
+21 files changed, 672 insertions(+), 267 deletions(-)</pre><br></html>
\ No newline at end of file
--- /dev/null
+ Release Summary
+
+ asterisk-certified/13.21-cert5
+
+ Date: 2019-11-21
+
+ <asteriskteam@digium.com>
+
+ ----------------------------------------------------------------------
+
+ Table of Contents
+
+ 1. Summary
+ 2. Contributors
+ 3. Closed Issues
+ 4. Other Changes
+ 5. Diffstat
+
+ ----------------------------------------------------------------------
+
+ Summary
+
+ [Back to Top]
+
+ This release has been made to address one or more security vulnerabilities
+ that have been identified. A security advisory document has been published
+ for each vulnerability that includes additional information. Users of
+ versions of Asterisk that are affected are strongly encouraged to review
+ the advisories and determine what action they should take to protect their
+ systems from these issues.
+
+ Security Advisories:
+
+ * AST-2019-006,AST-2019-007,AST-2019-008
+
+ The data in this summary reflects changes that have been made since the
+ previous release, asterisk-certified/13.21-cert4.
+
+ ----------------------------------------------------------------------
+
+ Contributors
+
+ [Back to Top]
+
+ This table lists the people who have submitted code, those that have
+ tested patches, as well as those that reported issues on the issue tracker
+ that were resolved in this release. For coders, the number is how many of
+ their patches (of any size) were committed into this release. For testers,
+ the number is the number of times their name was listed as assisting with
+ testing a patch. Finally, for reporters, the number is the number of
+ issues that they reported that were affected by commits that went into
+ this release.
+
+ Coders Testers Reporters
+ 6 George Joseph 3 Joshua C. Colp
+ 3 Joshua Colp 1 Eliel Sardañons
+ 2 Kevin Harwell 1 Salah Ahmed
+ 2 Ben Ford 1 Eliel Sardañons
+ 1 Asterisk Development Team 1 Salah Ahmed
+ 1 Cyril Ramière
+ 1 Andrey V. T.
+
+ ----------------------------------------------------------------------
+
+ Closed Issues
+
+ [Back to Top]
+
+ This is a list of all issues from the issue tracker that were closed by
+ changes that went into this release.
+
+ Security
+
+ Category: Channels/chan_sip/General
+
+ ASTERISK-28589: chan_sip: Depending on configuration an INVITE can alter
+ Addr of a peer
+ Reported by: Andrey V. T.
+ * [5be4005fba] Ben Ford -- chan_sip.c: Prevent address change on
+ unauthenticated SIP request.
+
+ Category: Core/ManagerInterface
+
+ ASTERISK-28580: Bypass SYSTEM write permission in manager action allows
+ system commands execution
+ Reported by: Eliel Sardañons
+ * [32e599f16a] George Joseph -- manager.c: Prevent the Originate action
+ from running the Originate app
+
+ Bug
+
+ Category: Channels/chan_pjsip
+
+ ASTERISK-28538: chan_pjsip: Deadlock on fax detection
+ Reported by: Joshua C. Colp
+ * [dfd7a3474b] Joshua Colp -- chan_pjsip: Relock correct channel during
+ "fax" redirect.
+
+ Category: General
+
+ ASTERISK-28523: Asterisk 16.5.0 Memory leak
+ Reported by: Cyril Ramière
+ * [e7c44355a6] Kevin Harwell -- res_sorcery_memory_cache: stale item
+ update leak
+
+ Category: Resources/res_parking
+
+ ASTERISK-28616: parking: Deadlock when multi call parking
+ Reported by: Joshua C. Colp
+ * [144f7f4c7e] Joshua Colp -- parking: Fix case where we can't get the
+ parker.
+ * [a88f1150e8] Joshua Colp -- parking: Use channel snapshot instead of
+ channel.
+
+ Category: Resources/res_pjsip_t38
+
+ ASTERISK-28612: res_pjsip_t38: crash on reinvite with zero port and no c=
+ line
+ Reported by: Salah Ahmed
+ * [20535ecac0] Ben Ford -- res_pjsip_session.c: Check for port of zero
+ on incoming SDP.
+
+ ----------------------------------------------------------------------
+
+ Commits Not Associated with an Issue
+
+ [Back to Top]
+
+ This is a list of all changes that went into this release that did not
+ reference a JIRA issue.
+
+ +------------------------------------------------------------------------+
+ | Revision | Author | Summary |
+ |------------+----------------------+------------------------------------|
+ | 171fa026d1 | Asterisk Development | Update CHANGES and UPGRADE.txt for |
+ | | Team | 13.21-cert5 |
+ |------------+----------------------+------------------------------------|
+ | e604f532ec | Kevin Harwell | res_pjsip_pubsub: change warning |
+ | | | to debug |
+ |------------+----------------------+------------------------------------|
+ | 794c7030ae | George Joseph | CI: Escape backslashes in |
+ | | | printenv/sort/tr |
+ |------------+----------------------+------------------------------------|
+ | c177b3566b | George Joseph | CI: Add "throttle" label and |
+ | | | "skip_gate" capability |
+ |------------+----------------------+------------------------------------|
+ | f789016ff5 | George Joseph | CI: Make node labels job-specific |
+ |------------+----------------------+------------------------------------|
+ | 1e9a9e4dca | George Joseph | .gitreview: Update defaultbranch |
+ | | | for certified |
+ |------------+----------------------+------------------------------------|
+ | ea02f587a8 | George Joseph | CI: Don't enable non-core modules |
+ | | | in Certified branches |
+ +------------------------------------------------------------------------+
+
+ ----------------------------------------------------------------------
+
+ Diffstat Results
+
+ [Back to Top]
+
+ This is a summary of the changes to the source code that went into this
+ release that was generated using the diffstat utility.
+
+ .gitreview | 2
+ UPGRADE.txt | 10 +
+ channels/chan_pjsip.c | 38 ++++--
+ channels/chan_sip.c | 28 ++--
+ main/manager.c | 1
+ res/parking/parking_bridge.c | 33 +++--
+ res/res_pjsip_pubsub.c | 2
+ res/res_pjsip_session.c | 7 +
+ res/res_sorcery_memory_cache.c | 1
+ tests/CI/buildAsterisk.sh | 185 ++++++++++++++++++++++++---------
+ tests/CI/gateTestGroups.json | 9 +
+ tests/CI/gates.jenkinsfile | 126 ++++++++++++++--------
+ tests/CI/installAsterisk.sh | 5
+ tests/CI/periodic-dailyTestGroups.json | 8 +
+ tests/CI/periodics-daily.jenkinsfile | 67 +++++++++--
+ tests/CI/ref_debug.jenkinsfile | 44 +++++--
+ tests/CI/runTestsuite.sh | 16 +-
+ tests/CI/runUnittests.sh | 100 ++++++++++++++---
+ tests/CI/setupRealtime.sh | 162 +++++++++++++++++++---------
+ tests/CI/teardownRealtime.sh | 8 +
+ tests/CI/unittests.jenkinsfile | 87 ++++++++++-----
+ 21 files changed, 672 insertions(+), 267 deletions(-)
projects / thirdparty / asterisk.git / commitdiff
