From 3a76c2b0a9a51a0b80eaa8fea25ce728eb7db031 Mon Sep 17 00:00:00 2001 From: George Joseph Date: Fri, 1 Dec 2017 14:42:21 -0500 Subject: [PATCH] Update for certified/13.13-cert8 --- .version | 2 +- ChangeLog | 52 +++++++++++++++ asterisk-certified-13.13-cert7-summary.html | 24 ------- asterisk-certified-13.13-cert8-summary.html | 15 +++++ ...asterisk-certified-13.13-cert8-summary.txt | 63 ++++++------------- 5 files changed, 88 insertions(+), 68 deletions(-) delete mode 100644 asterisk-certified-13.13-cert7-summary.html create mode 100644 asterisk-certified-13.13-cert8-summary.html rename asterisk-certified-13.13-cert7-summary.txt => asterisk-certified-13.13-cert8-summary.txt (50%) diff --git a/.version b/.version index 413354f4ff..d33e3bb037 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -certified/13.13-cert7 \ No newline at end of file +certified/13.13-cert8 \ No newline at end of file diff --git a/ChangeLog b/ChangeLog index 8ed414da00..7c54d0130e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,55 @@ +2017-12-01 19:42 +0000 Asterisk Development Team + + * asterisk certified/13.13-cert8 Released. + +2017-11-30 14:38 +0000 [efeb9da0e7] George Joseph + + * AST-2017-013: chan_skinny: Call pthread_detach when sess threads end + + chan_skinny creates a new thread for each new session. In trying + to be a good cleanup citizen, the threads are joinable and the + unload_module function does a pthread_cancel() and a pthread_join() + on any sessions that are active at that time. This has an + unintended side effect though. Since you can call pthread_join on a + thread that's already terminated, pthreads keeps the thread's + storage around until you explicitly call pthread_join (or + pthread_detach()). Since only the module_unload function was + calling pthread_join, and even then only on the ones active at the + tme, the storage for every thread/session ever created sticks + around until asterisk exits. + + * A thread can detach itself so the session_destroy() function + now calls pthread_detach() just before it frees the session + memory allocation. The module_unload function still takes care + of the ones that are still active should the module be unloaded. + + ASTERISK-27452 + Reported by: Juan Sacco + + Change-Id: I9af7268eba14bf76960566f891320f97b974e6dd + +2017-11-10 07:06 +0000 [191190a982] Joshua Colp + + * pjsip: Add patch to allow all transports to be destroyed. + + If a transport is created with the same transport type, source + IP address, and source port as one that already exists the old + transport is moved into a linked list called "tp_list". + + If this old transport is later shutdown it will not be destroyed + as the process checks whether the transport is valid or not. This + check does not look at the "tp_list" when making the determination + causing the transport to not be destroyed. + + This change updates the logic to query not just the main storage + method for transports but also the "tp_list". + + Upstream issue https://trac.pjsip.org/repos/ticket/2061 + + ASTERISK-27411 + + Change-Id: Ic5c2bb60226df0ef1c8851359ed8d4cd64469429 + 2017-11-08 16:59 +0000 Asterisk Development Team * asterisk certified/13.13-cert7 Released. diff --git a/asterisk-certified-13.13-cert7-summary.html b/asterisk-certified-13.13-cert7-summary.html deleted file mode 100644 index d9942262a1..0000000000 --- a/asterisk-certified-13.13-cert7-summary.html +++ /dev/null @@ -1,24 +0,0 @@ -Release Summary - asterisk-certified/13.13-cert7

Release Summary

asterisk-certified/13.13-cert7

Date: 2017-11-08

<asteriskteam@digium.com>

Table of Contents

    -
  1. Summary
    2. -
  2. Contributors
    3. -
  3. Closed Issues
    4. -
  4. Diffstat
    5. -

Summary

[Back to Top]

This release has been made to address one or more security vulnerabilities that have been identified. A security advisory document has been published for each vulnerability that includes additional information. Users of versions of Asterisk that are affected are strongly encouraged to review the advisories and determine what action they should take to protect their systems from these issues.

Security Advisories:

The data in this summary reflects changes that have been made since the previous release, asterisk-certified/13.13-cert6.

Contributors

[Back to Top]

This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.

- - -
CodersTestersReporters
1 Richard Mudgett
1 Kevin Harwell
1 George Joseph
1 Youngsung Kim at LINE Corporation
1 Richard Mudgett
1 Kim youngsung
1 Corey Farrell

Closed Issues

[Back to Top]

This is a list of all issues from the issue tracker that were closed by changes that went into this release.

Bug

Category: General

ASTERISK-27319: (Security) Function in PJSIP 2.7 miscalculates the length of an unsigned long variable in 64bit machines
Reported by: Kim youngsung
    -
  • [44f3d85cde] George Joseph -- AST-2017-009: pjproject: Add validation of numeric header values
    • -
ASTERISK-27337: chan_sip: Security vulnerability with client code header (revisited)
Reported by: Richard Mudgett
    -
  • [178b372019] Richard Mudgett -- AST-2017-010: Fix cdr_object_update_party_b_userfield_cb() buf overrun
    • -

Category: Resources/res_pjsip

ASTERISK-27345: res_pjsip_session: RTP instances leak on 488 responses.
Reported by: Corey Farrell
    -
  • [1b31e3c3bd] Kevin Harwell -- AST-2017-011 - res_pjsip_session: session leak when a call is rejected
    • -

Category: Resources/res_pjsip_sdp_rtp

ASTERISK-27345: res_pjsip_session: RTP instances leak on 488 responses.
Reported by: Corey Farrell
    -
  • [1b31e3c3bd] Kevin Harwell -- AST-2017-011 - res_pjsip_session: session leak when a call is rejected
    • -

Category: Resources/res_pjsip_session

ASTERISK-27345: res_pjsip_session: RTP instances leak on 488 responses.
Reported by: Corey Farrell
    -
  • [1b31e3c3bd] Kevin Harwell -- AST-2017-011 - res_pjsip_session: session leak when a call is rejected
    • -

Diffstat Results

[Back to Top]

This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.

main/cdr.c                                                                                    |    6
-res/res_pjsip_session.c                                                                       |   80
-third-party/pjproject/patches/0090-sip_parser-Add-validity-checking-for-numeric-header-.patch |  834 ++++++++++
-3 files changed, 880 insertions(+), 40 deletions(-)

\ No newline at end of file diff --git a/asterisk-certified-13.13-cert8-summary.html b/asterisk-certified-13.13-cert8-summary.html new file mode 100644 index 0000000000..34fabbe248 --- /dev/null +++ b/asterisk-certified-13.13-cert8-summary.html @@ -0,0 +1,15 @@ +Release Summary - asterisk-certified/13.13-cert8

Release Summary

asterisk-certified/13.13-cert8

Date: 2017-12-01

<asteriskteam@digium.com>

Table of Contents

    +
  1. Summary
    2. +
  2. Contributors
    3. +
  3. Closed Issues
    4. +
  4. Diffstat
    5. +

Summary

[Back to Top]

This release has been made to address one or more security vulnerabilities that have been identified. A security advisory document has been published for each vulnerability that includes additional information. Users of versions of Asterisk that are affected are strongly encouraged to review the advisories and determine what action they should take to protect their systems from these issues.

Security Advisories:

The data in this summary reflects changes that have been made since the previous release, asterisk-certified/13.13-cert7.

Contributors

[Back to Top]

This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.

+ + +
CodersTestersReporters
1 Joshua Colp
1 George Joseph
1 Joshua Colp
1 Juan Sacco
1 George Joseph

Closed Issues

[Back to Top]

This is a list of all issues from the issue tracker that were closed by changes that went into this release.

Bug

Category: Channels/chan_skinny

ASTERISK-27452: Security: chan_skinny: Memory exhaustion if flooded with unauthenticated requests
Reported by: George Joseph
    +
  • [efeb9da0e7] George Joseph -- AST-2017-013: chan_skinny: Call pthread_detach when sess threads end
    • +

Category: Resources/res_pjsip/Bundling

ASTERISK-27411: pjsip: TCP connections may not be destroyed
Reported by: Joshua Colp
    +
  • [191190a982] Joshua Colp -- pjsip: Add patch to allow all transports to be destroyed.
    • +

Diffstat Results

[Back to Top]

This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.

0 files changed

\ No newline at end of file diff --git a/asterisk-certified-13.13-cert7-summary.txt b/asterisk-certified-13.13-cert8-summary.txt similarity index 50% rename from asterisk-certified-13.13-cert7-summary.txt rename to asterisk-certified-13.13-cert8-summary.txt index c044c84be6..f266dba897 100644 --- a/asterisk-certified-13.13-cert7-summary.txt +++ b/asterisk-certified-13.13-cert8-summary.txt @@ -1,8 +1,8 @@ Release Summary - asterisk-certified/13.13-cert7 + asterisk-certified/13.13-cert8 - Date: 2017-11-08 + Date: 2017-12-01 @@ -30,10 +30,10 @@ Security Advisories: - * AST-2017-009,AST-2017-010,AST-2017-011 + * AST-2017-013 The data in this summary reflects changes that have been made since the - previous release, asterisk-certified/13.13-cert6. + previous release, asterisk-certified/13.13-cert7. ---------------------------------------------------------------------- @@ -50,11 +50,10 @@ issues that they reported that were affected by commits that went into this release. - Coders Testers Reporters - 1 Richard Mudgett 1 Youngsung Kim at LINE Corporation - 1 Kevin Harwell 1 Richard Mudgett - 1 George Joseph 1 Kim youngsung - 1 Corey Farrell + Coders Testers Reporters + 1 Joshua Colp 1 Joshua Colp + 1 George Joseph 1 Juan Sacco + 1 George Joseph ---------------------------------------------------------------------- @@ -67,39 +66,20 @@ Bug - Category: General + Category: Channels/chan_skinny - ASTERISK-27319: (Security) Function in PJSIP 2.7 miscalculates the length - of an unsigned long variable in 64bit machines - Reported by: Kim youngsung - * [44f3d85cde] George Joseph -- AST-2017-009: pjproject: Add validation - of numeric header values - ASTERISK-27337: chan_sip: Security vulnerability with client code header - (revisited) - Reported by: Richard Mudgett - * [178b372019] Richard Mudgett -- AST-2017-010: Fix - cdr_object_update_party_b_userfield_cb() buf overrun + ASTERISK-27452: Security: chan_skinny: Memory exhaustion if flooded with + unauthenticated requests + Reported by: George Joseph + * [efeb9da0e7] George Joseph -- AST-2017-013: chan_skinny: Call + pthread_detach when sess threads end - Category: Resources/res_pjsip + Category: Resources/res_pjsip/Bundling - ASTERISK-27345: res_pjsip_session: RTP instances leak on 488 responses. - Reported by: Corey Farrell - * [1b31e3c3bd] Kevin Harwell -- AST-2017-011 - res_pjsip_session: - session leak when a call is rejected - - Category: Resources/res_pjsip_sdp_rtp - - ASTERISK-27345: res_pjsip_session: RTP instances leak on 488 responses. - Reported by: Corey Farrell - * [1b31e3c3bd] Kevin Harwell -- AST-2017-011 - res_pjsip_session: - session leak when a call is rejected - - Category: Resources/res_pjsip_session - - ASTERISK-27345: res_pjsip_session: RTP instances leak on 488 responses. - Reported by: Corey Farrell - * [1b31e3c3bd] Kevin Harwell -- AST-2017-011 - res_pjsip_session: - session leak when a call is rejected + ASTERISK-27411: pjsip: TCP connections may not be destroyed + Reported by: Joshua Colp + * [191190a982] Joshua Colp -- pjsip: Add patch to allow all transports + to be destroyed. ---------------------------------------------------------------------- @@ -110,7 +90,4 @@ This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility. - main/cdr.c | 6 - res/res_pjsip_session.c | 80 - third-party/pjproject/patches/0090-sip_parser-Add-validity-checking-for-numeric-header-.patch | 834 ++++++++++ - 3 files changed, 880 insertions(+), 40 deletions(-) + 0 files changed -- 2.47.2