Revisions of asterisk
- update to 17.9.1: * Security bugs fixed: - [ASTERISK-29191|ASTERISK-29219] res/res_pjsip_diversion: prevent crash on tel: uri in History-Info
- update to 17.9.0: * Security bugs fixed: - [ASTERISK-29057] - pjsip: Crash on call rejection during high load * Improvements: - [ASTERISK-29055] - Create a Bridge with video_single mode - [ASTERISK-29056] - Increase reg_server column size for ps_contacts table realtime * many more bug fixes
- update to 17.8.1 with security fixes: * AST-2020-001: Remote crash in res_pjsip_session * AST-2020-002: Outbound INVITE loop on challenge with different nonce.
Asterisk 17.8.0 * ASTERISK-25665 - Duplicate logging in queue log for EXITEMPTY events (Reported by Ove Aursand) * ASTERISK-29043 - app_queue: Leave empty sometimes not recorded as abandoned (Reported by Kfir Itzhak) * ASTERISK-29042 - res_parking: Parker UUID is no longer copied (Reported by Misha Vodsedalek) * ASTERISK-28878 - chan_pjsip: PJSIP_MEDIA_OFFER Broken asterisk 16 (Reported by Joseph Ades) * ASTERISK-29046 - pbx: Deadlock when doing a reload, while simultaneously doing an ExtensionState on a pattern match hint that ends up adding an extension (Reported by Ramarajan) * ASTERISK-29040 - res_speech: Assertion on format (Reported by Nickolay V. Shmyrev) * ASTERISK-29001 - chan_pjsip does not process or forward 181 responses (Reported by Torrey Searle) * ASTERISK-29034 - Lastpause of realtime members is reseting (Reported by Evandro César Arruda) * ASTERISK-27273 - app_voicemail: When a voicemail is marked as "Urgent", it is not sent by email/processed by the mailcmd command (Reported by Leandro Dardini) * ASTERISK-29033 - res_pjsip_session: Aggressively terminates session on failed re-INVITE (Reported by Joshua C. Colp) * ASTERISK-28974 - res_rtp_asterisk: T.140 messages have appended RTP string to each message block. (Reported by Thomas Johnson) - Add dahdi build conditional dahdi-linux is bitrotten, and TW kernel is moving too fast to catch up - Use proper gmime dependency
Update to release 17.7.0
Spec modifications: * Fix postgres build dependency for 15.2 and later * Switched of NOISE_BUILD * Added `make install-include-headers` * Packaged asterisk include dir in -devel, otherwise dependent builds would fail Asterisk update to release 17.6.0 * AMI: You can now specify an optional 'Content-Type' as an argument for the Asterisk SendText manager action. * res_pjsip: Added a new PJSIP system setting called disable_rport. * res_sorcery_memory_cache: The SorceryMemoryCacheExpireObject AMI action and CLI command allow expiring of a specific object within the sorcery memory cache. * res_ari_channels: When creating a channel in ARI using the create call you can now specify dialplan variables to be set as part of the same operation. * res_pjsip_logger: The PJSIP packet logger now has the following CLI commands: * Switched dependent pjproject to version 2.10
- Update to new upstream release 16.8.0 + Bugs fixed in this release: * ASTERISK-28766 - PJSIP blind transfer not completed after using Proceeding() (Reported by lvl) * ASTERISK-28685 - check_expr2: linking (when hardening) and cross-compiling troubles (Reported by Sebastian Kemper) * ASTERISK-28764 - res_rtp_asterisk: Improve NACK support and seqno handling (Reported by Joshua C. Colp) * ASTERISK-28755 - SIP/Stasis: SIP headers not transmitted in the "variables" field (Reported by Jean Aunis - Prescom) * ASTERISK-28754 - ASTERISK-28738 Causes Audio Issue After Hold (Reported by Ross Beer) * ASTERISK-28697 - res_pjsip: Named ACL does not update on reload if changed (Reported by Timothy Vanderaerden) * ASTERISK-28746 - res_pjsip_outbound_registration keeps retrying the first entry in a SRV record set (Reported by George Joseph) * ASTERISK-28716 - ICE: pjnath shouldn't wait for ICE to complete before allowing sending (Reported by Benjamin Keith Ford) * ASTERISK-28738 - Incorrect state machine used when MOH_PASSTHRU is used (Reported by Torrey Searle) * ASTERISK-28742 - res_rtp_asterisk: static for audio due to incomplete dtls/srtp setup (Reported by Kevin Harwell) * ASTERISK-28735 - Realtime MoH Unknown format '' -- defaulting to SLIN (Reported by Ross Beer) * ASTERISK-28730 - res_pjsip_session: Fix out of order session refreshes (Reported by Joshua C. Colp) * ASTERISK-28718 - chan_sip: Returns 403 if RTP ports are depleted, should return 503 (Reported by Walter Doekes)
- Update to new upstream release 16.8.0 + New Features made in this release: * ASTERISK-17491 - CURLOPT() needs a "followlocation" parameter / "maxredirs" doesn't do anything (Reported by candrews) * ASTERISK-28639 - res_pjsip_endpoint_identifier_ip: Add ability to match on source port (Reported by Sean Bright) + Bugs fixed in this release: * ASTERISK-28679 - stasis application is destroyed after its creation (Reported by Francois Blackburn) * ASTERISK-28423 - ARI causes STASIS Deadlock (Reported by Ross Beer) * ASTERISK-28714 - REGRESSION: Feature subscription_persistence_recreate (ASTERISK-27759) Causes Segfaults (Reported by Ross Beer) * ASTERISK-28677 - CDR billsec is always 0 for transferred calls (Reported by Maciej Michno) * ASTERISK-28702 - chan_dahdi: holding a channel via flash to dialtone times out after 0:16:40 (Reported by Andrew Siplas) * ASTERISK-28706 - silk 24hHz doesn't show up in 'core show translation' output (Reported by Sean Bright) * ASTERISK-24484 - Update documentation for statsd module - usage requirements unclear (Reported by Dan Jenkins) * ASTERISK-28695 - core: minmemfree watermark uses free RAM, not available RAM (Reported by Kevin Flyn) * ASTERISK-28693 - chan_sip: SIP MESSAGE beginning with a whitespace appears empty in the dialplan (Reported by Frank Matano) * ASTERISK-23739 - [patch]Segfault forwarding voicemail with
- Update to new upstream release 16.7.0 + Security bugs fixed in this release: * ASTERISK-28589 - chan_sip: Depending on configuration an INVITE can alter Addr of a peer (Reported by Andrey V.T.) * ASTERISK-28580 - Bypass SYSTEM write permission in manager action allows system commands execution (Reported by Eliel Sardañons) + Improvements made in this release: * ASTERISK-28602 - res_pjsip_outbound_registration: Maximum retries reached (Reported by Daniel) * ASTERISK-28586 - Typo in README-SERIOUSLY.bestpractices.md (Reported by Sam Banks) * ASTERISK-22192 - [patch] Allow voicemail forwards with ODBC backend when format differs from attachfmt column (Reported by cmaj) * ASTERISK-28567 - Problem with ASTERISK-20207: Asterisk should clear out any .lock files in the voice mail directory on startup. (Reported by Michael) * ASTERISK-28542 - [patch] add the ability for asterisk to generate on-hold re-invites (Reported by Torrey Searle) * ASTERISK-28512 - Add pass-through support for H.265 (HEVC) codec (Reported by Florian Floimair) + Bugs fixed in this release: * ASTERISK-28609 - Memory Leak in res_rtp_asterisk.c (Reported by Ted G) * ASTERISK-28604 - app_meetme, chan_ooh323 and cdr_mysql don't build on 17.0.0 (Reported by George Joseph) * ASTERISK-28659 - res_pjsip_sdp_rtp: Bundle includes non-existent media stream if codecs create additional streams and offer does not have them
- Update to new upstream release 16.6.2 * ASTERISK-28580 manager.c: Prevent the Originate action from running the Originate app If an AMI user without the "system" authorization calls the Originate AMI command with the Originate application, the second Originate could run the "System" command. Action: Originate Channel: Local/1111 Application: Originate Data: Local/2222,app,System,touch /tmp/owned If the "system" authorization isn't set, we now block the Originate app as well as the System, Exec, etc. apps. * ASTERISK-28589 #close chan_sip.c: Prevent address change on unauthenticated SIP request. If the name of a peer is known and a SIP request is sent using that peer's name, the address of the peer will change even if the request fails the authentication challenge. This means that an endpoint can be altered and even rendered unusuable, even if it was in a working state previously. This can only occur when the nat option is set to the default, or auto_force_rport. This change checks the result of authentication first to ensure it is successful before setting the address and the nat option. - Update to new upstream release 16.6.1 * ASTERISK-28574 pjproject_bundled: Replace earlier reverts with official fixes. Issues in pjproject 2.9 caused us to revert some of their changes as a work around. This introduced another issue where pjproject wouldn't build with older gcc versions such as that found on CentOS 6. This commit replaces the reverts with the official fixes for the original issues and allows pjproject to be built
- Update to new upstream release 16.6.0 - Security bugs fixed in this release: * [ASTERISK-28495] - res_pjsip_t38: 200 OK with SDP answer with declined stream causes crash (Reported by Alexei Gradinari) - Bugs fixed in this release: * [ASTERISK-28521] - pjsip: Memory Leak (Reported by Mark) * [ASTERISK-28523] - Asterisk 16.5.0 Memory leak (Reported by Cyril Ramière) * [ASTERISK-28538] - chan_pjsip: Deadlock on fax detection (Reported by Joshua C. Colp) * [ASTERISK-28536] - Asterisk release candidates fail to build on FreeBSD (Reported by Guido Falsi) * [ASTERISK-28511] - codec_resample: Bad sound quality when up sampling from SLIN16 to SLIN32 (Reported by Ruddy G) * [ASTERISK-28525] - chan_dahdi: set CHANNEL(hangupsource) when a PRI channel hangs up (Reported by Frederic LE FOLL) * [ASTERISK-28527] - ChanIsAvail() creates a CDR if unanswered=yes is set in cdr.conf (Reported by Frederic LE FOLL) * [ASTERISK-28499] - translate: Crash when frame does not have a "src" field set (Reported by Gregory Massel) * [ASTERISK-25592] - chan_unistim: Clang Warning: variable sized type not at end of a struct (Reported by Alexander Traud) * [ASTERISK-28488] - pjsip mwi: n+1 sip notify's sent on re-register (Reported by Chris Savinovich) * [ASTERISK-28509] - PJSIP cnonce generated on Linux contains 36 characters, NEC only supports up to 32 characters (Reported by Dan Cropp) * [ASTERISK-28505] - app_voicemail/IMAP: segfault in leave_voicemail because not checking mailstream (Reported by Alexei Gradinari) * [ASTERISK-28487] - compile menuselect on gentoo
- Update to new upstream release 16.5.0 - Security bugs fixed in this release: * ASTERISK-28447 - res_pjsip_messaging: In-dialog MESSAGE with no body causes crash (Reported by Gil Richard) * ASTERISK-28465 - Broken SDP can cause a segfault in a T.38 reINVITE (Reported by Francesco Castellano) - Bugs fixed in this release: * ASTERISK-28457 - [patch] Fix crash in chan_dahdi on 32-bit systems caused by ASTERISK-28317 (Reported by abelbeck) * ASTERISK-28458 - res_pjsip_sdp_rtp: Remove unused variable (Reported by Michael Maier) * ASTERISK-26006 - Show offending IP for TLS setup failures in logs (Reported by Oleksandr Natalenko) * ASTERISK-28444 - chan_pjsip: Peer IP for SSL handshake errors not logged (Reported by Bernhard Schmidt) * ASTERISK-28419 - app_amd: Does not work with silence suppression (Reported by Nasir Iqbal) * ASTERISK-28018 - IP Fragmentation happening instead of DTLS fragmentation on handshake server hello certificate (Reported by vijay kumar) * ASTERISK-25371 - Crash in hangup at chan_pjsip.c:1749 when Asterisk attempts to generate hangup event (Reported by Abhay Gupta) * ASTERISK-28435 - cdr_pgsql: Unix socket doesn't work (Reported by Dmitry Svyatogorov) * ASTERISK-27981 - res_fax: Fax session leak with fax gatewaying (Reported by pasandev) * ASTERISK-28427 - new mwi.h include missing from some dahdi source files, causes build failure (Reported by Guido Falsi)
- Add postgresql-server-devel dependency for Factory - Update to new upstream release 16.4.1 * AST-2019-002: Remote crash vulnerability with MESSAGE messages A specially crafted SIP in-dialog MESSAGE message can cause Asterisk to crash. * AST-2019-003: Remote Crash Vulnerability in chan_sip channel driver When T.38 faxing is done in Asterisk a T.38 reinv ite may be sent to an endpoint to switch it to T.38. If the endpoint responds with an improperly formatted SDP answer including both a T.38 UDPTL stream and an audio or video stream containing only codecs not allowed on the SIP peer or user a crash will occur. The code incorrectly assumes that there will be at least one common codec when T.38 is also in the SDP answer. Fixes CVE-2019-13161. https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-16.4.1 - Update to new upstream release 16.4.0 https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-16.4.0 - Update to new upstream release 16.3.0 https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-16.3.0 - Remove dependency on jansson (locally supplied)
- Update to new upstream release 16.2.1 * Fix remote crash vulnerability in SDP protocol violation (CVE-2019-7251)
Update asterisk
- Update to new upstream release 16.1.1 * Fix for Regression: MWI polling no longer works
Displaying revisions 21 - 40 of 83