From: Kevin Harwell Date: Thu, 8 Dec 2016 17:40:37 +0000 (-0500) Subject: Update for certified/13.8-cert4 X-Git-Tag: certified/13.8-cert4~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2e0239c28c75e579ca4eff6aff632c979d2dab9f;p=thirdparty%2Fasterisk.git Update for certified/13.8-cert4 --- diff --git a/.version b/.version index 7208ceda12..4092eb6406 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -certified/13.8-cert3 \ No newline at end of file +certified/13.8-cert4 \ No newline at end of file diff --git a/ChangeLog b/ChangeLog index b97ea12596..20db847bcc 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,251 @@ +2016-12-08 17:40 +0000 Asterisk Development Team + + * asterisk certified/13.8-cert4 Released. + +2016-11-30 09:31 +0000 [4fece22836] Walter Doekes + + * chan_sip: Do not allow non-SP/HTAB between header key and colon. + + RFC says SIP headers look like: + + HCOLON = *( SP / HTAB ) ":" SWS + SWS = [LWS] ; sep whitespace + LWS = [*WSP CRLF] 1*WSP ; linear whitespace + WSP = SP / HTAB ; from rfc2234 + + chan_sip implemented this: + + HCOLON = *( LOWCTL / SP ) ":" SWS + LOWCTL = %x00-1F ; CTL without DEL + + This discrepancy meant that SIP proxies in front of Asterisk with + chan_sip could pass on unknown headers with \x00-\x1F in them, which + would be treated by Asterisk as a different (known) header. For + example, the "To\x01:" header would gladly be forwarded by some proxies + as irrelevant, but chan_sip would treat it as the relevant "To:" header. + + Those relying on a SIP proxy to scrub certain headers could mistakenly + get unexpected and unvalidated data fed to Asterisk. + + This change fixes so chan_sip only considers SP/HTAB as valid tokens + before the colon, making it agree on the headers with other speakers of + SIP. + + ASTERISK-26433 #close + AST-2016-009 + + Change-Id: I78086fbc524ac733b8f7f78cb423c91075fd489b + +2016-08-06 10:57 +0000 [016d20ce12] Alexei Gradinari + + * pjsip: Fix deadlock with suspend taskprocessor on masquerade + + If both channels which should be masqueraded + are in the same serializer: + 1st channel will be locked waiting condition 'complete' + 2nd channel will be locked waiting condition 'suspended' + + On heavy load system a chance that both channels will be in + the same serializer 'pjsip/distibutor' is very high. + + To reproduce compile res_pjsip/pjsip_distributor.c with + DISTRIBUTOR_POOL_SIZE=1 + + Steps to reproduce: + 1. Party A calls Party B (bridged call 'AB') + 2. Party B places Party A on hold + 3. Party B calls Voicemail app (non-bridged call 'BV') + 4. Party B attended transfers Party A to voicemail using REFER. + 5. When asterisk masquerades calls 'AB' and 'BV', + a deadlock is happened. + + This patch adds a suspension indicator to the taskprocessor. + When a session suspends/unsuspends the serializer + it sets the indicator to the appropriate state. + The session checks the suspension indicator before + suspend the serializer. + + ASTERISK-26145 #close + + Change-Id: Iaaebee60013a58c942ba47b1b4930a63e686663b + +2016-11-08 10:48 +0000 [87e1ebc91a] Mark Michelson + + * res_pjsip_session: Do not call session supplements when it's too late. + + res_pjsip_sesssion was hooking into transaction and invite state + changes. One of the reasons for doing so was due to the + PJSIP_EVENT_TX_MSG event. The idea was that we were hooking into the + message sending process, and so we should call session supplements to + alter the outgoing message. + + In reality, this event was meant to indicate that the message either + a) had already been sent, or + b) required a DNS lookup and would be sent when the DNS query + completed. + + In case (a), this meant we were altering an already-sent + request/response for no reason. In case (b), this potentially meant we + could be trying to alter a request/response at the same time that the + DNS resolution completed. In this case, it meant we might be stomping on + memory being used by the thread actually sending the message. This + caused potential crashes and memory corruption. + + This patch removes the calls to session supplements from the case where + the PJSIP_EVENT_TX_MSG event occurs. In all of these cases, trying to + alter the message at this point is too late, and it can cause nothing + but harm to try to do it. Because there were no longer any calls to the + handle_outgoing() function, it has been removed. + + Change-Id: Ibcc223fb1c3a237927f38754e0429e80ee301e92 + (cherry picked from commit e043d1a55cf356066b3b39ebac8b4bbb612ce807) + +2016-11-02 09:15 +0000 [c8df727502] Joshua Colp + + * app_dial: Fix incorrect device state when channel is picked up. + + Given the scenario where multiple channels are dialed using Dial() + but the caller is picked up using PickupChan() all outgoing channels + except the channel specified to PickupChan() would be marked + as ringing until the call had been hung up. + + When using the PickupChan application the channel executing the + application is swapped into place of another channel. As part + of this process the channel is answered. The Dial application + has explicit logic which checks if the channel is answered, + cancels all other outgoing channels, and bridges. This logic is + different than the normal logic that is executed when an outgoing + channel is answered. This different logic failed to publish dial + events stating that the other outgoing channels had been canceled. + As a result references to the outgoing channels were held onto by + the dial masquerade process until the call had been ended and + the channels had gone away. This would result in the channels + appearing in the "core show channels" list despite not being present + anymore and would also result in incorrect device state. + + This change makes it so that this logic also publishes + dial events stating that the other outgoing channels have been + canceled. + + ASTERISK-26549 + + Change-Id: Iea7168e6e82f7d4609ec0366153804e4f55ea64f + +2016-10-18 16:50 +0000 [4c50689d09] Joshua Colp + + * Revert "pjproject_bundled: Add patch to address SSL crash" + + This reverts commit 28cc8a9dff2fb9210726cfa6274ae683fbfa4a01. + + Change-Id: I777cf8173f7a88273090bed72bfe57fb0e72b84f + +2016-10-17 11:39 +0000 [28cc8a9dff] gtjoseph + + * pjproject_bundled: Add patch to address SSL crash + + Addresses crashes when an attempt is made to operate on an SSL socket + after the socket has been closed. + + ASTERISK-26477 #close + + Change-Id: I421305b357558b4f9e690210dc0f4831ef4b3002 + (cherry picked from commit 546ec4b038ac3d750c5138d7fbb8e3ce93f482df) + +2016-10-12 16:24 +0000 [7c2bd702fd] Richard Mudgett + + * Audit ast_json_pack() calls for needed UTF-8 checks. + + Added needed UTF-8 checks before constructing json objects in various + files for strings obtained outside the system. In this case string values + from a channel driver's peer and not from the user setting channel + variables. + + * aoc.c: Fixed type mismatch in s_to_json() for time and granularity json + object construction. + + ASTERISK-26466 + Reported by: Richard Mudgett + + Change-Id: Iac2d867fa598daba5c5dbc619b5464625a7f2096 + +2016-10-12 16:20 +0000 [3b1b2fc1d5] Richard Mudgett + + * json: Check party id name, number, subaddresses for UTF-8. + + * Updated unit test as ast_json_name_number() is now NULL tolerant. + + ASTERISK-26466 #close + Reported by: Richard Mudgett + + Change-Id: I7d4e14194f8f81f24a1dc34d1b8602c0950265a6 + +2016-10-11 18:14 +0000 [a835adfa92] Richard Mudgett + + * json: Add UTF-8 check call. + + Since the json library does not make the check function public we + recreate/copy the function in our interface module. + + ASTERISK-26466 + Reported by: Richard Mudgett + + Change-Id: I36d3d750b6f5f1a110bc69ea92b435ecdeeb2a99 + +2016-07-19 15:22 +0000 [7baedd9ecd] Alexei Gradinari + + * res_pjsip_pubsub: fixed a bug when pjsip_tx_data_dec_ref is called twice. + + This patch removed call of pjsip_tx_data_dec_ref in send_notify + if send_request failed. + The pjsip_dlg_send_request deletes the message on error by itself. + + It seems this patch fixes next issues: + ASTERISK-26199 + ASTERISK-26166 + ASTERISK-26174 + + Change-Id: I8b05917c93d993f95d604c042ace5f1a5500f59a + +2016-10-05 14:53 +0000 [a8e37c3d06] gtjoseph + + * pjproject_bundled: Add MALLOC_DEBUG capability + + pjproject_bundled will now use the asterisk memory debugging APIs + if MALLOC_DEBUG is turned on in menuselect. + + Because this required stubs for the executable programs and the python + bindings, some Makefile reorganization was needed to properly handle + the dependencies. As a result, the makefile now individually makes + each of the pjproject libraries separately instead of making them all + in 1 shot. The only visible change is that there are separate status + lines printed for each library instead oif 1 for all libs. Also, the + making of the pjproject dependency files was eliminated. They're not + needed for building unless you're actively modifying pjproject source + files and it makes the build process faster. Finally, any issues with + parallel builds should be resolved again making the build faster. + + NOTE: The certified/13.8 version of this patch also builds libresample + which is needed by pjsua. Later versions do not need libresample. + + Change-Id: Icc5e3d658fbfb00e0a46b44c66dcc2522d5171b0 + +2016-08-29 18:08 +0000 [adcdecd47f] Richard Mudgett + + * res_pjsip: Add ignore_uri_user_options option. + + This implements the chan_sip legacy_useroption_parsing option but with a + better name. + + * Made the caller-id number and redirecting number strings obtained from + incoming SIP URI user fields always truncated at the first semicolon. + People don't care about anything after the semicolon showing up on their + displays even though the RFC allows the semicolon. + + ASTERISK-26316 #close + Reported by: Kevin Harwell + + Change-Id: Ib42b0e940dd34d84c7b14bc2e90d1ba392624f62 + 2016-09-08 16:34 +0000 Asterisk Development Team * asterisk certified/13.8-cert3 Released. diff --git a/asterisk-certified-13.8-cert3-summary.html b/asterisk-certified-13.8-cert3-summary.html deleted file mode 100644 index b7b0651721..0000000000 --- a/asterisk-certified-13.8-cert3-summary.html +++ /dev/null @@ -1,47 +0,0 @@ -Release Summary - asterisk-certified/13.8-cert3

Release Summary

asterisk-certified/13.8-cert3

Date: 2016-09-08

<asteriskteam@digium.com>

Table of Contents

    -
  1. Summary
    2. -
  2. Contributors
    3. -
  3. Closed Issues
    4. -
  4. Other Changes
    5. -
  5. Diffstat
    6. -

Summary

[Back to Top]

This release has been made to address one or more security vulnerabilities that have been identified. A security advisory document has been published for each vulnerability that includes additional information. Users of versions of Asterisk that are affected are strongly encouraged to review the advisories and determine what action they should take to protect their systems from these issues.

Security Advisories:

The data in this summary reflects changes that have been made since the previous release, asterisk-certified/13.8-cert2.

Contributors

[Back to Top]

This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.

- - -
CodersTestersReporters
6 George Joseph
3 Mark Michelson
1 Joshua Colp
1 Kevin Harwell
1 Corey Farrell
3 Mark Michelson
1 Etienne Lessard
1 Kevin Harwell

Closed Issues

[Back to Top]

This is a list of all issues from the issue tracker that were closed by changes that went into this release.

Bug

Category: Channels/chan_sip/General

ASTERISK-26272: chan_sip: File descriptors leak (UDP sockets)
Reported by: Etienne Lessard
    -
  • [d947baa255] Corey Farrell -- chan_sip: Don't allocate new RTP instances on top of old ones.
    • -

Category: Contrib/General

ASTERISK-26183: alembic: error when using sqlalchemy version 1.1.0b2
Reported by: Kevin Harwell
    -
  • [78a6da0885] Kevin Harwell -- alembic/sqlalchemy: auto increment only allowed on a single column
    • -

Improvement

Category: Applications/app_confbridge

ASTERISK-26289: Announcer channels in ConfBridges cause inefficiencies
Reported by: Mark Michelson
    -
  • [df9aa402a5] Mark Michelson -- ConfBridge: Make some announcements asynchronous.
    • -
  • [c218e038d7] Mark Michelson -- ConfBridge: Rework announcer channel methodology
    • -
  • [4ca730127c] Mark Michelson -- ConfBridge: Rework announcer channel methodology
    • -

Commits Not Associated with an Issue

[Back to Top]

This is a list of all changes that went into this release that did not reference a JIRA issue.

- - - - - - - - -
RevisionAuthorSummary
6cec20200bgtjosephRelease summaries: Remove previous versions
9c0f0eef6egtjoseph.version: Update for certified/13.8-cert3
3923b114b9gtjoseph.lastclean: Update for certified/13.8-cert3
83362b5590gtjosephrealtime: Add database scripts for certified/13.8-cert3
b1e827d259gtjosephres_rtp_multicast: Fix SEGV in ast_multicast_rtp_create_options
b82f0b7722Joshua ColpRevert "ConfBridge: Rework announcer channel methodology"
f40c6874c6gtjosephres_pjsip: Add contact_user to endpoint

Diffstat Results

[Back to Top]

This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.

asterisk-certified-13.8-cert2-summary.html                                           |   66 -
-asterisk-certified-13.8-cert2-summary.txt                                            |  199 ---
-b/.version                                                                           |    2
-b/CHANGES                                                                            |   16
-b/apps/app_confbridge.c                                                              |  612 ++++++++--
-b/apps/confbridge/conf_chan_announce.c                                               |   30
-b/apps/confbridge/conf_state_multi_marked.c                                          |    9
-b/apps/confbridge/include/confbridge.h                                               |   43
-b/channels/chan_sip.c                                                                |   61
-b/configs/samples/pjsip.conf.sample                                                  |    2
-b/contrib/ast-db-manage/config/versions/4e2493ef32e6_add_contact_user_to_endpoint.py |   22
-b/contrib/ast-db-manage/config/versions/581a4264e537_adding_extensions.py            |   10
-b/contrib/realtime/mssql/mssql_config.sql                                            |   13
-b/contrib/realtime/mysql/mysql_config.sql                                            |    9
-b/contrib/realtime/oracle/oracle_config.sql                                          |   13
-b/contrib/realtime/postgresql/postgresql_config.sql                                  |    9
-b/include/asterisk/res_pjsip.h                                                       |    2
-b/res/res_pjsip.c                                                                    |   26
-18 files changed, 736 insertions(+), 408 deletions(-)

\ No newline at end of file diff --git a/asterisk-certified-13.8-cert3-summary.txt b/asterisk-certified-13.8-cert3-summary.txt deleted file mode 100644 index 1c06fc3e54..0000000000 --- a/asterisk-certified-13.8-cert3-summary.txt +++ /dev/null @@ -1,156 +0,0 @@ - Release Summary - - asterisk-certified/13.8-cert3 - - Date: 2016-09-08 - - - - ---------------------------------------------------------------------- - - Table of Contents - - 1. Summary - 2. Contributors - 3. Closed Issues - 4. Other Changes - 5. Diffstat - - ---------------------------------------------------------------------- - - Summary - - [Back to Top] - - This release has been made to address one or more security vulnerabilities - that have been identified. A security advisory document has been published - for each vulnerability that includes additional information. Users of - versions of Asterisk that are affected are strongly encouraged to review - the advisories and determine what action they should take to protect their - systems from these issues. - - Security Advisories: - - * AST-2016-007 - - The data in this summary reflects changes that have been made since the - previous release, asterisk-certified/13.8-cert2. - - ---------------------------------------------------------------------- - - Contributors - - [Back to Top] - - This table lists the people who have submitted code, those that have - tested patches, as well as those that reported issues on the issue tracker - that were resolved in this release. For coders, the number is how many of - their patches (of any size) were committed into this release. For testers, - the number is the number of times their name was listed as assisting with - testing a patch. Finally, for reporters, the number is the number of - issues that they reported that were affected by commits that went into - this release. - - Coders Testers Reporters - 6 George Joseph 3 Mark Michelson - 3 Mark Michelson 1 Etienne Lessard - 1 Joshua Colp 1 Kevin Harwell - 1 Kevin Harwell - 1 Corey Farrell - - ---------------------------------------------------------------------- - - Closed Issues - - [Back to Top] - - This is a list of all issues from the issue tracker that were closed by - changes that went into this release. - - Bug - - Category: Channels/chan_sip/General - - ASTERISK-26272: chan_sip: File descriptors leak (UDP sockets) - Reported by: Etienne Lessard - * [d947baa255] Corey Farrell -- chan_sip: Don't allocate new RTP - instances on top of old ones. - - Category: Contrib/General - - ASTERISK-26183: alembic: error when using sqlalchemy version 1.1.0b2 - Reported by: Kevin Harwell - * [78a6da0885] Kevin Harwell -- alembic/sqlalchemy: auto increment only - allowed on a single column - - Improvement - - Category: Applications/app_confbridge - - ASTERISK-26289: Announcer channels in ConfBridges cause inefficiencies - Reported by: Mark Michelson - * [df9aa402a5] Mark Michelson -- ConfBridge: Make some announcements - asynchronous. - * [c218e038d7] Mark Michelson -- ConfBridge: Rework announcer channel - methodology - * [4ca730127c] Mark Michelson -- ConfBridge: Rework announcer channel - methodology - - ---------------------------------------------------------------------- - - Commits Not Associated with an Issue - - [Back to Top] - - This is a list of all changes that went into this release that did not - reference a JIRA issue. - - +------------------------------------------------------------------------+ - | Revision | Author | Summary | - |------------+-------------+---------------------------------------------| - | 6cec20200b | gtjoseph | Release summaries: Remove previous versions | - |------------+-------------+---------------------------------------------| - | 9c0f0eef6e | gtjoseph | .version: Update for certified/13.8-cert3 | - |------------+-------------+---------------------------------------------| - | 3923b114b9 | gtjoseph | .lastclean: Update for certified/13.8-cert3 | - |------------+-------------+---------------------------------------------| - | 83362b5590 | gtjoseph | realtime: Add database scripts for | - | | | certified/13.8-cert3 | - |------------+-------------+---------------------------------------------| - | b1e827d259 | gtjoseph | res_rtp_multicast: Fix SEGV in | - | | | ast_multicast_rtp_create_options | - |------------+-------------+---------------------------------------------| - | b82f0b7722 | Joshua Colp | Revert "ConfBridge: Rework announcer | - | | | channel methodology" | - |------------+-------------+---------------------------------------------| - | f40c6874c6 | gtjoseph | res_pjsip: Add contact_user to endpoint | - +------------------------------------------------------------------------+ - - ---------------------------------------------------------------------- - - Diffstat Results - - [Back to Top] - - This is a summary of the changes to the source code that went into this - release that was generated using the diffstat utility. - - asterisk-certified-13.8-cert2-summary.html | 66 - - asterisk-certified-13.8-cert2-summary.txt | 199 --- - b/.version | 2 - b/CHANGES | 16 - b/apps/app_confbridge.c | 612 ++++++++-- - b/apps/confbridge/conf_chan_announce.c | 30 - b/apps/confbridge/conf_state_multi_marked.c | 9 - b/apps/confbridge/include/confbridge.h | 43 - b/channels/chan_sip.c | 61 - b/configs/samples/pjsip.conf.sample | 2 - b/contrib/ast-db-manage/config/versions/4e2493ef32e6_add_contact_user_to_endpoint.py | 22 - b/contrib/ast-db-manage/config/versions/581a4264e537_adding_extensions.py | 10 - b/contrib/realtime/mssql/mssql_config.sql | 13 - b/contrib/realtime/mysql/mysql_config.sql | 9 - b/contrib/realtime/oracle/oracle_config.sql | 13 - b/contrib/realtime/postgresql/postgresql_config.sql | 9 - b/include/asterisk/res_pjsip.h | 2 - b/res/res_pjsip.c | 26 - 18 files changed, 736 insertions(+), 408 deletions(-) diff --git a/asterisk-certified-13.8-cert4-summary.html b/asterisk-certified-13.8-cert4-summary.html new file mode 100644 index 0000000000..8be0aca171 --- /dev/null +++ b/asterisk-certified-13.8-cert4-summary.html @@ -0,0 +1,75 @@ +Release Summary - asterisk-certified/13.8-cert4

Release Summary

asterisk-certified/13.8-cert4

Date: 2016-12-08

<asteriskteam@digium.com>

Table of Contents

    +
  1. Summary
    2. +
  2. Contributors
    3. +
  3. Closed Issues
    4. +
  4. Other Changes
    5. +
  5. Diffstat
    6. +

Summary

[Back to Top]

This release has been made to address one or more security vulnerabilities that have been identified. A security advisory document has been published for each vulnerability that includes additional information. Users of versions of Asterisk that are affected are strongly encouraged to review the advisories and determine what action they should take to protect their systems from these issues.

Security Advisories:

The data in this summary reflects changes that have been made since the previous release, asterisk-certified/13.8-cert3.

Contributors

[Back to Top]

This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.

+ + +
CodersTestersReporters
4 Richard Mudgett
2 Alexei Gradinari
2 Joshua Colp
2 gtjoseph
1 Walter Doekes
1 Mark Michelson
3 Richard Mudgett
3 Richard Mudgett
2 Ross Beer
1 Walter Doekes
1 George Joseph
1 Kevin Harwell
1 Scott Griepentrog
1 Joshua Colp
1 Kevin Harwell

Closed Issues

[Back to Top]

This is a list of all issues from the issue tracker that were closed by changes that went into this release.

Bug

Category: Applications/app_dial

ASTERISK-26549: app_dial: When PickupChan() is used some channels may have incorrect device state
Reported by: Joshua Colp
    +
  • [c8df727502] Joshua Colp -- app_dial: Fix incorrect device state when channel is picked up.
    • +

Category: Channels/chan_pjsip

ASTERISK-26145: pjsip: Deadlock with suspend + masquerade + indicate
Reported by: Ross Beer
    +
  • [016d20ce12] Alexei Gradinari -- pjsip: Fix deadlock with suspend taskprocessor on masquerade
    • +

Category: Channels/chan_sip/Interoperability

ASTERISK-26433: chan_sip: Allows To-tag checks to be bypassed, setting up new calls
Reported by: Walter Doekes
    +
  • [4fece22836] Walter Doekes -- chan_sip: Do not allow non-SP/HTAB between header key and colon.
    • +

Category: Core/General

ASTERISK-26466: core: Be forgiving on external callerid that may be flawed so we don't drop events
Reported by: Richard Mudgett
    +
  • [7c2bd702fd] Richard Mudgett -- Audit ast_json_pack() calls for needed UTF-8 checks.
    • +
  • [3b1b2fc1d5] Richard Mudgett -- json: Check party id name, number, subaddresses for UTF-8.
    • +
  • [a835adfa92] Richard Mudgett -- json: Add UTF-8 check call.
    • +

Category: Resources/res_pjsip

ASTERISK-26145: pjsip: Deadlock with suspend + masquerade + indicate
Reported by: Ross Beer
    +
  • [016d20ce12] Alexei Gradinari -- pjsip: Fix deadlock with suspend taskprocessor on masquerade
    • +
ASTERISK-26174: res_pjsip: Crash when freeing cloned message in distributor
Reported by: Ross Beer
    +
  • [7baedd9ecd] Alexei Gradinari -- res_pjsip_pubsub: fixed a bug when pjsip_tx_data_dec_ref is called twice.
    • +

Category: Resources/res_pjsip_caller_id

ASTERISK-26316: res_pjsip_callerid: Irregular URI causes unexpected callerid
Reported by: Kevin Harwell
    +
  • [adcdecd47f] Richard Mudgett -- res_pjsip: Add ignore_uri_user_options option.
    • +

Category: Resources/res_pjsip_pubsub

ASTERISK-26166: res_pjsip_pubsub: Crash when decrementing reference count of message
Reported by: Ross Beer
    +
  • [7baedd9ecd] Alexei Gradinari -- res_pjsip_pubsub: fixed a bug when pjsip_tx_data_dec_ref is called twice.
    • +

Category: Third-Party/pjproject

ASTERISK-26477: pjproject: SEGV during SSL operations
Reported by: George Joseph
    +
  • [28cc8a9dff] gtjoseph -- pjproject_bundled: Add patch to address SSL crash
    • +

Category: pjproject/pjsip

ASTERISK-26477: pjproject: SEGV during SSL operations
Reported by: George Joseph
    +
  • [28cc8a9dff] gtjoseph -- pjproject_bundled: Add patch to address SSL crash
    • +
ASTERISK-26199: PJSIP: tx_data_destroy called twice
Reported by: Scott Griepentrog
    +
  • [7baedd9ecd] Alexei Gradinari -- res_pjsip_pubsub: fixed a bug when pjsip_tx_data_dec_ref is called twice.
    • +

Commits Not Associated with an Issue

[Back to Top]

This is a list of all changes that went into this release that did not reference a JIRA issue.

+ + + + +
RevisionAuthorSummary
87e1ebc91aMark Michelsonres_pjsip_session: Do not call session supplements when it's too late.
4c50689d09Joshua ColpRevert "pjproject_bundled: Add patch to address SSL crash"
a8e37c3d06gtjosephpjproject_bundled: Add MALLOC_DEBUG capability

Diffstat Results

[Back to Top]

This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.

CHANGES                                                                                     |   17 +
+apps/app_dial.c                                                                             |    1
+apps/app_fax.c                                                                              |   14
+apps/app_queue.c                                                                            |   12
+channels/chan_sip.c                                                                         |    8
+configs/samples/pjsip.conf.sample                                                           |   16 +
+contrib/ast-db-manage/config/versions/a6ef36f1309_ps_globals_add_ignore_uri_user_options.py |   32 ++
+include/asterisk/json.h                                                                     |   35 ++
+include/asterisk/res_pjsip.h                                                                |   32 ++
+include/asterisk/taskprocessor.h                                                            |   32 ++
+main/aoc.c                                                                                  |   17 -
+main/cel.c                                                                                  |    4
+main/json.c                                                                                 |  146 +++++++++-
+main/taskprocessor.c                                                                        |   29 +
+res/res_fax.c                                                                               |   12
+res/res_pjsip.c                                                                             |   24 +
+res/res_pjsip/config_global.c                                                               |   21 +
+res/res_pjsip/pjsip_options.c                                                               |   12
+res/res_pjsip_caller_id.c                                                                   |   18 +
+res/res_pjsip_diversion.c                                                                   |   25 +
+res/res_pjsip_endpoint_identifier_user.c                                                    |    7
+res/res_pjsip_messaging.c                                                                   |   25 +
+res/res_pjsip_path.c                                                                        |   22 +
+res/res_pjsip_pubsub.c                                                                      |   20 +
+res/res_pjsip_refer.c                                                                       |    7
+res/res_pjsip_registrar.c                                                                   |   15 -
+res/res_pjsip_session.c                                                                     |   37 +-
+res/stasis/app.c                                                                            |    2
+tests/test_json.c                                                                           |   34 +-
+third-party/Makefile.rules                                                                  |    2
+third-party/pjproject/.gitignore                                                            |    1
+third-party/pjproject/Makefile                                                              |  110 +++++--
+third-party/pjproject/patches/asterisk_malloc_debug.c                                       |   72 ++++
+third-party/pjproject/patches/asterisk_malloc_debug.h                                       |   11
+34 files changed, 749 insertions(+), 123 deletions(-)

\ No newline at end of file diff --git a/asterisk-certified-13.8-cert4-summary.txt b/asterisk-certified-13.8-cert4-summary.txt new file mode 100644 index 0000000000..c0f35ac0e4 --- /dev/null +++ b/asterisk-certified-13.8-cert4-summary.txt @@ -0,0 +1,221 @@ + Release Summary + + asterisk-certified/13.8-cert4 + + Date: 2016-12-08 + + + + ---------------------------------------------------------------------- + + Table of Contents + + 1. Summary + 2. Contributors + 3. Closed Issues + 4. Other Changes + 5. Diffstat + + ---------------------------------------------------------------------- + + Summary + + [Back to Top] + + This release has been made to address one or more security vulnerabilities + that have been identified. A security advisory document has been published + for each vulnerability that includes additional information. Users of + versions of Asterisk that are affected are strongly encouraged to review + the advisories and determine what action they should take to protect their + systems from these issues. + + Security Advisories: + + * AST-2016-008,AST-2016-009 + + The data in this summary reflects changes that have been made since the + previous release, asterisk-certified/13.8-cert3. + + ---------------------------------------------------------------------- + + Contributors + + [Back to Top] + + This table lists the people who have submitted code, those that have + tested patches, as well as those that reported issues on the issue tracker + that were resolved in this release. For coders, the number is how many of + their patches (of any size) were committed into this release. For testers, + the number is the number of times their name was listed as assisting with + testing a patch. Finally, for reporters, the number is the number of + issues that they reported that were affected by commits that went into + this release. + + Coders Testers Reporters + 4 Richard Mudgett 3 Richard Mudgett + 2 Alexei Gradinari 3 Richard Mudgett + 2 Joshua Colp 2 Ross Beer + 2 gtjoseph 1 Walter Doekes + 1 Walter Doekes 1 George Joseph + 1 Mark Michelson 1 Kevin Harwell + 1 Scott Griepentrog + 1 Joshua Colp + 1 Kevin Harwell + + ---------------------------------------------------------------------- + + Closed Issues + + [Back to Top] + + This is a list of all issues from the issue tracker that were closed by + changes that went into this release. + + Bug + + Category: Applications/app_dial + + ASTERISK-26549: app_dial: When PickupChan() is used some channels may have + incorrect device state + Reported by: Joshua Colp + * [c8df727502] Joshua Colp -- app_dial: Fix incorrect device state when + channel is picked up. + + Category: Channels/chan_pjsip + + ASTERISK-26145: pjsip: Deadlock with suspend + masquerade + indicate + Reported by: Ross Beer + * [016d20ce12] Alexei Gradinari -- pjsip: Fix deadlock with suspend + taskprocessor on masquerade + + Category: Channels/chan_sip/Interoperability + + ASTERISK-26433: chan_sip: Allows To-tag checks to be bypassed, setting up + new calls + Reported by: Walter Doekes + * [4fece22836] Walter Doekes -- chan_sip: Do not allow non-SP/HTAB + between header key and colon. + + Category: Core/General + + ASTERISK-26466: core: Be forgiving on external callerid that may be flawed + so we don't drop events + Reported by: Richard Mudgett + * [7c2bd702fd] Richard Mudgett -- Audit ast_json_pack() calls for needed + UTF-8 checks. + * [3b1b2fc1d5] Richard Mudgett -- json: Check party id name, number, + subaddresses for UTF-8. + * [a835adfa92] Richard Mudgett -- json: Add UTF-8 check call. + + Category: Resources/res_pjsip + + ASTERISK-26145: pjsip: Deadlock with suspend + masquerade + indicate + Reported by: Ross Beer + * [016d20ce12] Alexei Gradinari -- pjsip: Fix deadlock with suspend + taskprocessor on masquerade + ASTERISK-26174: res_pjsip: Crash when freeing cloned message in + distributor + Reported by: Ross Beer + * [7baedd9ecd] Alexei Gradinari -- res_pjsip_pubsub: fixed a bug when + pjsip_tx_data_dec_ref is called twice. + + Category: Resources/res_pjsip_caller_id + + ASTERISK-26316: res_pjsip_callerid: Irregular URI causes unexpected + callerid + Reported by: Kevin Harwell + * [adcdecd47f] Richard Mudgett -- res_pjsip: Add ignore_uri_user_options + option. + + Category: Resources/res_pjsip_pubsub + + ASTERISK-26166: res_pjsip_pubsub: Crash when decrementing reference count + of message + Reported by: Ross Beer + * [7baedd9ecd] Alexei Gradinari -- res_pjsip_pubsub: fixed a bug when + pjsip_tx_data_dec_ref is called twice. + + Category: Third-Party/pjproject + + ASTERISK-26477: pjproject: SEGV during SSL operations + Reported by: George Joseph + * [28cc8a9dff] gtjoseph -- pjproject_bundled: Add patch to address SSL + crash + + Category: pjproject/pjsip + + ASTERISK-26477: pjproject: SEGV during SSL operations + Reported by: George Joseph + * [28cc8a9dff] gtjoseph -- pjproject_bundled: Add patch to address SSL + crash + ASTERISK-26199: PJSIP: tx_data_destroy called twice + Reported by: Scott Griepentrog + * [7baedd9ecd] Alexei Gradinari -- res_pjsip_pubsub: fixed a bug when + pjsip_tx_data_dec_ref is called twice. + + ---------------------------------------------------------------------- + + Commits Not Associated with an Issue + + [Back to Top] + + This is a list of all changes that went into this release that did not + reference a JIRA issue. + + +------------------------------------------------------------------------+ + | Revision | Author | Summary | + |------------+----------------+------------------------------------------| + | 87e1ebc91a | Mark Michelson | res_pjsip_session: Do not call session | + | | | supplements when it's too late. | + |------------+----------------+------------------------------------------| + | 4c50689d09 | Joshua Colp | Revert "pjproject_bundled: Add patch to | + | | | address SSL crash" | + |------------+----------------+------------------------------------------| + | a8e37c3d06 | gtjoseph | pjproject_bundled: Add MALLOC_DEBUG | + | | | capability | + +------------------------------------------------------------------------+ + + ---------------------------------------------------------------------- + + Diffstat Results + + [Back to Top] + + This is a summary of the changes to the source code that went into this + release that was generated using the diffstat utility. + + CHANGES | 17 + + apps/app_dial.c | 1 + apps/app_fax.c | 14 + apps/app_queue.c | 12 + channels/chan_sip.c | 8 + configs/samples/pjsip.conf.sample | 16 + + contrib/ast-db-manage/config/versions/a6ef36f1309_ps_globals_add_ignore_uri_user_options.py | 32 ++ + include/asterisk/json.h | 35 ++ + include/asterisk/res_pjsip.h | 32 ++ + include/asterisk/taskprocessor.h | 32 ++ + main/aoc.c | 17 - + main/cel.c | 4 + main/json.c | 146 +++++++++- + main/taskprocessor.c | 29 + + res/res_fax.c | 12 + res/res_pjsip.c | 24 + + res/res_pjsip/config_global.c | 21 + + res/res_pjsip/pjsip_options.c | 12 + res/res_pjsip_caller_id.c | 18 + + res/res_pjsip_diversion.c | 25 + + res/res_pjsip_endpoint_identifier_user.c | 7 + res/res_pjsip_messaging.c | 25 + + res/res_pjsip_path.c | 22 + + res/res_pjsip_pubsub.c | 20 + + res/res_pjsip_refer.c | 7 + res/res_pjsip_registrar.c | 15 - + res/res_pjsip_session.c | 37 +- + res/stasis/app.c | 2 + tests/test_json.c | 34 +- + third-party/Makefile.rules | 2 + third-party/pjproject/.gitignore | 1 + third-party/pjproject/Makefile | 110 +++++-- + third-party/pjproject/patches/asterisk_malloc_debug.c | 72 ++++ + third-party/pjproject/patches/asterisk_malloc_debug.h | 11 + 34 files changed, 749 insertions(+), 123 deletions(-) diff --git a/contrib/realtime/mssql/mssql_config.sql b/contrib/realtime/mssql/mssql_config.sql index 5be9c8eefb..fb43b7c487 100644 --- a/contrib/realtime/mssql/mssql_config.sql +++ b/contrib/realtime/mssql/mssql_config.sql @@ -1325,6 +1325,20 @@ UPDATE alembic_version SET version_num='4e2493ef32e6' WHERE alembic_version.vers GO +-- Running upgrade 4e2493ef32e6 -> a6ef36f1309 + +ALTER TABLE ps_globals ADD ignore_uri_user_options VARCHAR(3) NULL; + +GO + +ALTER TABLE ps_globals ADD CONSTRAINT yesno_values CHECK (ignore_uri_user_options IN ('yes', 'no')); + +GO + +UPDATE alembic_version SET version_num='a6ef36f1309' WHERE alembic_version.version_num = '4e2493ef32e6'; + +GO + COMMIT; GO diff --git a/contrib/realtime/mysql/mysql_config.sql b/contrib/realtime/mysql/mysql_config.sql index d38b79de77..ca07471552 100644 --- a/contrib/realtime/mysql/mysql_config.sql +++ b/contrib/realtime/mysql/mysql_config.sql @@ -840,3 +840,9 @@ ALTER TABLE ps_endpoints ADD COLUMN contact_user VARCHAR(80); UPDATE alembic_version SET version_num='4e2493ef32e6' WHERE alembic_version.version_num = '4a6c67fa9b7a'; +-- Running upgrade 4e2493ef32e6 -> a6ef36f1309 + +ALTER TABLE ps_globals ADD COLUMN ignore_uri_user_options ENUM('yes','no'); + +UPDATE alembic_version SET version_num='a6ef36f1309' WHERE alembic_version.version_num = '4e2493ef32e6'; + diff --git a/contrib/realtime/oracle/oracle_config.sql b/contrib/realtime/oracle/oracle_config.sql index 8de373eb0a..2d6853c32a 100644 --- a/contrib/realtime/oracle/oracle_config.sql +++ b/contrib/realtime/oracle/oracle_config.sql @@ -1323,3 +1323,17 @@ UPDATE alembic_version SET version_num='4e2493ef32e6' WHERE alembic_version.vers / +-- Running upgrade 4e2493ef32e6 -> a6ef36f1309 + +ALTER TABLE ps_globals ADD ignore_uri_user_options VARCHAR(3 CHAR) + +/ + +ALTER TABLE ps_globals ADD CONSTRAINT yesno_values CHECK (ignore_uri_user_options IN ('yes', 'no')) + +/ + +UPDATE alembic_version SET version_num='a6ef36f1309' WHERE alembic_version.version_num = '4e2493ef32e6' + +/ + diff --git a/contrib/realtime/postgresql/postgresql_config.sql b/contrib/realtime/postgresql/postgresql_config.sql index 09c385b5b5..bf3a9318f3 100644 --- a/contrib/realtime/postgresql/postgresql_config.sql +++ b/contrib/realtime/postgresql/postgresql_config.sql @@ -910,5 +910,11 @@ ALTER TABLE ps_endpoints ADD COLUMN contact_user VARCHAR(80); UPDATE alembic_version SET version_num='4e2493ef32e6' WHERE alembic_version.version_num = '4a6c67fa9b7a'; +-- Running upgrade 4e2493ef32e6 -> a6ef36f1309 + +ALTER TABLE ps_globals ADD COLUMN ignore_uri_user_options yesno_values; + +UPDATE alembic_version SET version_num='a6ef36f1309' WHERE alembic_version.version_num = '4e2493ef32e6'; + COMMIT;