From: Asterisk Development Team Date: Thu, 18 Feb 2021 16:51:33 +0000 (-0500) Subject: Update for certified/16.8-cert6 X-Git-Tag: certified/16.8-cert6^0 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5d0a019e13acc265b7805cb40f636a2680f927c1;p=thirdparty%2Fasterisk.git Update for certified/16.8-cert6 --- diff --git a/.version b/.version index f38e5e6567..9f0ec1bb2f 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -certified/16.8-cert5 \ No newline at end of file +certified/16.8-cert6 \ No newline at end of file diff --git a/ChangeLog b/ChangeLog index 33c02f8691..1c5434b8b9 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,90 @@ +2021-02-18 16:51 +0000 Asterisk Development Team + + * asterisk certified/16.8-cert6 Released. + +2021-02-01 15:24 +0000 [bb5b336f78] Kevin Harwell + + * AST-2021-002: Remote crash possible when negotiating T.38 + + When an endpoint requests to re-negotiate for fax and the incoming + re-invite is received prior to Asterisk sending out the 200 OK for + the initial invite the re-invite gets delayed. When Asterisk does + finally send the re-inivite the SDP includes streams for both audio + and T.38. + + This happens because when the pending topology and active topologies + differ (pending stream is not in the active) in the delayed scenario + the pending stream is appended to the active topology. However, in + the fax case the pending stream should replace the active. + + This patch makes it so when a delay occurs during fax negotiation, + to or from, the audio stream is replaced by the T.38 stream, or vice + versa instead of being appended. + + Further when Asterisk sent the re-invite with both audio and T.38, + and the endpoint responded with a declined T.38 stream then Asterisk + would crash when attempting to change the T.38 state. + + This patch also puts in a check that ensures the media state has a + valid fax session (associated udptl object) before changing the + T.38 state internally. + + ASTERISK-29203 #close + + Change-Id: I407f4fa58651255b6a9030d34fd6578cf65ccf09 + +2021-01-26 11:09 +0000 [93468c531a] Alexander Traud + + * rtp: Enable srtp replay protection + + Add option "srtpreplayprotection" rtp.conf to enable srtp + replay protection. + + ASTERISK-29260 + Reported by: Alexander Traud + + Change-Id: I5cd346e3c6b6812039d1901aa4b7be688173b458 + +2020-12-11 14:49 +0000 [07eddbd56a] Sean Bright + + * res_rtp_asterisk.c: Fix signed mismatch that leads to overflow + + ASTERISK-29205 #close + + Change-Id: Ib7aa65644e8df76e2378d7613ee7cf751b9d0bea + +2021-02-05 05:26 +0000 [23e96e6e17] Joshua C. Colp + + * pjsip: Make modify_local_offer2 tolerate previous failed SDP. + + If a remote side is broken and sends an SDP that can not be + negotiated the call will be torn down but there is a window + where a second 183 Session Progress or 200 OK that is forked + can be received that also attempts to negotiate SDP. Since + the code marked the SDP negotiation as being done and complete + prior to this it assumes that there is an active local and remote + SDP which it can modify, while in fact there is not as the SDP + did not successfully negotiate. Since there is no local or remote + SDP a crash occurs. + + This patch changes the pjmedia_sdp_neg_modify_local_offer2 + function to no longer assume that a previous SDP negotiation + was successful. + + ASTERISK-29196 + + Change-Id: I22de45916d3b05fdc2a67da92b3a38271ee5949e + +2020-12-16 06:17 +0000 [6b5306ecc5] Joshua C. Colp + + * res_pjsip_pidf_digium_body_supplement: Support Sangoma user agent. + + This adds support for both Digium and Sangoma user agent strings + for the Sangoma specific body supplement. + + Change-Id: Ib99362b24b91d3cbe888d8b2fce3fad5515d9482 + (cherry picked from commit 7e4bb4ed11b2741ff6cd47a95fb6e815a5e1d901) + 2020-11-05 21:06 +0000 Asterisk Development Team * asterisk certified/16.8-cert5 Released. diff --git a/asterisk-certified-16.8-cert5-summary.html b/asterisk-certified-16.8-cert5-summary.html deleted file mode 100644 index d070795f63..0000000000 --- a/asterisk-certified-16.8-cert5-summary.html +++ /dev/null @@ -1,22 +0,0 @@ -Release Summary - asterisk-certified/16.8-cert5

Release Summary

asterisk-certified/16.8-cert5

Date: 2020-11-05

<asteriskteam@digium.com>

Table of Contents

    -
  1. Summary
    2. -
  2. Contributors
    3. -
  3. Closed Issues
    4. -
  4. Diffstat
    5. -

Summary

[Back to Top]

This release has been made to address one or more security vulnerabilities that have been identified. A security advisory document has been published for each vulnerability that includes additional information. Users of versions of Asterisk that are affected are strongly encouraged to review the advisories and determine what action they should take to protect their systems from these issues.

Security Advisories:

The data in this summary reflects changes that have been made since the previous release, asterisk-certified/16.8-cert4.

Contributors

[Back to Top]

This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.

- - -
CodersTestersReporters
1 Kevin Harwell
1 Ben Ford
1 Sandro Gauci
1 Sebastian Damm

Closed Issues

[Back to Top]

This is a list of all issues from the issue tracker that were closed by changes that went into this release.

Security

Category: pjproject/pjsip

ASTERISK-29057: pjsip: Crash on call rejection during high load
Reported by: Sandro Gauci
    -
  • [81b48f2d10] Kevin Harwell -- AST-2020-001 - res_pjsip: Return dialog locked and referenced
    • -

Bug

Category: Resources/res_pjsip

ASTERISK-29013: res_pjsip: Asterisk doesn't stop sending invites (with auth) on 407 replies
Reported by: Sebastian Damm
    -
  • [6057050899] Ben Ford -- AST-2020-002 - res_pjsip: Stop sending INVITEs after challenge limit.
    • -

Category: Resources/res_pjsip_authenticator_digest

ASTERISK-29013: res_pjsip: Asterisk doesn't stop sending invites (with auth) on 407 replies
Reported by: Sebastian Damm
    -
  • [6057050899] Ben Ford -- AST-2020-002 - res_pjsip: Stop sending INVITEs after challenge limit.
    • -

Diffstat Results

[Back to Top]

This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.

include/asterisk/res_pjsip.h         |   46 ++++++++++++
-include/asterisk/res_pjsip_session.h |    4 -
-res/res_pjsip.c                      |   51 +++++++++++---
-res/res_pjsip_pubsub.c               |   10 ++
-res/res_pjsip_session.c              |  125 +++++++++++++++++++++++++++++++++--
-5 files changed, 218 insertions(+), 18 deletions(-)

\ No newline at end of file diff --git a/asterisk-certified-16.8-cert5-summary.txt b/asterisk-certified-16.8-cert5-summary.txt deleted file mode 100644 index c55f5d4a3a..0000000000 --- a/asterisk-certified-16.8-cert5-summary.txt +++ /dev/null @@ -1,107 +0,0 @@ - Release Summary - - asterisk-certified/16.8-cert5 - - Date: 2020-11-05 - - - - ---------------------------------------------------------------------- - - Table of Contents - - 1. Summary - 2. Contributors - 3. Closed Issues - 4. Diffstat - - ---------------------------------------------------------------------- - - Summary - - [Back to Top] - - This release has been made to address one or more security vulnerabilities - that have been identified. A security advisory document has been published - for each vulnerability that includes additional information. Users of - versions of Asterisk that are affected are strongly encouraged to review - the advisories and determine what action they should take to protect their - systems from these issues. - - Security Advisories: - - * AST-2020-001,AST-2020-002 - - The data in this summary reflects changes that have been made since the - previous release, asterisk-certified/16.8-cert4. - - ---------------------------------------------------------------------- - - Contributors - - [Back to Top] - - This table lists the people who have submitted code, those that have - tested patches, as well as those that reported issues on the issue tracker - that were resolved in this release. For coders, the number is how many of - their patches (of any size) were committed into this release. For testers, - the number is the number of times their name was listed as assisting with - testing a patch. Finally, for reporters, the number is the number of - issues that they reported that were affected by commits that went into - this release. - - Coders Testers Reporters - 1 Kevin Harwell 1 Sandro Gauci - 1 Ben Ford 1 Sebastian Damm - - ---------------------------------------------------------------------- - - Closed Issues - - [Back to Top] - - This is a list of all issues from the issue tracker that were closed by - changes that went into this release. - - Security - - Category: pjproject/pjsip - - ASTERISK-29057: pjsip: Crash on call rejection during high load - Reported by: Sandro Gauci - * [81b48f2d10] Kevin Harwell -- AST-2020-001 - res_pjsip: Return dialog - locked and referenced - - Bug - - Category: Resources/res_pjsip - - ASTERISK-29013: res_pjsip: Asterisk doesn't stop sending invites (with - auth) on 407 replies - Reported by: Sebastian Damm - * [6057050899] Ben Ford -- AST-2020-002 - res_pjsip: Stop sending - INVITEs after challenge limit. - - Category: Resources/res_pjsip_authenticator_digest - - ASTERISK-29013: res_pjsip: Asterisk doesn't stop sending invites (with - auth) on 407 replies - Reported by: Sebastian Damm - * [6057050899] Ben Ford -- AST-2020-002 - res_pjsip: Stop sending - INVITEs after challenge limit. - - ---------------------------------------------------------------------- - - Diffstat Results - - [Back to Top] - - This is a summary of the changes to the source code that went into this - release that was generated using the diffstat utility. - - include/asterisk/res_pjsip.h | 46 ++++++++++++ - include/asterisk/res_pjsip_session.h | 4 - - res/res_pjsip.c | 51 +++++++++++--- - res/res_pjsip_pubsub.c | 10 ++ - res/res_pjsip_session.c | 125 +++++++++++++++++++++++++++++++++-- - 5 files changed, 218 insertions(+), 18 deletions(-) diff --git a/asterisk-certified-16.8-cert6-summary.html b/asterisk-certified-16.8-cert6-summary.html new file mode 100644 index 0000000000..c34c4de234 --- /dev/null +++ b/asterisk-certified-16.8-cert6-summary.html @@ -0,0 +1,32 @@ +Release Summary - asterisk-certified/16.8-cert6

Release Summary

asterisk-certified/16.8-cert6

Date: 2021-02-18

<asteriskteam@digium.com>

Table of Contents

    +
  1. Summary
    2. +
  2. Contributors
    3. +
  3. Closed Issues
    4. +
  4. Other Changes
    5. +
  5. Diffstat
    6. +

Summary

[Back to Top]

This release has been made to address one or more security vulnerabilities that have been identified. A security advisory document has been published for each vulnerability that includes additional information. Users of versions of Asterisk that are affected are strongly encouraged to review the advisories and determine what action they should take to protect their systems from these issues.

Security Advisories:

The data in this summary reflects changes that have been made since the previous release, asterisk-certified/16.8-cert5.

Contributors

[Back to Top]

This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.

+ + +
CodersTestersReporters
2 Joshua C. Colp
1 Sean Bright
1 Kevin Harwell
1 Alexander Traud
1 Mauri de Souza Meneguzzo (3CPlus)
1 Gregory Massel
1 Alexander Traud
1 Edvin Vidmar
1 Alexander Traud

Closed Issues

[Back to Top]

This is a list of all issues from the issue tracker that were closed by changes that went into this release.

Security

Category: Resources/res_srtp

ASTERISK-29260: sRTP Replay Protection ignored; even tears down long calls
Reported by: Alexander Traud
    +
  • [93468c531a] Alexander Traud -- rtp: Enable srtp replay protection
    • +

Bug

Category: Resources/res_pjsip

ASTERISK-29196: res_pjsip: Segmentation fault
Reported by: Mauri de Souza Meneguzzo (3CPlus)
    +
  • [23e96e6e17] Joshua C. Colp -- pjsip: Make modify_local_offer2 tolerate previous failed SDP.
    • +

Category: Resources/res_pjsip_session

ASTERISK-29203: res_pjsip_t38: Crash when changing state
Reported by: Gregory Massel
    +
  • [bb5b336f78] Kevin Harwell -- AST-2021-002: Remote crash possible when negotiating T.38
    • +

Category: Resources/res_pjsip_t38

ASTERISK-29203: res_pjsip_t38: Crash when changing state
Reported by: Gregory Massel
    +
  • [bb5b336f78] Kevin Harwell -- AST-2021-002: Remote crash possible when negotiating T.38
    • +

Category: Resources/res_rtp_asterisk

ASTERISK-29205: res_rtp_asterisk: Asterisk crashes when making hold/unhold from webrtc client
Reported by: Edvin Vidmar
    +
  • [07eddbd56a] Sean Bright -- res_rtp_asterisk.c: Fix signed mismatch that leads to overflow
    • +

Commits Not Associated with an Issue

[Back to Top]

This is a list of all changes that went into this release that did not reference a JIRA issue.

+ + +
RevisionAuthorSummary
6b5306ecc5Joshua C. Colpres_pjsip_pidf_digium_body_supplement: Support Sangoma user agent.

Diffstat Results

[Back to Top]

This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.

configs/samples/rtp.conf.sample                |   12 ++++++++++++
+doc/CHANGES-staging/srtp_replay_protection.txt |    9 +++++++++
+doc/UPGRADE-staging/srtp_replay_protection.txt |    9 +++++++++
+res/res_pjsip_pidf_digium_body_supplement.c    |    8 +++++---
+res/res_pjsip_session.c                        |    9 ++++++++-
+res/res_pjsip_t38.c                            |    9 +++++++++
+res/res_rtp_asterisk.c                         |   11 +++++++----
+7 files changed, 59 insertions(+), 8 deletions(-)

\ No newline at end of file diff --git a/asterisk-certified-16.8-cert6-summary.txt b/asterisk-certified-16.8-cert6-summary.txt new file mode 100644 index 0000000000..040d280ba4 --- /dev/null +++ b/asterisk-certified-16.8-cert6-summary.txt @@ -0,0 +1,141 @@ + Release Summary + + asterisk-certified/16.8-cert6 + + Date: 2021-02-18 + + + + ---------------------------------------------------------------------- + + Table of Contents + + 1. Summary + 2. Contributors + 3. Closed Issues + 4. Other Changes + 5. Diffstat + + ---------------------------------------------------------------------- + + Summary + + [Back to Top] + + This release has been made to address one or more security vulnerabilities + that have been identified. A security advisory document has been published + for each vulnerability that includes additional information. Users of + versions of Asterisk that are affected are strongly encouraged to review + the advisories and determine what action they should take to protect their + systems from these issues. + + Security Advisories: + + * AST-2021-002,AST-2021-003,AST-2021-004,AST-2021-005 + + The data in this summary reflects changes that have been made since the + previous release, asterisk-certified/16.8-cert5. + + ---------------------------------------------------------------------- + + Contributors + + [Back to Top] + + This table lists the people who have submitted code, those that have + tested patches, as well as those that reported issues on the issue tracker + that were resolved in this release. For coders, the number is how many of + their patches (of any size) were committed into this release. For testers, + the number is the number of times their name was listed as assisting with + testing a patch. Finally, for reporters, the number is the number of + issues that they reported that were affected by commits that went into + this release. + + Coders Testers Reporters + 2 Joshua C. Colp 1 Mauri de Souza Meneguzzo (3CPlus) + 1 Sean Bright 1 Gregory Massel + 1 Kevin Harwell 1 Alexander Traud + 1 Alexander Traud 1 Edvin Vidmar + 1 Alexander Traud + + ---------------------------------------------------------------------- + + Closed Issues + + [Back to Top] + + This is a list of all issues from the issue tracker that were closed by + changes that went into this release. + + Security + + Category: Resources/res_srtp + + ASTERISK-29260: sRTP Replay Protection ignored; even tears down long calls + Reported by: Alexander Traud + * [93468c531a] Alexander Traud -- rtp: Enable srtp replay protection + + Bug + + Category: Resources/res_pjsip + + ASTERISK-29196: res_pjsip: Segmentation fault + Reported by: Mauri de Souza Meneguzzo (3CPlus) + * [23e96e6e17] Joshua C. Colp -- pjsip: Make modify_local_offer2 + tolerate previous failed SDP. + + Category: Resources/res_pjsip_session + + ASTERISK-29203: res_pjsip_t38: Crash when changing state + Reported by: Gregory Massel + * [bb5b336f78] Kevin Harwell -- AST-2021-002: Remote crash possible when + negotiating T.38 + + Category: Resources/res_pjsip_t38 + + ASTERISK-29203: res_pjsip_t38: Crash when changing state + Reported by: Gregory Massel + * [bb5b336f78] Kevin Harwell -- AST-2021-002: Remote crash possible when + negotiating T.38 + + Category: Resources/res_rtp_asterisk + + ASTERISK-29205: res_rtp_asterisk: Asterisk crashes when making hold/unhold + from webrtc client + Reported by: Edvin Vidmar + * [07eddbd56a] Sean Bright -- res_rtp_asterisk.c: Fix signed mismatch + that leads to overflow + + ---------------------------------------------------------------------- + + Commits Not Associated with an Issue + + [Back to Top] + + This is a list of all changes that went into this release that did not + reference a JIRA issue. + + +------------------------------------------------------------------------+ + | Revision | Author | Summary | + |------------+-----------+-----------------------------------------------| + | 6b5306ecc5 | Joshua C. | res_pjsip_pidf_digium_body_supplement: | + | | Colp | Support Sangoma user agent. | + +------------------------------------------------------------------------+ + + ---------------------------------------------------------------------- + + Diffstat Results + + [Back to Top] + + This is a summary of the changes to the source code that went into this + release that was generated using the diffstat utility. + + configs/samples/rtp.conf.sample | 12 ++++++++++++ + doc/CHANGES-staging/srtp_replay_protection.txt | 9 +++++++++ + doc/UPGRADE-staging/srtp_replay_protection.txt | 9 +++++++++ + res/res_pjsip_pidf_digium_body_supplement.c | 8 +++++--- + res/res_pjsip_session.c | 9 ++++++++- + res/res_pjsip_t38.c | 9 +++++++++ + res/res_rtp_asterisk.c | 11 +++++++---- + 7 files changed, 59 insertions(+), 8 deletions(-)