From: Asterisk Development Team Date: Thu, 1 Dec 2022 20:01:28 +0000 (-0500) Subject: Update for 18.15.1 X-Git-Tag: 18.15.1^0 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fheads%2F18.15;p=thirdparty%2Fasterisk.git Update for 18.15.1 --- diff --git a/.version b/.version index 1e24c02156..c1f7114f8b 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -18.15.0 \ No newline at end of file +18.15.1 \ No newline at end of file diff --git a/ChangeLog b/ChangeLog index 3fa6e8cc72..c3d742e0b3 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,94 @@ +2022-12-01 20:01 +0000 Asterisk Development Team + + * asterisk 18.15.1 Released. + +2022-12-01 13:43 +0000 [7c6fe5168b] Asterisk Development Team + + * Update CHANGES and UPGRADE.txt for 18.15.1 +2022-12-01 13:43 +0000 [4bc9c23aad] Asterisk Development Team + + * Update for 18.15.1 + +2022-11-29 14:02 +0000 [9b893ce332] Ben Ford + + * pjproject: 2.13 security fixes + + Backports two security fixes (c4d3498 and 450baca) from pjproject 2.13. + + ASTERISK-30338 + + Change-Id: I86fdc003d5d22cb66e7cc6dc3313a8194f27eb69 + +2022-10-10 09:35 +0000 [936d95bfe9] George Joseph + + * pjsip_transport_events: Fix possible use after free on transport + + It was possible for a module that registered for transport monitor + events to pass in a pjsip_transport that had already been freed. + This caused pjsip_transport_events to crash when looking up the + monitor for the transport. The fix is a two pronged approach. + + 1. We now increment the reference count on pjsip_transports when we + create monitors for them, then decrement the count when the + transport is going to be destroyed. + + 2. There are now APIs to register and unregister monitor callbacks + by "transport key" which is a string concatenation of the remote ip + address and port. This way the module needing to monitor the + transport doesn't have to hold on to the transport object itself to + unregister. It just has to save the transport_key. + + * Added the pjsip_transport reference increment and decrement. + + * Changed the internal transport monitor container key from the + transport->obj_name (which may not be unique anyway) to the + transport_key. + + * Added a helper macro AST_SIP_MAKE_REMOTE_IPADDR_PORT_STR() that + fills a buffer with the transport_key using a passed-in + pjsip_transport. + + * Added the following functions: + ast_sip_transport_monitor_register_key + ast_sip_transport_monitor_register_replace_key + ast_sip_transport_monitor_unregister_key + and marked their non-key counterparts as deprecated. + + * Updated res_pjsip_pubsub and res_pjsip_outbound_register to use + the new "key" monitor functions. + + NOTE: res_pjsip_registrar also uses the transport monitor + functionality but doesn't have a persistent object other than + contact to store a transport key. At this time, it continues to + use the non-key monitor functions. + + ASTERISK-30244 + + Change-Id: I1a20baf2a8643c272dcf819871d6c395f148f00b + +2022-10-03 13:54 +0000 [d309e25d61] Mike Bradeen + + * manager: prevent file access outside of config dir + + Add live_dangerously flag to manager and use this flag to + determine if a configuation file outside of AST_CONFIG_DIR + should be read. + + ASTERISK-30176 + + Change-Id: I46b26af4047433b49ae5c8a85cb8cda806a07404 + +2022-06-06 18:11 +0000 [47a483dc8c] Mike Bradeen + + * ooh323c: not checking for IE minimum length + + When decoding q.931 encoded calling/called number + now checking for length being less than minimum required. + + ASTERISK-30103 + + Change-Id: I3dcfce0f35eca258dc450f87c92d4d7af402c2e7 + 2022-10-19 14:23 +0000 Asterisk Development Team * asterisk 18.15.0 Released. diff --git a/asterisk-18.15.0-summary.html b/asterisk-18.15.0-summary.html deleted file mode 100644 index a4d45fcadc..0000000000 --- a/asterisk-18.15.0-summary.html +++ /dev/null @@ -1,212 +0,0 @@ -Release Summary - asterisk-18.15.0

Release Summary

asterisk-18.15.0

Date: 2022-10-19

<asteriskteam@digium.com>

Table of Contents

    -
  1. Summary
    2. -
  2. Contributors
    3. -
  3. Closed Issues
    4. -
  4. Open Issues
    5. -
  5. Other Changes
    6. -
  6. Diffstat
    7. -

Summary

[Back to Top]

This release is a point release of an existing major version. The changes included were made to address problems that have been identified in this release series, or are minor, backwards compatible new features or improvements. Users should be able to safely upgrade to this version if this release series is already in use. Users considering upgrading from a previous version are strongly encouraged to review the UPGRADE.txt document as well as the CHANGES document for information about upgrading to this release series.

The data in this summary reflects changes that have been made since the previous release, asterisk-18.14.0.

Contributors

[Back to Top]

This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.

- - -
CodersTestersReporters
17 Naveen Albert
10 George Joseph
7 Philip Prindeville
4 Asterisk Development Team
4 Mike Bradeen
2 Sean Bright
2 Joshua C. Colp
1 Alexei Gradinari
1 Ben Ford
1 sungtae kim
13 N A
7 George Joseph
7 Philip Prindeville
3 Joshua C. Colp
2 Michael Cargile
1 Dan Cropp
1 Daniel Thümen
1 Chris Young
1 Michael Bradeen
1 Alexei Gradinari
1 Alexander Traud
1 Dan Cropp
1 Chris Young
1 sungtae kim
1 Ted G
1 Gergely Dömsödi

Closed Issues

[Back to Top]

This is a list of all issues from the issue tracker that were closed by changes that went into this release.

New Feature

Category: Applications/app_confbridge

ASTERISK-30211: app_confbridge: Add end_marked_any option
Reported by: N A
    -
  • [8c6c06a340] Naveen Albert -- app_confbridge: Add end_marked_any option.
    • -

Category: Features

ASTERISK-29899: features: Add advanced transfer initiation options
Reported by: N A
    -
  • [6000f9963c] Naveen Albert -- features: Add transfer initiation options.
    • -

Category: General

ASTERISK-30161: locks: add AMI event for deadlock
Reported by: N A
    -
  • [50ce155749] Naveen Albert -- lock.c: Add AMI event for deadlocks.
    • -

Category: Resources/res_pjsip

ASTERISK-30186: res_pjsip: Add support for reloading TLS certificate and key information
Reported by: Joshua C. Colp
    -
  • [f97e9aed85] Joshua C. Colp -- pjsip: Add TLS transport reload support for certificate and key.
    • -

Category: Tests/NewFeature

ASTERISK-30037: Add test support to calling external processes
Reported by: Philip Prindeville
    -
  • [47e49f93fa] Philip Prindeville -- test: Add test coverage for capture child process output
    • -
  • [aeb23fe2a7] Philip Prindeville -- main/utils: allow checking for command in $PATH
    • -
  • [f2cd48e9a8] Philip Prindeville -- test: Add ability to capture child process output
    • -

Bug

Category: Applications/app_confbridge

ASTERISK-28422: Memory Leak in Confbridge menu
Reported by: Ted G
    -
  • [300a6150d5] Naveen Albert -- app_confbridge: Fix memory leak on updated menu options.
    • -
ASTERISK-30020: ConfbridgeListRooms Event Not Documented
Reported by: Michael Cargile
    -
  • [38515df4da] Naveen Albert -- app_confbridge: Add missing AMI documentation.
    • -

Category: Applications/app_meetme

ASTERISK-30018: app_meetme: MeetmeList AMI event not documented
Reported by: Michael Cargile
    -
  • [f459872430] Naveen Albert -- app_meetme: Add missing AMI documentation.
    • -

Category: Channels/chan_pjsip

ASTERISK-30135: [res_musiconhold] Allows the moh only for the answered call
Reported by: sungtae kim
    -
  • [2f5cfa548f] sungtae kim -- res_musiconhold: Add option to not play music on hold on unanswered channels
    • -

Category: Contrib/General

ASTERISK-29453: alembic: incoming_call_offer_pref and outgoing_call_offer_pref missing in "ps_endpoints" table
Reported by: Daniel Thümen
    -
  • [c49a2c46f6] Mike Bradeen -- alembic: add missing ps_endpoints columns
    • -

Category: Core/Bridging

ASTERISK-30210: func_frame_trace: Channel masquerade triggers assertion
Reported by: N A
    -
  • [f74c459a42] Naveen Albert -- func_frame_trace: Remove bogus assertion.
    • -

Category: Core/CodecInterface

ASTERISK-29185: chan_pjsip: Endpoint: allow = all is broken.
Reported by: Alexander Traud
    -
  • [fb11296a9b] Joshua C. Colp -- res_pjsip_sdp_rtp: Skip formats without SDP details.
    • -

Category: Core/ManagerInterface

ASTERISK-29917: ami: FilterList action doesn't exist
Reported by: N A
    -
  • [ef1026227d] Naveen Albert -- manager: Remove documentation for nonexistent action.
    • -

Category: Core/RTP

ASTERISK-29185: chan_pjsip: Endpoint: allow = all is broken.
Reported by: Alexander Traud
    -
  • [fb11296a9b] Joshua C. Colp -- res_pjsip_sdp_rtp: Skip formats without SDP details.
    • -

Category: Core/Sorcery

ASTERISK-29453: alembic: incoming_call_offer_pref and outgoing_call_offer_pref missing in "ps_endpoints" table
Reported by: Daniel Thümen
    -
  • [c49a2c46f6] Mike Bradeen -- alembic: add missing ps_endpoints columns
    • -

Category: Documentation

ASTERISK-29917: ami: FilterList action doesn't exist
Reported by: N A
    -
  • [ef1026227d] Naveen Albert -- manager: Remove documentation for nonexistent action.
    • -

Category: Functions/General

ASTERISK-30210: func_frame_trace: Channel masquerade triggers assertion
Reported by: N A
    -
  • [f74c459a42] Naveen Albert -- func_frame_trace: Remove bogus assertion.
    • -

Category: Functions/func_srv

ASTERISK-30151: Documentation doesn't include info about "field", a 3rd required parameter.
Reported by: Chris Young
    -
  • [c8d2c74a5a] Naveen Albert -- func_srv: Document field parameter.
    • -

Category: Resources/General

ASTERISK-30192: res_tonedetect: fix typo for frametype
Reported by: N A
    -
  • [6c489a891d] Naveen Albert -- res_tonedetect: Fix typos referring to wrong variables.
    • -

Category: Resources/res_crypto

ASTERISK-30235: res_crypto and tests: Memory issues and and uninitialized variable error
Reported by: George Joseph
    -
  • [2bb1665829] George Joseph -- res_crypto: Memory issues and uninitialized variable errors
    • -

Category: Resources/res_geolocation

ASTERISK-30234: res_geolocation: ...may be used uninitialized error in geoloc_config.c
Reported by: George Joseph
    -
  • [03c8c59632] George Joseph -- res_geolocation: Fix issues exposed by compiling with -O2
    • -
ASTERISK-30215: Inbound SIP INVITE with Geo Location causing a Segmentation Fault
Reported by: Dan Cropp
    -
  • [4ab3cd6f86] George Joseph -- res_geolocation: Fix segfault when there's an empty element
    • -
ASTERISK-30190: res_geolocation: GEOLOC_PROFILE isn't returning correct values on incoming channel
Reported by: George Joseph
    -
  • [0e9076df7b] George Joseph -- res_geolocation: Add two new options to GEOLOC_PROFILE
    • -
ASTERISK-30167: res_geolocation: Refactor for issues found by users
Reported by: George Joseph
    -
  • [dfedb13eca] George Joseph -- res_geolocation: Address user issues, remove complexity, plug leaks
    • -

Category: Resources/res_pjsip

ASTERISK-29453: alembic: incoming_call_offer_pref and outgoing_call_offer_pref missing in "ps_endpoints" table
Reported by: Daniel Thümen
    -
  • [c49a2c46f6] Mike Bradeen -- alembic: add missing ps_endpoints columns
    • -

Category: Resources/res_pjsip_session

ASTERISK-26894: pjsip should support tel uri scheme
Reported by: Gergely Dömsödi
    -
  • [1f685d6969] Ben Ford -- res_pjsip: Add TEL URI support for basic calls.
    • -

Category: Tests/testsuite

ASTERISK-26826: testsuite: Add support for Python 3
Reported by: Joshua C. Colp
    -
  • [bd821549af] Mike Bradeen -- CI: Fixing path issue on venv check
    • -
  • [e2f34ad8ce] Mike Bradeen -- CI: use Python3 virtual environment
    • -

Improvement

Category: Applications/General

ASTERISK-30163: general: fix minor formatting issues
Reported by: N A
    -
  • [9126f9bd2b] Naveen Albert -- general: Very minor coding guideline fixes.
    • -

Category: Channels/chan_iax2

ASTERISK-30164: chan_iax2: Add missing option documentation
Reported by: N A
    -
  • [d76f0506e5] Naveen Albert -- chan_iax2: Add missing options documentation.
    • -

Category: Configs/Samples

ASTERISK-30160: cdr.conf: Remove obsolete app_mysql reference
Reported by: N A
    -
  • [d0cd6e82a6] Naveen Albert -- cdr.conf: Remove obsolete app_mysql reference.
    • -

Category: Core/Logging

ASTERISK-30153: logger: Improve log levels
Reported by: N A
    -
  • [08afdcbd30] Naveen Albert -- general: Improve logging levels of some log messages.
    • -

Category: General

ASTERISK-30159: general: Remove obsolete SVN references
Reported by: N A
    -
  • [307b0fa767] Naveen Albert -- general: Remove obsolete SVN references.
    • -

Category: Resources/res_crypto

ASTERISK-30046: Reimplement res/res_crypto.c internals with EVP_PKEY interface to Openssl API's
Reported by: Philip Prindeville
    -
  • [bb8b2259bc] Philip Prindeville -- res_crypto: Use EVP API's instead of legacy API's
    • -
  • [7a0fe63390] Philip Prindeville -- res_crypto: Don't load non-regular files in keys directory
    • -

Category: Resources/res_geolocation

ASTERISK-30185: res_geolocation: Allow location parameters to be specified in profiles
Reported by: George Joseph
    -
  • [261051ecec] George Joseph -- res_geolocation: Allow location parameters on the profile object
    • -
ASTERISK-30177: res_geolocation: Add option to suppress empty elements
Reported by: George Joseph
    -
  • [372f5c56e1] George Joseph -- res_geolocation: Add profile parameter suppress_empty_ca_elements
    • -
ASTERISK-30182: res_geolocation: Add built-in profiles to use in fully dynamic configurations
Reported by: George Joseph
    -
  • [1fc0298f87] George Joseph -- res_geolocation: Add built-in profiles
    • -

Category: Resources/res_pjsip

ASTERISK-30178: extend user_eq_phone behavior to local uri's
Reported by: Michael Bradeen
    -
  • [23933c6242] Mike Bradeen -- res_pjsip: Add user=phone on From and PAID for usereqphone=yes
    • -

Category: Resources/res_pjsip_geolocation

ASTERISK-30241: res_pjsip_gelocation: Downgrade some NOTICE scope trace debugs to DEBUG level
Reported by: N A
    -
  • [7d7165ded1] Naveen Albert -- res_pjsip_geolocation: Change some notices to debugs.
    • -

Category: Resources/res_pjsip_pubsub

ASTERISK-29906: [patch] update RLS to reflect the changes to the lists
Reported by: Alexei Gradinari
    -
  • [18cfcdcd34] Alexei Gradinari -- res_pjsip_pubsub: Postpone destruction of old subscriptions on RLS update
    • -

Category: Tests/General

ASTERISK-30045: Add test coverage to res/res_crypto.c functionality
Reported by: Philip Prindeville
    -
  • [0972106d51] Philip Prindeville -- test: Add coverage for res_crypto
    • -
  • [53f8cc1d49] Philip Prindeville -- res_crypto: make keys reloadable on demand for testing
    • -

Open Issues

[Back to Top]

This is a list of all open issues from the issue tracker that were referenced by changes that went into this release.

Bug

Category: General

ASTERISK-29846: channels: bad ao2 ref causes crash
Reported by: N A
    -
  • [8041bd12c1] Naveen Albert -- cli: Prevent assertions on startup from bad ao2 refs.
    • -

Commits Not Associated with an Issue

[Back to Top]

This is a list of all changes that went into this release that did not reference a JIRA issue.

- - - - - - - - - -
RevisionAuthorSummary
984ac0ba03Asterisk Development TeamUpdate for 18.15.0-rc2
cec323b4c8George Josephmanager.h: Bump version to 7.0.3
1061c9d5bfAsterisk Development TeamUpdate for 18.15.0-rc1
a7f29e8d1aAsterisk Development TeamUpdate CHANGES and UPGRADE.txt for 18.15.0
b3bf415455Sean Brightchan_dahdi.c: Resolve a format-truncation build warning.
57972bac38Sean Brightchannel.h: Remove redundant declaration.
c5ebc6ba40Asterisk Development TeamUpdate CHANGES and UPGRADE.txt for 18.14.0
0da37ff8edGeorge JosephGeolocation: Wiki Documentation

Diffstat Results

[Back to Top]

This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.

asterisk-18.14.0-summary.html                                                              |  187 --
-asterisk-18.14.0-summary.txt                                                               |  455 -------
-b/.version                                                                                 |    2
-b/CHANGES                                                                                  |   70 +
-b/ChangeLog                                                                                |  597 +++++++++
-b/UPGRADE.txt                                                                              |   10
-b/apps/app_confbridge.c                                                                    |   33
-b/apps/app_meetme.c                                                                        |   76 +
-b/apps/app_mp3.c                                                                           |    4
-b/apps/app_stack.c                                                                         |    2
-b/apps/app_voicemail.c                                                                     |    6
-b/apps/confbridge/conf_config_parser.c                                                     |   15
-b/apps/confbridge/conf_state.c                                                             |    3
-b/apps/confbridge/conf_state_empty.c                                                       |    3
-b/apps/confbridge/conf_state_inactive.c                                                    |    3
-b/apps/confbridge/conf_state_multi.c                                                       |    3
-b/apps/confbridge/conf_state_multi_marked.c                                                |   53
-b/apps/confbridge/conf_state_single.c                                                      |    3
-b/apps/confbridge/conf_state_single_marked.c                                               |    3
-b/apps/confbridge/include/conf_state.h                                                     |    3
-b/apps/confbridge/include/confbridge.h                                                     |    1
-b/asterisk-18.15.0-rc2-summary.html                                                        |   23
-b/asterisk-18.15.0-rc2-summary.txt                                                         |  121 +
-b/channels/chan_dahdi.c                                                                    |    7
-b/channels/chan_iax2.c                                                                     |   18
-b/channels/chan_pjsip.c                                                                    |    6
-b/configs/samples/cdr.conf.sample                                                          |    2
-b/configs/samples/confbridge.conf.sample                                                   |    7
-b/configs/samples/features.conf.sample                                                     |    9
-b/configs/samples/geolocation.conf.sample                                                  |   48
-b/configs/samples/musiconhold.conf.sample                                                  |    3
-b/configs/samples/pjsip.conf.sample                                                        |   22
-b/configure                                                                                |  257 ++-
-b/configure.ac                                                                             |   12
-b/contrib/ast-db-manage/config/versions/9f3692b1654b_add_stir_shaken_profile_and_codec_.py |   58
-b/contrib/realtime/mysql/mysql_config.sql                                                  |   10
-b/contrib/realtime/postgresql/postgresql_config.sql                                        |   14
-b/doc/appdocsxml.dtd                                                                       |    4
-b/funcs/func_frame_trace.c                                                                 |    3
-b/funcs/func_srv.c                                                                         |   10
-b/include/asterisk/_private.h                                                              |    1
-b/include/asterisk/autoconfig.h.in                                                         |  125 +
-b/include/asterisk/channel.h                                                               |    2
-b/include/asterisk/crypto.h                                                                |   40
-b/include/asterisk/features_config.h                                                       |    2
-b/include/asterisk/manager.h                                                               |    2
-b/include/asterisk/res_geolocation.h                                                       |   16
-b/include/asterisk/res_pjsip.h                                                             |   78 +
-b/include/asterisk/strings.h                                                               |    2
-b/include/asterisk/test.h                                                                  |   56
-b/include/asterisk/utils.h                                                                 |   10
-b/main/Makefile                                                                            |    3
-b/main/asterisk.c                                                                          |    1
-b/main/bridge_basic.c                                                                      |   61
-b/main/channel_internal_api.c                                                              |    3
-b/main/cli.c                                                                               |   44
-b/main/config.c                                                                            |   13
-b/main/features_config.c                                                                   |    9
-b/main/lock.c                                                                              |   21
-b/main/manager.c                                                                           |   17
-b/main/stasis.c                                                                            |    2
-b/main/strings.c                                                                           |    1
-b/main/test.c                                                                              |  251 +++
-b/main/utils.c                                                                             |   45
-b/makeopts.in                                                                              |    1
-b/menuselect/autoconfig.h.in                                                               |   22
-b/menuselect/configure                                                                     |   16
-b/res/res_config_sqlite3.c                                                                 |    3
-b/res/res_crypto.c                                                                         |  395 +++++-
-b/res/res_geolocation/eprofile_to_pidf.xslt                                                |    9
-b/res/res_geolocation/geoloc_config.c                                                      |  313 +++-
-b/res/res_geolocation/geoloc_dialplan.c                                                    |  138 +-
-b/res/res_geolocation/geoloc_doc.xml                                                       |   86 +
-b/res/res_geolocation/geoloc_eprofile.c                                                    |   92 +
-b/res/res_geolocation/geoloc_private.h                                                     |   16
-b/res/res_musiconhold.c                                                                    |    9
-b/res/res_pjsip.c                                                                          |   64
-b/res/res_pjsip/config_transport.c                                                         |   72 +
-b/res/res_pjsip/pjsip_config.xml                                                           |    8
-b/res/res_pjsip/pjsip_distributor.c                                                        |    6
-b/res/res_pjsip/pjsip_message_filter.c                                                     |   38
-b/res/res_pjsip/pjsip_options.c                                                            |    8
-b/res/res_pjsip_caller_id.c                                                                |    4
-b/res/res_pjsip_dialog_info_body_generator.c                                               |    3
-b/res/res_pjsip_diversion.c                                                                |   10
-b/res/res_pjsip_endpoint_identifier_anonymous.c                                            |    6
-b/res/res_pjsip_endpoint_identifier_user.c                                                 |   10
-b/res/res_pjsip_exten_state.c                                                              |   10
-b/res/res_pjsip_geolocation.c                                                              |   30
-b/res/res_pjsip_messaging.c                                                                |    6
-b/res/res_pjsip_nat.c                                                                      |    1
-b/res/res_pjsip_outbound_registration.c                                                    |    7
-b/res/res_pjsip_path.c                                                                     |   17
-b/res/res_pjsip_pubsub.c                                                                   |   50
-b/res/res_pjsip_sdp_rtp.c                                                                  |   10
-b/res/res_pjsip_session.c                                                                  |    6
-b/res/res_tonedetect.c                                                                     |    4
-b/tests/CI/runTestsuite.sh                                                                 |   15
-b/tests/Makefile                                                                           |    3
-b/tests/keys/rsa_key1.key                                                                  |   15
-b/tests/keys/rsa_key1.pub                                                                  |    6
-b/tests/test_capture.c                                                                     |  379 +++++
-b/tests/test_config.c                                                                      |    4
-b/tests/test_crypto.c                                                                      |  645 ++++++++++
-104 files changed, 4263 insertions(+), 1245 deletions(-)

\ No newline at end of file diff --git a/asterisk-18.15.0-summary.txt b/asterisk-18.15.0-summary.txt deleted file mode 100644 index 1b8fb2e314..0000000000 --- a/asterisk-18.15.0-summary.txt +++ /dev/null @@ -1,528 +0,0 @@ - Release Summary - - asterisk-18.15.0 - - Date: 2022-10-19 - - - - ---------------------------------------------------------------------- - - Table of Contents - - 1. Summary - 2. Contributors - 3. Closed Issues - 4. Open Issues - 5. Other Changes - 6. Diffstat - - ---------------------------------------------------------------------- - - Summary - - [Back to Top] - - This release is a point release of an existing major version. The changes - included were made to address problems that have been identified in this - release series, or are minor, backwards compatible new features or - improvements. Users should be able to safely upgrade to this version if - this release series is already in use. Users considering upgrading from a - previous version are strongly encouraged to review the UPGRADE.txt - document as well as the CHANGES document for information about upgrading - to this release series. - - The data in this summary reflects changes that have been made since the - previous release, asterisk-18.14.0. - - ---------------------------------------------------------------------- - - Contributors - - [Back to Top] - - This table lists the people who have submitted code, those that have - tested patches, as well as those that reported issues on the issue tracker - that were resolved in this release. For coders, the number is how many of - their patches (of any size) were committed into this release. For testers, - the number is the number of times their name was listed as assisting with - testing a patch. Finally, for reporters, the number is the number of - issues that they reported that were affected by commits that went into - this release. - - Coders Testers Reporters - 17 Naveen Albert 13 N A - 10 George Joseph 7 George Joseph - 7 Philip Prindeville 7 Philip Prindeville - 4 Asterisk Development Team 3 Joshua C. Colp - 4 Mike Bradeen 2 Michael Cargile - 2 Sean Bright 1 Dan Cropp - 2 Joshua C. Colp 1 Daniel Thümen - 1 Alexei Gradinari 1 Chris Young - 1 Ben Ford 1 Michael Bradeen - 1 sungtae kim 1 Alexei Gradinari - 1 Alexander Traud - 1 Dan Cropp - 1 Chris Young - 1 sungtae kim - 1 Ted G - 1 Gergely Dömsödi - - ---------------------------------------------------------------------- - - Closed Issues - - [Back to Top] - - This is a list of all issues from the issue tracker that were closed by - changes that went into this release. - - New Feature - - Category: Applications/app_confbridge - - ASTERISK-30211: app_confbridge: Add end_marked_any option - Reported by: N A - * [8c6c06a340] Naveen Albert -- app_confbridge: Add end_marked_any - option. - - Category: Features - - ASTERISK-29899: features: Add advanced transfer initiation options - Reported by: N A - * [6000f9963c] Naveen Albert -- features: Add transfer initiation - options. - - Category: General - - ASTERISK-30161: locks: add AMI event for deadlock - Reported by: N A - * [50ce155749] Naveen Albert -- lock.c: Add AMI event for deadlocks. - - Category: Resources/res_pjsip - - ASTERISK-30186: res_pjsip: Add support for reloading TLS certificate and - key information - Reported by: Joshua C. Colp - * [f97e9aed85] Joshua C. Colp -- pjsip: Add TLS transport reload support - for certificate and key. - - Category: Tests/NewFeature - - ASTERISK-30037: Add test support to calling external processes - Reported by: Philip Prindeville - * [47e49f93fa] Philip Prindeville -- test: Add test coverage for capture - child process output - * [aeb23fe2a7] Philip Prindeville -- main/utils: allow checking for - command in $PATH - * [f2cd48e9a8] Philip Prindeville -- test: Add ability to capture child - process output - - Bug - - Category: Applications/app_confbridge - - ASTERISK-28422: Memory Leak in Confbridge menu - Reported by: Ted G - * [300a6150d5] Naveen Albert -- app_confbridge: Fix memory leak on - updated menu options. - ASTERISK-30020: ConfbridgeListRooms Event Not Documented - Reported by: Michael Cargile - * [38515df4da] Naveen Albert -- app_confbridge: Add missing AMI - documentation. - - Category: Applications/app_meetme - - ASTERISK-30018: app_meetme: MeetmeList AMI event not documented - Reported by: Michael Cargile - * [f459872430] Naveen Albert -- app_meetme: Add missing AMI - documentation. - - Category: Channels/chan_pjsip - - ASTERISK-30135: [res_musiconhold] Allows the moh only for the answered - call - Reported by: sungtae kim - * [2f5cfa548f] sungtae kim -- res_musiconhold: Add option to not play - music on hold on unanswered channels - - Category: Contrib/General - - ASTERISK-29453: alembic: incoming_call_offer_pref and - outgoing_call_offer_pref missing in "ps_endpoints" table - Reported by: Daniel Thümen - * [c49a2c46f6] Mike Bradeen -- alembic: add missing ps_endpoints columns - - Category: Core/Bridging - - ASTERISK-30210: func_frame_trace: Channel masquerade triggers assertion - Reported by: N A - * [f74c459a42] Naveen Albert -- func_frame_trace: Remove bogus - assertion. - - Category: Core/CodecInterface - - ASTERISK-29185: chan_pjsip: Endpoint: allow = all is broken. - Reported by: Alexander Traud - * [fb11296a9b] Joshua C. Colp -- res_pjsip_sdp_rtp: Skip formats without - SDP details. - - Category: Core/ManagerInterface - - ASTERISK-29917: ami: FilterList action doesn't exist - Reported by: N A - * [ef1026227d] Naveen Albert -- manager: Remove documentation for - nonexistent action. - - Category: Core/RTP - - ASTERISK-29185: chan_pjsip: Endpoint: allow = all is broken. - Reported by: Alexander Traud - * [fb11296a9b] Joshua C. Colp -- res_pjsip_sdp_rtp: Skip formats without - SDP details. - - Category: Core/Sorcery - - ASTERISK-29453: alembic: incoming_call_offer_pref and - outgoing_call_offer_pref missing in "ps_endpoints" table - Reported by: Daniel Thümen - * [c49a2c46f6] Mike Bradeen -- alembic: add missing ps_endpoints columns - - Category: Documentation - - ASTERISK-29917: ami: FilterList action doesn't exist - Reported by: N A - * [ef1026227d] Naveen Albert -- manager: Remove documentation for - nonexistent action. - - Category: Functions/General - - ASTERISK-30210: func_frame_trace: Channel masquerade triggers assertion - Reported by: N A - * [f74c459a42] Naveen Albert -- func_frame_trace: Remove bogus - assertion. - - Category: Functions/func_srv - - ASTERISK-30151: Documentation doesn't include info about "field", a 3rd - required parameter. - Reported by: Chris Young - * [c8d2c74a5a] Naveen Albert -- func_srv: Document field parameter. - - Category: Resources/General - - ASTERISK-30192: res_tonedetect: fix typo for frametype - Reported by: N A - * [6c489a891d] Naveen Albert -- res_tonedetect: Fix typos referring to - wrong variables. - - Category: Resources/res_crypto - - ASTERISK-30235: res_crypto and tests: Memory issues and and uninitialized - variable error - Reported by: George Joseph - * [2bb1665829] George Joseph -- res_crypto: Memory issues and - uninitialized variable errors - - Category: Resources/res_geolocation - - ASTERISK-30234: res_geolocation: ...may be used uninitialized error in - geoloc_config.c - Reported by: George Joseph - * [03c8c59632] George Joseph -- res_geolocation: Fix issues exposed by - compiling with -O2 - ASTERISK-30215: Inbound SIP INVITE with Geo Location causing a - Segmentation Fault - Reported by: Dan Cropp - * [4ab3cd6f86] George Joseph -- res_geolocation: Fix segfault when - there's an empty element - ASTERISK-30190: res_geolocation: GEOLOC_PROFILE isn't returning correct - values on incoming channel - Reported by: George Joseph - * [0e9076df7b] George Joseph -- res_geolocation: Add two new options to - GEOLOC_PROFILE - ASTERISK-30167: res_geolocation: Refactor for issues found by users - Reported by: George Joseph - * [dfedb13eca] George Joseph -- res_geolocation: Address user issues, - remove complexity, plug leaks - - Category: Resources/res_pjsip - - ASTERISK-29453: alembic: incoming_call_offer_pref and - outgoing_call_offer_pref missing in "ps_endpoints" table - Reported by: Daniel Thümen - * [c49a2c46f6] Mike Bradeen -- alembic: add missing ps_endpoints columns - - Category: Resources/res_pjsip_session - - ASTERISK-26894: pjsip should support tel uri scheme - Reported by: Gergely Dömsödi - * [1f685d6969] Ben Ford -- res_pjsip: Add TEL URI support for basic - calls. - - Category: Tests/testsuite - - ASTERISK-26826: testsuite: Add support for Python 3 - Reported by: Joshua C. Colp - * [bd821549af] Mike Bradeen -- CI: Fixing path issue on venv check - * [e2f34ad8ce] Mike Bradeen -- CI: use Python3 virtual environment - - Improvement - - Category: Applications/General - - ASTERISK-30163: general: fix minor formatting issues - Reported by: N A - * [9126f9bd2b] Naveen Albert -- general: Very minor coding guideline - fixes. - - Category: Channels/chan_iax2 - - ASTERISK-30164: chan_iax2: Add missing option documentation - Reported by: N A - * [d76f0506e5] Naveen Albert -- chan_iax2: Add missing options - documentation. - - Category: Configs/Samples - - ASTERISK-30160: cdr.conf: Remove obsolete app_mysql reference - Reported by: N A - * [d0cd6e82a6] Naveen Albert -- cdr.conf: Remove obsolete app_mysql - reference. - - Category: Core/Logging - - ASTERISK-30153: logger: Improve log levels - Reported by: N A - * [08afdcbd30] Naveen Albert -- general: Improve logging levels of some - log messages. - - Category: General - - ASTERISK-30159: general: Remove obsolete SVN references - Reported by: N A - * [307b0fa767] Naveen Albert -- general: Remove obsolete SVN references. - - Category: Resources/res_crypto - - ASTERISK-30046: Reimplement res/res_crypto.c internals with EVP_PKEY - interface to Openssl API's - Reported by: Philip Prindeville - * [bb8b2259bc] Philip Prindeville -- res_crypto: Use EVP API's instead - of legacy API's - * [7a0fe63390] Philip Prindeville -- res_crypto: Don't load non-regular - files in keys directory - - Category: Resources/res_geolocation - - ASTERISK-30185: res_geolocation: Allow location parameters to be specified - in profiles - Reported by: George Joseph - * [261051ecec] George Joseph -- res_geolocation: Allow location - parameters on the profile object - ASTERISK-30177: res_geolocation: Add option to suppress empty elements - Reported by: George Joseph - * [372f5c56e1] George Joseph -- res_geolocation: Add profile parameter - suppress_empty_ca_elements - ASTERISK-30182: res_geolocation: Add built-in profiles to use in fully - dynamic configurations - Reported by: George Joseph - * [1fc0298f87] George Joseph -- res_geolocation: Add built-in profiles - - Category: Resources/res_pjsip - - ASTERISK-30178: extend user_eq_phone behavior to local uri's - Reported by: Michael Bradeen - * [23933c6242] Mike Bradeen -- res_pjsip: Add user=phone on From and - PAID for usereqphone=yes - - Category: Resources/res_pjsip_geolocation - - ASTERISK-30241: res_pjsip_gelocation: Downgrade some NOTICE scope trace - debugs to DEBUG level - Reported by: N A - * [7d7165ded1] Naveen Albert -- res_pjsip_geolocation: Change some - notices to debugs. - - Category: Resources/res_pjsip_pubsub - - ASTERISK-29906: [patch] update RLS to reflect the changes to the lists - Reported by: Alexei Gradinari - * [18cfcdcd34] Alexei Gradinari -- res_pjsip_pubsub: Postpone - destruction of old subscriptions on RLS update - - Category: Tests/General - - ASTERISK-30045: Add test coverage to res/res_crypto.c functionality - Reported by: Philip Prindeville - * [0972106d51] Philip Prindeville -- test: Add coverage for res_crypto - * [53f8cc1d49] Philip Prindeville -- res_crypto: make keys reloadable on - demand for testing - - ---------------------------------------------------------------------- - - Open Issues - - [Back to Top] - - This is a list of all open issues from the issue tracker that were - referenced by changes that went into this release. - - Bug - - Category: General - - ASTERISK-29846: channels: bad ao2 ref causes crash - Reported by: N A - * [8041bd12c1] Naveen Albert -- cli: Prevent assertions on startup from - bad ao2 refs. - - ---------------------------------------------------------------------- - - Commits Not Associated with an Issue - - [Back to Top] - - This is a list of all changes that went into this release that did not - reference a JIRA issue. - - +------------------------------------------------------------------------+ - | Revision | Author | Summary | - |------------+----------------------+------------------------------------| - | 984ac0ba03 | Asterisk Development | Update for 18.15.0-rc2 | - | | Team | | - |------------+----------------------+------------------------------------| - | cec323b4c8 | George Joseph | manager.h: Bump version to 7.0.3 | - |------------+----------------------+------------------------------------| - | 1061c9d5bf | Asterisk Development | Update for 18.15.0-rc1 | - | | Team | | - |------------+----------------------+------------------------------------| - | a7f29e8d1a | Asterisk Development | Update CHANGES and UPGRADE.txt for | - | | Team | 18.15.0 | - |------------+----------------------+------------------------------------| - | b3bf415455 | Sean Bright | chan_dahdi.c: Resolve a | - | | | format-truncation build warning. | - |------------+----------------------+------------------------------------| - | 57972bac38 | Sean Bright | channel.h: Remove redundant | - | | | declaration. | - |------------+----------------------+------------------------------------| - | c5ebc6ba40 | Asterisk Development | Update CHANGES and UPGRADE.txt for | - | | Team | 18.14.0 | - |------------+----------------------+------------------------------------| - | 0da37ff8ed | George Joseph | Geolocation: Wiki Documentation | - +------------------------------------------------------------------------+ - - ---------------------------------------------------------------------- - - Diffstat Results - - [Back to Top] - - This is a summary of the changes to the source code that went into this - release that was generated using the diffstat utility. - - asterisk-18.14.0-summary.html | 187 -- - asterisk-18.14.0-summary.txt | 455 ------- - b/.version | 2 - b/CHANGES | 70 + - b/ChangeLog | 597 +++++++++ - b/UPGRADE.txt | 10 - b/apps/app_confbridge.c | 33 - b/apps/app_meetme.c | 76 + - b/apps/app_mp3.c | 4 - b/apps/app_stack.c | 2 - b/apps/app_voicemail.c | 6 - b/apps/confbridge/conf_config_parser.c | 15 - b/apps/confbridge/conf_state.c | 3 - b/apps/confbridge/conf_state_empty.c | 3 - b/apps/confbridge/conf_state_inactive.c | 3 - b/apps/confbridge/conf_state_multi.c | 3 - b/apps/confbridge/conf_state_multi_marked.c | 53 - b/apps/confbridge/conf_state_single.c | 3 - b/apps/confbridge/conf_state_single_marked.c | 3 - b/apps/confbridge/include/conf_state.h | 3 - b/apps/confbridge/include/confbridge.h | 1 - b/asterisk-18.15.0-rc2-summary.html | 23 - b/asterisk-18.15.0-rc2-summary.txt | 121 + - b/channels/chan_dahdi.c | 7 - b/channels/chan_iax2.c | 18 - b/channels/chan_pjsip.c | 6 - b/configs/samples/cdr.conf.sample | 2 - b/configs/samples/confbridge.conf.sample | 7 - b/configs/samples/features.conf.sample | 9 - b/configs/samples/geolocation.conf.sample | 48 - b/configs/samples/musiconhold.conf.sample | 3 - b/configs/samples/pjsip.conf.sample | 22 - b/configure | 257 ++- - b/configure.ac | 12 - b/contrib/ast-db-manage/config/versions/9f3692b1654b_add_stir_shaken_profile_and_codec_.py | 58 - b/contrib/realtime/mysql/mysql_config.sql | 10 - b/contrib/realtime/postgresql/postgresql_config.sql | 14 - b/doc/appdocsxml.dtd | 4 - b/funcs/func_frame_trace.c | 3 - b/funcs/func_srv.c | 10 - b/include/asterisk/_private.h | 1 - b/include/asterisk/autoconfig.h.in | 125 + - b/include/asterisk/channel.h | 2 - b/include/asterisk/crypto.h | 40 - b/include/asterisk/features_config.h | 2 - b/include/asterisk/manager.h | 2 - b/include/asterisk/res_geolocation.h | 16 - b/include/asterisk/res_pjsip.h | 78 + - b/include/asterisk/strings.h | 2 - b/include/asterisk/test.h | 56 - b/include/asterisk/utils.h | 10 - b/main/Makefile | 3 - b/main/asterisk.c | 1 - b/main/bridge_basic.c | 61 - b/main/channel_internal_api.c | 3 - b/main/cli.c | 44 - b/main/config.c | 13 - b/main/features_config.c | 9 - b/main/lock.c | 21 - b/main/manager.c | 17 - b/main/stasis.c | 2 - b/main/strings.c | 1 - b/main/test.c | 251 +++ - b/main/utils.c | 45 - b/makeopts.in | 1 - b/menuselect/autoconfig.h.in | 22 - b/menuselect/configure | 16 - b/res/res_config_sqlite3.c | 3 - b/res/res_crypto.c | 395 +++++- - b/res/res_geolocation/eprofile_to_pidf.xslt | 9 - b/res/res_geolocation/geoloc_config.c | 313 +++- - b/res/res_geolocation/geoloc_dialplan.c | 138 +- - b/res/res_geolocation/geoloc_doc.xml | 86 + - b/res/res_geolocation/geoloc_eprofile.c | 92 + - b/res/res_geolocation/geoloc_private.h | 16 - b/res/res_musiconhold.c | 9 - b/res/res_pjsip.c | 64 - b/res/res_pjsip/config_transport.c | 72 + - b/res/res_pjsip/pjsip_config.xml | 8 - b/res/res_pjsip/pjsip_distributor.c | 6 - b/res/res_pjsip/pjsip_message_filter.c | 38 - b/res/res_pjsip/pjsip_options.c | 8 - b/res/res_pjsip_caller_id.c | 4 - b/res/res_pjsip_dialog_info_body_generator.c | 3 - b/res/res_pjsip_diversion.c | 10 - b/res/res_pjsip_endpoint_identifier_anonymous.c | 6 - b/res/res_pjsip_endpoint_identifier_user.c | 10 - b/res/res_pjsip_exten_state.c | 10 - b/res/res_pjsip_geolocation.c | 30 - b/res/res_pjsip_messaging.c | 6 - b/res/res_pjsip_nat.c | 1 - b/res/res_pjsip_outbound_registration.c | 7 - b/res/res_pjsip_path.c | 17 - b/res/res_pjsip_pubsub.c | 50 - b/res/res_pjsip_sdp_rtp.c | 10 - b/res/res_pjsip_session.c | 6 - b/res/res_tonedetect.c | 4 - b/tests/CI/runTestsuite.sh | 15 - b/tests/Makefile | 3 - b/tests/keys/rsa_key1.key | 15 - b/tests/keys/rsa_key1.pub | 6 - b/tests/test_capture.c | 379 +++++ - b/tests/test_config.c | 4 - b/tests/test_crypto.c | 645 ++++++++++ - 104 files changed, 4263 insertions(+), 1245 deletions(-) diff --git a/asterisk-18.15.1-summary.html b/asterisk-18.15.1-summary.html new file mode 100644 index 0000000000..3b6a404e74 --- /dev/null +++ b/asterisk-18.15.1-summary.html @@ -0,0 +1,35 @@ +Release Summary - asterisk-18.15.1

Release Summary

asterisk-18.15.1

Date: 2022-12-01

<asteriskteam@digium.com>

Table of Contents

    +
  1. Summary
    2. +
  2. Contributors
    3. +
  3. Closed Issues
    4. +
  4. Other Changes
    5. +
  5. Diffstat
    6. +

Summary

[Back to Top]

This release has been made to address one or more security vulnerabilities that have been identified. A security advisory document has been published for each vulnerability that includes additional information. Users of versions of Asterisk that are affected are strongly encouraged to review the advisories and determine what action they should take to protect their systems from these issues.

Security Advisories:

The data in this summary reflects changes that have been made since the previous release, asterisk-18.15.0.

Contributors

[Back to Top]

This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.

+ + +
CodersTestersReporters
2 Asterisk Development Team
2 Mike Bradeen
1 George Joseph
1 Ben Ford
1 shawty
1 nappsoft
1 Benjamin Keith Ford
1 Michael Bradeen

Closed Issues

[Back to Top]

This is a list of all issues from the issue tracker that were closed by changes that went into this release.

Security

Category: Addons/chan_ooh323

ASTERISK-30103: chan_ooh323 Vulnerability in calling/called party IE
Reported by: Michael Bradeen
    +
  • [47a483dc8c] Mike Bradeen -- ooh323c: not checking for IE minimum length
    • +

Category: Core/ManagerInterface

ASTERISK-30176: manager: GetConfig can read files outside of Asterisk
Reported by: shawty
    +
  • [d309e25d61] Mike Bradeen -- manager: prevent file access outside of config dir
    • +

Category: pjproject/pjsip

ASTERISK-30338: pjproject: Backport security fixes from 2.13
Reported by: Benjamin Keith Ford

Bug

Category: Resources/res_pjsip_pubsub

ASTERISK-30244: res_pjsip_pubsub: Occasional crash when TCP/TLS connection terminated and subscription persistence is removed
Reported by: nappsoft
    +
  • [936d95bfe9] George Joseph -- pjsip_transport_events: Fix possible use after free on transport
    • +

Commits Not Associated with an Issue

[Back to Top]

This is a list of all changes that went into this release that did not reference a JIRA issue.

+ + + +
RevisionAuthorSummary
7c6fe5168bAsterisk Development TeamUpdate CHANGES and UPGRADE.txt for 18.15.1
4bc9c23aadAsterisk Development TeamUpdate for 18.15.1

Diffstat Results

[Back to Top]

This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.

UPGRADE.txt                                                                                     |   13
+addons/ooh323c/src/ooq931.c                                                                     |   15
+configs/samples/asterisk.conf.sample                                                            |   11
+include/asterisk/manager.h                                                                      |   12
+include/asterisk/res_pjsip.h                                                                    |   83 ++
+main/manager.c                                                                                  |   42 +
+main/options.c                                                                                  |    1
+res/res_pjsip/pjsip_transport_events.c                                                          |  214 ++++++-
+res/res_pjsip_outbound_registration.c                                                           |   28
+res/res_pjsip_pubsub.c                                                                          |   25
+third-party/pjproject/patches/0200-potential-buffer-overflow-in-pjlib-scanner-and-pjmedia.patch |  289 ++++++++++
+11 files changed, 680 insertions(+), 53 deletions(-)

\ No newline at end of file diff --git a/asterisk-18.15.1-summary.txt b/asterisk-18.15.1-summary.txt new file mode 100644 index 0000000000..62a20561c4 --- /dev/null +++ b/asterisk-18.15.1-summary.txt @@ -0,0 +1,139 @@ + Release Summary + + asterisk-18.15.1 + + Date: 2022-12-01 + + + + ---------------------------------------------------------------------- + + Table of Contents + + 1. Summary + 2. Contributors + 3. Closed Issues + 4. Other Changes + 5. Diffstat + + ---------------------------------------------------------------------- + + Summary + + [Back to Top] + + This release has been made to address one or more security vulnerabilities + that have been identified. A security advisory document has been published + for each vulnerability that includes additional information. Users of + versions of Asterisk that are affected are strongly encouraged to review + the advisories and determine what action they should take to protect their + systems from these issues. + + Security Advisories: + + * AST-2022-007,AST-2022-008,AST-2022-009 + + The data in this summary reflects changes that have been made since the + previous release, asterisk-18.15.0. + + ---------------------------------------------------------------------- + + Contributors + + [Back to Top] + + This table lists the people who have submitted code, those that have + tested patches, as well as those that reported issues on the issue tracker + that were resolved in this release. For coders, the number is how many of + their patches (of any size) were committed into this release. For testers, + the number is the number of times their name was listed as assisting with + testing a patch. Finally, for reporters, the number is the number of + issues that they reported that were affected by commits that went into + this release. + + Coders Testers Reporters + 2 Asterisk Development Team 1 shawty + 2 Mike Bradeen 1 nappsoft + 1 George Joseph 1 Benjamin Keith Ford + 1 Ben Ford 1 Michael Bradeen + + ---------------------------------------------------------------------- + + Closed Issues + + [Back to Top] + + This is a list of all issues from the issue tracker that were closed by + changes that went into this release. + + Security + + Category: Addons/chan_ooh323 + + ASTERISK-30103: chan_ooh323 Vulnerability in calling/called party IE + Reported by: Michael Bradeen + * [47a483dc8c] Mike Bradeen -- ooh323c: not checking for IE minimum + length + + Category: Core/ManagerInterface + + ASTERISK-30176: manager: GetConfig can read files outside of Asterisk + Reported by: shawty + * [d309e25d61] Mike Bradeen -- manager: prevent file access outside of + config dir + + Category: pjproject/pjsip + + ASTERISK-30338: pjproject: Backport security fixes from 2.13 + Reported by: Benjamin Keith Ford + * [9b893ce332] Ben Ford -- pjproject: 2.13 security fixes + + Bug + + Category: Resources/res_pjsip_pubsub + + ASTERISK-30244: res_pjsip_pubsub: Occasional crash when TCP/TLS connection + terminated and subscription persistence is removed + Reported by: nappsoft + * [936d95bfe9] George Joseph -- pjsip_transport_events: Fix possible use + after free on transport + + ---------------------------------------------------------------------- + + Commits Not Associated with an Issue + + [Back to Top] + + This is a list of all changes that went into this release that did not + reference a JIRA issue. + + +------------------------------------------------------------------------+ + | Revision | Author | Summary | + |------------+---------------------------+-------------------------------| + | 7c6fe5168b | Asterisk Development Team | Update CHANGES and | + | | | UPGRADE.txt for 18.15.1 | + |------------+---------------------------+-------------------------------| + | 4bc9c23aad | Asterisk Development Team | Update for 18.15.1 | + +------------------------------------------------------------------------+ + + ---------------------------------------------------------------------- + + Diffstat Results + + [Back to Top] + + This is a summary of the changes to the source code that went into this + release that was generated using the diffstat utility. + + UPGRADE.txt | 13 + addons/ooh323c/src/ooq931.c | 15 + configs/samples/asterisk.conf.sample | 11 + include/asterisk/manager.h | 12 + include/asterisk/res_pjsip.h | 83 ++ + main/manager.c | 42 + + main/options.c | 1 + res/res_pjsip/pjsip_transport_events.c | 214 ++++++- + res/res_pjsip_outbound_registration.c | 28 + res/res_pjsip_pubsub.c | 25 + third-party/pjproject/patches/0200-potential-buffer-overflow-in-pjlib-scanner-and-pjmedia.patch | 289 ++++++++++ + 11 files changed, 680 insertions(+), 53 deletions(-)