From c54d57a9f63171a10f2f477bb434f2b2bdcbb5a4 Mon Sep 17 00:00:00 2001
From: Kevin Harwell <kharwell@digium.com>
Date: Thu, 8 Dec 2016 15:28:50 -0500
Subject: [PATCH] Update for certified/11.6-cert16

---
 .version                                      |  2 +-
 ChangeLog                                     | 39 +++++++++++++++
 asterisk-certified-11.6-cert15-summary.html   | 23 ---------
 asterisk-certified-11.6-cert16-summary.html   | 13 +++++
 ...asterisk-certified-11.6-cert16-summary.txt | 50 +++++--------------
 5 files changed, 66 insertions(+), 61 deletions(-)
 delete mode 100644 asterisk-certified-11.6-cert15-summary.html
 create mode 100644 asterisk-certified-11.6-cert16-summary.html
 rename asterisk-certified-11.6-cert15-summary.txt => asterisk-certified-11.6-cert16-summary.txt (56%)
diff --git a/.version b/.version
index c4ae98a727..a9d13af2c0 100644
--- a/.version
+++ b/.version
@@ -1 +1 @@
-certified/11.6-cert15
\ No newline at end of file
+certified/11.6-cert16
\ No newline at end of file
diff --git a/ChangeLog b/ChangeLog
index 52c367accf..3cbba66623 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,42 @@
+2016-12-08 20:28 +0000  Asterisk Development Team <asteriskteam@digium.com>
+
+	* asterisk certified/11.6-cert16 Released.
+
+2016-11-30 09:31 +0000 [93dfe39642]  Walter Doekes <walter+asterisk@wjd.nu>
+
+	* chan_sip: Do not allow non-SP/HTAB between header key and colon.
+
+	  RFC says SIP headers look like:
+
+	      HCOLON  =  *( SP / HTAB ) ":" SWS
+	      SWS     =  [LWS]                    ; sep whitespace
+	      LWS     =  [*WSP CRLF] 1*WSP        ; linear whitespace
+	      WSP     =  SP / HTAB                ; from rfc2234
+
+	  chan_sip implemented this:
+
+	      HCOLON  =  *( LOWCTL / SP ) ":" SWS
+	      LOWCTL  = %x00-1F                   ; CTL without DEL
+
+	  This discrepancy meant that SIP proxies in front of Asterisk with
+	  chan_sip could pass on unknown headers with \x00-\x1F in them, which
+	  would be treated by Asterisk as a different (known) header.  For
+	  example, the "To\x01:" header would gladly be forwarded by some proxies
+	  as irrelevant, but chan_sip would treat it as the relevant "To:" header.
+
+	  Those relying on a SIP proxy to scrub certain headers could mistakenly
+	  get unexpected and unvalidated data fed to Asterisk.
+
+	  This change fixes so chan_sip only considers SP/HTAB as valid tokens
+	  before the colon, making it agree on the headers with other speakers of
+	  SIP.
+
+	  ASTERISK-26433 #close
+	  AST-2016-009
+
+	  Change-Id: I78086fbc524ac733b8f7f78cb423c91075fd489b
+	  (cherry picked from commit 26dd464dbd0ad7439bc29ce59ec55903d518ec6e)
+
 2016-09-08 16:38 +0000  Asterisk Development Team <asteriskteam@digium.com>
 
 	* asterisk certified/11.6-cert15 Released.
diff --git a/asterisk-certified-11.6-cert15-summary.html b/asterisk-certified-11.6-cert15-summary.html
deleted file mode 100644
index 085e3e9283..0000000000
--- a/asterisk-certified-11.6-cert15-summary.html
+++ /dev/null
@@ -1,23 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><title>Release Summary - asterisk-certified/11.6-cert15</title><h1 align="center"><a name="top">Release Summary</a></h1><h3 align="center">asterisk-certified/11.6-cert15</h3><h3 align="center">Date: 2016-09-08</h3><h3 align="center">&lt;asteriskteam@digium.com&gt;</h3><hr><h2 align="center">Table of Contents</h2><ol>
-<li><a href="#summary">Summary</a></li>
-<li><a href="#contributors">Contributors</a></li>
-<li><a href="#closed_issues">Closed Issues</a></li>
-<li><a href="#commits">Other Changes</a></li>
-<li><a href="#diffstat">Diffstat</a></li>
-</ol><hr><a name="summary"><h2 align="center">Summary</h2></a><center><a href="#top">[Back to Top]</a></center><p>This release has been made to address one or more security vulnerabilities that have been identified. A security advisory document has been published for each vulnerability that includes additional information. Users of versions of Asterisk that are affected are strongly encouraged to review the advisories and determine what action they should take to protect their systems from these issues.</p><p>Security Advisories:</p><ul>
-<li><a href="http://downloads.asterisk.org/pub/security/AST-2016-007.html">AST-2016-007</a></li>
-</ul><p>The data in this summary reflects changes that have been made since the previous release, asterisk-certified/11.6-cert14.</p><hr><a name="contributors"><h2 align="center">Contributors</h2></a><center><a href="#top">[Back to Top]</a></center><p>This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.</p><table width="100%" border="0">
-<tr><th width="33%">Coders</th><th width="33%">Testers</th><th width="33%">Reporters</th></tr>
-<tr valign="top"><td width="33%">3 George Joseph <gjoseph@digium.com><br/>1 Corey Farrell <git@cfware.com><br/></td><td width="33%"><td width="33%">1 Etienne Lessard <elessard@proformatique.com><br/></td></tr>
-</table><hr><a name="closed_issues"><h2 align="center">Closed Issues</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all issues from the issue tracker that were closed by changes that went into this release.</p><h3>Bug</h3><h4>Category: Channels/chan_sip/General</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-26272">ASTERISK-26272</a>: chan_sip: File descriptors leak (UDP sockets)<br/>Reported by: Etienne Lessard<ul>
-<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=c7cb8f7808718d3e275a7114ebe5939020618879">[c7cb8f7808]</a> Corey Farrell -- chan_sip: Don't allocate new RTP instances on top of old ones.</li>
-</ul><br><hr><a name="commits"><h2 align="center">Commits Not Associated with an Issue</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all changes that went into this release that did not reference a JIRA issue.</p><table width="100%" border="1">
-<tr><th>Revision</th><th>Author</th><th>Summary</th></tr>
-<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=1fedc0585e75c3df4f3d12b1056d7975eceb434b">1fedc0585e</a></td><td>gtjoseph</td><td>Release summaries: Remove previous versions</td></tr>
-<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=107b121ff82593b33381014ad797b4c7529f9e01">107b121ff8</a></td><td>gtjoseph</td><td>.version: Update for certified/11.6-cert15</td></tr>
-<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=4e3297d0b0b80a079d87831c2bda33cb6e6503af">4e3297d0b0</a></td><td>gtjoseph</td><td>.lastclean: Update for certified/11.6-cert15</td></tr>
-</table><hr><a name="diffstat"><h2 align="center">Diffstat Results</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.</p><pre>asterisk-certified-11.6-cert14-summary.html |   77 --------
-asterisk-certified-11.6-cert14-summary.txt  |  259 ----------------------------
-b/.version                                  |    2
-b/channels/chan_sip.c                       |   33 +++
-4 files changed, 34 insertions(+), 337 deletions(-)</pre><br></html>
\ No newline at end of file
diff --git a/asterisk-certified-11.6-cert16-summary.html b/asterisk-certified-11.6-cert16-summary.html
new file mode 100644
index 0000000000..7e8b4e3ef8
--- /dev/null
+++ b/asterisk-certified-11.6-cert16-summary.html
@@ -0,0 +1,13 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><title>Release Summary - asterisk-certified/11.6-cert16</title><h1 align="center"><a name="top">Release Summary</a></h1><h3 align="center">asterisk-certified/11.6-cert16</h3><h3 align="center">Date: 2016-12-08</h3><h3 align="center">&lt;asteriskteam@digium.com&gt;</h3><hr><h2 align="center">Table of Contents</h2><ol>
+<li><a href="#summary">Summary</a></li>
+<li><a href="#contributors">Contributors</a></li>
+<li><a href="#closed_issues">Closed Issues</a></li>
+<li><a href="#diffstat">Diffstat</a></li>
+</ol><hr><a name="summary"><h2 align="center">Summary</h2></a><center><a href="#top">[Back to Top]</a></center><p>This release has been made to address one or more security vulnerabilities that have been identified. A security advisory document has been published for each vulnerability that includes additional information. Users of versions of Asterisk that are affected are strongly encouraged to review the advisories and determine what action they should take to protect their systems from these issues.</p><p>Security Advisories:</p><ul>
+<li><a href="http://downloads.asterisk.org/pub/security/AST-2016-009.html">AST-2016-009</a></li>
+</ul><p>The data in this summary reflects changes that have been made since the previous release, asterisk-certified/11.6-cert15.</p><hr><a name="contributors"><h2 align="center">Contributors</h2></a><center><a href="#top">[Back to Top]</a></center><p>This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.</p><table width="100%" border="0">
+<tr><th width="33%">Coders</th><th width="33%">Testers</th><th width="33%">Reporters</th></tr>
+<tr valign="top"><td width="33%">1 Walter Doekes <walter+asterisk@wjd.nu><br/></td><td width="33%"><td width="33%">1 Walter Doekes <walter+asterisk@wjd.nu><br/></td></tr>
+</table><hr><a name="closed_issues"><h2 align="center">Closed Issues</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all issues from the issue tracker that were closed by changes that went into this release.</p><h3>Bug</h3><h4>Category: Channels/chan_sip/Interoperability</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-26433">ASTERISK-26433</a>: chan_sip: Allows To-tag checks to be bypassed, setting up new calls<br/>Reported by: Walter Doekes<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=93dfe3964212deb8abbee7ab7f0153c64d660726">[93dfe39642]</a> Walter Doekes -- chan_sip: Do not allow non-SP/HTAB between header key and colon.</li>
+</ul><br><hr><a name="diffstat"><h2 align="center">Diffstat Results</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.</p><pre>0 files changed</pre><br></html>
\ No newline at end of file
diff --git a/asterisk-certified-11.6-cert15-summary.txt b/asterisk-certified-11.6-cert16-summary.txt
similarity index 56%
rename from asterisk-certified-11.6-cert15-summary.txt
rename to asterisk-certified-11.6-cert16-summary.txt
index 80c9164c07..b49a321429 100644
--- a/asterisk-certified-11.6-cert15-summary.txt
+++ b/asterisk-certified-11.6-cert16-summary.txt
@@ -1,8 +1,8 @@
                                 Release Summary
 
-                         asterisk-certified/11.6-cert15
+                         asterisk-certified/11.6-cert16
 
-                                Date: 2016-09-08
+                                Date: 2016-12-08
 
                            <asteriskteam@digium.com>
 
@@ -13,8 +13,7 @@
     1. Summary
     2. Contributors
     3. Closed Issues
-    4. Other Changes
-    5. Diffstat
+    4. Diffstat
 
      ----------------------------------------------------------------------
 
@@ -31,10 +30,10 @@
 
    Security Advisories:
 
-     * AST-2016-007
+     * AST-2016-009
 
    The data in this summary reflects changes that have been made since the
-   previous release, asterisk-certified/11.6-cert14.
+   previous release, asterisk-certified/11.6-cert15.
 
      ----------------------------------------------------------------------
 
@@ -52,8 +51,7 @@
    this release.
 
    Coders                   Testers                  Reporters                
-   3 George Joseph                                   1 Etienne Lessard        
-   1 Corey Farrell          
+   1 Walter Doekes                                   1 Walter Doekes          
 
      ----------------------------------------------------------------------
 
@@ -66,31 +64,13 @@
 
   Bug
 
-    Category: Channels/chan_sip/General
+    Category: Channels/chan_sip/Interoperability
 
-   ASTERISK-26272: chan_sip: File descriptors leak (UDP sockets)
-   Reported by: Etienne Lessard
-     * [c7cb8f7808] Corey Farrell -- chan_sip: Don't allocate new RTP
-       instances on top of old ones.
-
-     ----------------------------------------------------------------------
-
-                      Commits Not Associated with an Issue
-
-                                 [Back to Top]
-
-   This is a list of all changes that went into this release that did not
-   reference a JIRA issue.
-
-   +------------------------------------------------------------------------+
-   | Revision    | Author    | Summary                                      |
-   |-------------+-----------+----------------------------------------------|
-   | 1fedc0585e  | gtjoseph  | Release summaries: Remove previous versions  |
-   |-------------+-----------+----------------------------------------------|
-   | 107b121ff8  | gtjoseph  | .version: Update for certified/11.6-cert15   |
-   |-------------+-----------+----------------------------------------------|
-   | 4e3297d0b0  | gtjoseph  | .lastclean: Update for certified/11.6-cert15 |
-   +------------------------------------------------------------------------+
+   ASTERISK-26433: chan_sip: Allows To-tag checks to be bypassed, setting up
+   new calls
+   Reported by: Walter Doekes
+     * [93dfe39642] Walter Doekes -- chan_sip: Do not allow non-SP/HTAB
+       between header key and colon.
 
      ----------------------------------------------------------------------
 
@@ -101,8 +81,4 @@
    This is a summary of the changes to the source code that went into this
    release that was generated using the diffstat utility.
 
- asterisk-certified-11.6-cert14-summary.html |   77 --------
- asterisk-certified-11.6-cert14-summary.txt  |  259 ----------------------------
- b/.version                                  |    2
- b/channels/chan_sip.c                       |   33 +++
- 4 files changed, 34 insertions(+), 337 deletions(-)
+ 0 files changed
-- 
2.47.2


Revision	Author	Summary
1fedc0585e	gtjoseph	Release summaries: Remove previous versions
107b121ff8	gtjoseph	.version: Update for certified/11.6-cert15
4e3297d0b0	gtjoseph	.lastclean: Update for certified/11.6-cert15