From c47e07120eb561dbd972522a8f5a213f730317f3 Mon Sep 17 00:00:00 2001 From: George Joseph Date: Fri, 1 Dec 2017 14:42:18 -0500 Subject: [PATCH] Update for 14.7.3 --- .version | 2 +- ChangeLog | 30 +++++++++++ asterisk-14.7.2-summary.html | 15 ------ asterisk-14.7.3-summary.html | 13 +++++ ...summary.txt => asterisk-14.7.3-summary.txt | 52 ++++++++----------- 5 files changed, 66 insertions(+), 46 deletions(-) delete mode 100644 asterisk-14.7.2-summary.html create mode 100644 asterisk-14.7.3-summary.html rename asterisk-14.7.2-summary.txt => asterisk-14.7.3-summary.txt (56%) diff --git a/.version b/.version index 7528c3a440..1f4bff5c62 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -14.7.2 \ No newline at end of file +14.7.3 \ No newline at end of file diff --git a/ChangeLog b/ChangeLog index bb4b089330..9748535c56 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,33 @@ +2017-12-01 19:42 +0000 Asterisk Development Team + + * asterisk 14.7.3 Released. + +2017-11-30 14:38 +0000 [6c46894bd5] George Joseph + + * AST-2017-013: chan_skinny: Call pthread_detach when sess threads end + + chan_skinny creates a new thread for each new session. In trying + to be a good cleanup citizen, the threads are joinable and the + unload_module function does a pthread_cancel() and a pthread_join() + on any sessions that are active at that time. This has an + unintended side effect though. Since you can call pthread_join on a + thread that's already terminated, pthreads keeps the thread's + storage around until you explicitly call pthread_join (or + pthread_detach()). Since only the module_unload function was + calling pthread_join, and even then only on the ones active at the + tme, the storage for every thread/session ever created sticks + around until asterisk exits. + + * A thread can detach itself so the session_destroy() function + now calls pthread_detach() just before it frees the session + memory allocation. The module_unload function still takes care + of the ones that are still active should the module be unloaded. + + ASTERISK-27452 + Reported by: Juan Sacco + + Change-Id: I9af7268eba14bf76960566f891320f97b974e6dd + 2017-11-10 16:56 +0000 Asterisk Development Team * asterisk 14.7.2 Released. diff --git a/asterisk-14.7.2-summary.html b/asterisk-14.7.2-summary.html deleted file mode 100644 index 28c6e2e66a..0000000000 --- a/asterisk-14.7.2-summary.html +++ /dev/null @@ -1,15 +0,0 @@ -Release Summary - asterisk-14.7.2

Release Summary

asterisk-14.7.2

Date: 2017-11-10

<asteriskteam@digium.com>

Table of Contents

    -
  1. Summary
    2. -
  2. Contributors
    3. -
  3. Closed Issues
    4. -
  4. Diffstat
    5. -

Summary

[Back to Top]

This release is a point release of an existing major version. The changes included were made to address problems that have been identified in this release series, or are minor, backwards compatible new features or improvements. Users should be able to safely upgrade to this version if this release series is already in use. Users considering upgrading from a previous version are strongly encouraged to review the UPGRADE.txt document as well as the CHANGES document for information about upgrading to this release series.

The data in this summary reflects changes that have been made since the previous release, asterisk-14.7.1.

Contributors

[Back to Top]

This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.

- - -
CodersTestersReporters
1 Richard Mudgett
1 Ben Ford
1 Michael Maier
1 shaurya jain

Closed Issues

[Back to Top]

This is a list of all issues from the issue tracker that were closed by changes that went into this release.

Bug

Category: Resources/res_pjsip

ASTERISK-27387: Regression: pjsip 13.18.0 - from_user - "+" character isn't allowed any more
Reported by: Michael Maier
    -
  • [55ca3b426e] Ben Ford -- res_pjsip: Add to list of valid characters for from_user.
    • -

Category: pjproject/pjsip

ASTERISK-27391: Regression: Deadlock between AOR named lock and pjproject grp lock
Reported by: shaurya jain
    -
  • [f396f47726] Richard Mudgett -- res_pjsip_registrar.c: Fix AOR and pjproject group deadlock.
    • -

Diffstat Results

[Back to Top]

This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.

res_pjsip/pjsip_configuration.c |    4 ++--
-res_pjsip_registrar.c           |   29 ++++++++++++++++++-----------
-2 files changed, 20 insertions(+), 13 deletions(-)

\ No newline at end of file diff --git a/asterisk-14.7.3-summary.html b/asterisk-14.7.3-summary.html new file mode 100644 index 0000000000..4c74bb8b3c --- /dev/null +++ b/asterisk-14.7.3-summary.html @@ -0,0 +1,13 @@ +Release Summary - asterisk-14.7.3

Release Summary

asterisk-14.7.3

Date: 2017-12-01

<asteriskteam@digium.com>

Table of Contents

    +
  1. Summary
    2. +
  2. Contributors
    3. +
  3. Closed Issues
    4. +
  4. Diffstat
    5. +

Summary

[Back to Top]

This release has been made to address one or more security vulnerabilities that have been identified. A security advisory document has been published for each vulnerability that includes additional information. Users of versions of Asterisk that are affected are strongly encouraged to review the advisories and determine what action they should take to protect their systems from these issues.

Security Advisories:

The data in this summary reflects changes that have been made since the previous release, asterisk-14.7.2.

Contributors

[Back to Top]

This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.

+ + +
CodersTestersReporters
1 George Joseph
1 Juan Sacco
1 George Joseph

Closed Issues

[Back to Top]

This is a list of all issues from the issue tracker that were closed by changes that went into this release.

Bug

Category: Channels/chan_skinny

ASTERISK-27452: Security: chan_skinny: Memory exhaustion if flooded with unauthenticated requests
Reported by: George Joseph
    +
  • [6c46894bd5] George Joseph -- AST-2017-013: chan_skinny: Call pthread_detach when sess threads end
    • +

Diffstat Results

[Back to Top]

This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.

0 files changed

\ No newline at end of file diff --git a/asterisk-14.7.2-summary.txt b/asterisk-14.7.3-summary.txt similarity index 56% rename from asterisk-14.7.2-summary.txt rename to asterisk-14.7.3-summary.txt index 4e32b1fc7e..a6f7e11eb3 100644 --- a/asterisk-14.7.2-summary.txt +++ b/asterisk-14.7.3-summary.txt @@ -1,8 +1,8 @@ Release Summary - asterisk-14.7.2 + asterisk-14.7.3 - Date: 2017-11-10 + Date: 2017-12-01 @@ -21,17 +21,19 @@ [Back to Top] - This release is a point release of an existing major version. The changes - included were made to address problems that have been identified in this - release series, or are minor, backwards compatible new features or - improvements. Users should be able to safely upgrade to this version if - this release series is already in use. Users considering upgrading from a - previous version are strongly encouraged to review the UPGRADE.txt - document as well as the CHANGES document for information about upgrading - to this release series. + This release has been made to address one or more security vulnerabilities + that have been identified. A security advisory document has been published + for each vulnerability that includes additional information. Users of + versions of Asterisk that are affected are strongly encouraged to review + the advisories and determine what action they should take to protect their + systems from these issues. + + Security Advisories: + + * AST-2017-013 The data in this summary reflects changes that have been made since the - previous release, asterisk-14.7.1. + previous release, asterisk-14.7.2. ---------------------------------------------------------------------- @@ -49,8 +51,8 @@ this release. Coders Testers Reporters - 1 Richard Mudgett 1 Michael Maier - 1 Ben Ford 1 shaurya jain + 1 George Joseph 1 Juan Sacco + 1 George Joseph ---------------------------------------------------------------------- @@ -63,21 +65,13 @@ Bug - Category: Resources/res_pjsip - - ASTERISK-27387: Regression: pjsip 13.18.0 - from_user - "+" character - isn't allowed any more - Reported by: Michael Maier - * [55ca3b426e] Ben Ford -- res_pjsip: Add to list of valid characters - for from_user. - - Category: pjproject/pjsip + Category: Channels/chan_skinny - ASTERISK-27391: Regression: Deadlock between AOR named lock and pjproject - grp lock - Reported by: shaurya jain - * [f396f47726] Richard Mudgett -- res_pjsip_registrar.c: Fix AOR and - pjproject group deadlock. + ASTERISK-27452: Security: chan_skinny: Memory exhaustion if flooded with + unauthenticated requests + Reported by: George Joseph + * [6c46894bd5] George Joseph -- AST-2017-013: chan_skinny: Call + pthread_detach when sess threads end ---------------------------------------------------------------------- @@ -88,6 +82,4 @@ This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility. - res_pjsip/pjsip_configuration.c | 4 ++-- - res_pjsip_registrar.c | 29 ++++++++++++++++++----------- - 2 files changed, 20 insertions(+), 13 deletions(-) + 0 files changed -- 2.47.2