From: Kevin Harwell Date: Fri, 22 Dec 2017 22:26:07 +0000 (-0500) Subject: Update for 14.7.5 X-Git-Tag: 14.7.5^0 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e8a1b96b5115d87b4dae0004f392193a7a48c7a7;p=thirdparty%2Fasterisk.git Update for 14.7.5 --- diff --git a/.version b/.version index 45bfbe72f7..21531b6b89 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -14.7.4 \ No newline at end of file +14.7.5 \ No newline at end of file diff --git a/ChangeLog b/ChangeLog index 5a4265d071..4a4c73f608 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,25 @@ +2017-12-22 22:26 +0000 Asterisk Development Team + + * asterisk 14.7.5 Released. + +2017-12-20 16:17 +0000 [ad5323acfa] Kevin Harwell + + * AST-2017-014: res_pjsip - Missing contact header can cause crash + + Those SIP messages that create dialogs require a contact header to be present. + If the contact header was missing from the message it could cause Asterisk to + crash. + + This patch checks to make sure SIP messages that create a dialog contain the + contact header. If the message does not and it is required Asterisk now returns + a "400 Missing Contact header" response. Also added NULL checks when retrieving + the contact header that were missing as a "just in case". + + ASTERISK-27480 #close + + Change-Id: I1810db87683fc637a9e3e1384a746037fec20afe + (cherry picked from commit f6757b1d60512e91e60f808a772d9681cbe65dee) + 2017-12-13 14:33 +0000 Asterisk Development Team * asterisk 14.7.4 Released. diff --git a/asterisk-14.7.4-summary.html b/asterisk-14.7.4-summary.html deleted file mode 100644 index 7f4b53e8da..0000000000 --- a/asterisk-14.7.4-summary.html +++ /dev/null @@ -1,15 +0,0 @@ -Release Summary - asterisk-14.7.4

Release Summary

asterisk-14.7.4

Date: 2017-12-13

<asteriskteam@digium.com>

Table of Contents

    -
  1. Summary
    2. -
  2. Contributors
    3. -
  3. Closed Issues
    4. -
  4. Diffstat
    5. -

Summary

[Back to Top]

This release has been made to address one or more security vulnerabilities that have been identified. A security advisory document has been published for each vulnerability that includes additional information. Users of versions of Asterisk that are affected are strongly encouraged to review the advisories and determine what action they should take to protect their systems from these issues.

Security Advisories:

The data in this summary reflects changes that have been made since the previous release, asterisk-14.7.3.

Contributors

[Back to Top]

This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.

- - -
CodersTestersReporters
1 Joshua Colp
1 Tzafrir Cohen
1 Vitezslav Novy

Closed Issues

[Back to Top]

This is a list of all issues from the issue tracker that were closed by changes that went into this release.

Bug

Category: General

ASTERISK-27382: crash after an invalid rtcp packet from GT48 FXS gateway
Reported by: Tzafrir Cohen
    -
  • [dee00fd80b] Joshua Colp -- AST-2017-012: Place single RTCP report block at beginning of report.
    • -

Category: Resources/res_rtp_asterisk

ASTERISK-27429: res_rtp_asterisk: Multiple reports in an RTCP packet will write past where it should
Reported by: Vitezslav Novy
    -
  • [dee00fd80b] Joshua Colp -- AST-2017-012: Place single RTCP report block at beginning of report.
    • -

Diffstat Results

[Back to Top]

This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.

0 files changed

\ No newline at end of file diff --git a/asterisk-14.7.5-summary.html b/asterisk-14.7.5-summary.html new file mode 100644 index 0000000000..ada7de1241 --- /dev/null +++ b/asterisk-14.7.5-summary.html @@ -0,0 +1,11 @@ +Release Summary - asterisk-14.7.5

Release Summary

asterisk-14.7.5

Date: 2017-12-22

<asteriskteam@digium.com>

Table of Contents

    +
  1. Summary
    2. +
  2. Contributors
    3. +
  3. Closed Issues
    4. +
  4. Diffstat
    5. +

Summary

[Back to Top]

This release is a point release of an existing major version. The changes included were made to address problems that have been identified in this release series, or are minor, backwards compatible new features or improvements. Users should be able to safely upgrade to this version if this release series is already in use. Users considering upgrading from a previous version are strongly encouraged to review the UPGRADE.txt document as well as the CHANGES document for information about upgrading to this release series.

The data in this summary reflects changes that have been made since the previous release, asterisk-14.7.4.

Contributors

[Back to Top]

This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.

+ + +
CodersTestersReporters
1 Kevin Harwell
1 Ross Beer

Closed Issues

[Back to Top]

This is a list of all issues from the issue tracker that were closed by changes that went into this release.

Bug

Category: Channels/chan_pjsip

ASTERISK-27480: Security: Authenticated SUBSCRIBE without Contact crashes asterisk
Reported by: Ross Beer
    +
  • [ad5323acfa] Kevin Harwell -- AST-2017-014: res_pjsip - Missing contact header can cause crash
    • +

Diffstat Results

[Back to Top]

This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.

0 files changed

\ No newline at end of file diff --git a/asterisk-14.7.4-summary.txt b/asterisk-14.7.5-summary.txt similarity index 60% rename from asterisk-14.7.4-summary.txt rename to asterisk-14.7.5-summary.txt index eec2b35f41..08576bfc72 100644 --- a/asterisk-14.7.4-summary.txt +++ b/asterisk-14.7.5-summary.txt @@ -1,8 +1,8 @@ Release Summary - asterisk-14.7.4 + asterisk-14.7.5 - Date: 2017-12-13 + Date: 2017-12-22 @@ -21,19 +21,17 @@ [Back to Top] - This release has been made to address one or more security vulnerabilities - that have been identified. A security advisory document has been published - for each vulnerability that includes additional information. Users of - versions of Asterisk that are affected are strongly encouraged to review - the advisories and determine what action they should take to protect their - systems from these issues. - - Security Advisories: - - * AST-2017-012 + This release is a point release of an existing major version. The changes + included were made to address problems that have been identified in this + release series, or are minor, backwards compatible new features or + improvements. Users should be able to safely upgrade to this version if + this release series is already in use. Users considering upgrading from a + previous version are strongly encouraged to review the UPGRADE.txt + document as well as the CHANGES document for information about upgrading + to this release series. The data in this summary reflects changes that have been made since the - previous release, asterisk-14.7.3. + previous release, asterisk-14.7.4. ---------------------------------------------------------------------- @@ -51,8 +49,7 @@ this release. Coders Testers Reporters - 1 Joshua Colp 1 Tzafrir Cohen - 1 Vitezslav Novy + 1 Kevin Harwell 1 Ross Beer ---------------------------------------------------------------------- @@ -65,20 +62,13 @@ Bug - Category: General - - ASTERISK-27382: crash after an invalid rtcp packet from GT48 FXS gateway - Reported by: Tzafrir Cohen - * [dee00fd80b] Joshua Colp -- AST-2017-012: Place single RTCP report - block at beginning of report. - - Category: Resources/res_rtp_asterisk + Category: Channels/chan_pjsip - ASTERISK-27429: res_rtp_asterisk: Multiple reports in an RTCP packet will - write past where it should - Reported by: Vitezslav Novy - * [dee00fd80b] Joshua Colp -- AST-2017-012: Place single RTCP report - block at beginning of report. + ASTERISK-27480: Security: Authenticated SUBSCRIBE without Contact crashes + asterisk + Reported by: Ross Beer + * [ad5323acfa] Kevin Harwell -- AST-2017-014: res_pjsip - Missing + contact header can cause crash ----------------------------------------------------------------------