This is to fix AST-2011-001: Stack buffer overflow in SIP channel driver
Asterisk Project Security Advisory - AST-2011-001
Product Asterisk
Summary Stack buffer overflow in SIP channel driver
Nature of Advisory Exploitable Stack Buffer Overflow
Susceptibility Remote Authenticated Sessions
Severity Moderate
Exploits Known No
Reported On January 11, 2011
Reported By Matthew Nicholson
Posted On January 18, 2011
Last Updated On January 18, 2011
Advisory Contact Matthew Nicholson <mnicholson at digium.com>
CVE Name
Description When forming an outgoing SIP request while in pedantic mode, a
stack buffer can be made to overflow if supplied with
carefully crafted caller ID information. This vulnerability
also affects the URIENCODE dialplan function and in some
versions of asterisk, the AGI dialplan application as well.
The ast_uri_encode function does not properly respect the size
of its output buffer and can write past the end of it when
encoding URIs.
For full details, see:
http://downloads.digium.com/pub/security/AST-2011-001.html
This is to fix AST-2011-001: Stack buffer overflow in SIP channel driver
Asterisk Project Security Advisory - AST-2011-001
Product Asterisk
Summary Stack buffer overflow in SIP channel driver
Nature of Advisory Exploitable Stack Buffer Overflow
Susceptibility Remote Authenticated Sessions
Severity Moderate
Exploits Known No
Reported On January 11, 2011
Reported By Matthew Nicholson
Posted On January 18, 2011
Last Updated On January 18, 2011
Advisory Contact Matthew Nicholson <mnicholson at digium.com>
CVE Name
Description When forming an outgoing SIP request while in pedantic mode, a
stack buffer can be made to overflow if supplied with
carefully crafted caller ID information. This vulnerability
also affects the URIENCODE dialplan function and in some
versions of asterisk, the AGI dialplan application as well.
The ast_uri_encode function does not properly respect the size
of its output buffer and can write past the end of it when
encoding URIs.
For full details, see:
http://downloads.digium.com/pub/security/AST-2011-001.html
The release of Asterisk 1.8.2 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following is a sample of the issues resolved in this release:
* 'sip notify clear-mwi' needs terminating CRLF.
(Closes issue #18275. Reported, patched by klaus3000)
* Patch for deadlock from ordering issue between channel/queue locks in
app_queue (set_queue_variables).
(Closes issue #18031. Reported by rain. Patched by bbryant)
* Fix cache of device state changes for multiple servers.
(Closes issue #18284, #18280. Reported, tested by klaus3000. Patched, tested
by russellb)
* Resolve issue where channel redirect function (CLI or AMI) hangs up the call
instead of redirecting the call.
(Closes issue #18171. Reported by: SantaFox)
(Closes issue #18185. Reported by: kwemheuer)
(Closes issue #18211. Reported by: zahir_koradia)
(Closes issue #18230. Reported by: vmarrone)
(Closes issue #18299. Reported by: mbrevda)
(Closes issue #18322. Reported by: nerbos)
* Fix reloading of peer when a user is requested. Prevent peer reloading from
causing multiple MWI subscriptions to be created when using realtime.
(Closes issue #18342. Reported, patched by nivek.)
* Fix XMPP PubSub-based distributed device state. Initialize pubsubflags to 0
so res_jabber doesn't think there is already an XMPP connection sending
device state. Also clean up CLI commands a bit.
(Closes issue #18272. Reported by klaus3000. Patched by Marquis42)
* Don't crash after Set(CDR(userfield)=...) in ast_bridge_call. Instead of
setting peer->cdr = NULL, set it to not post.
(Closes issue #18415. Reported by macbrody. Patched, tested by jsolares)
* Fixes issue with outbound google voice calls not working. Thanks to az1234
and nevermind_quack for their input in helping debug the issue.
(Closes issue #18412. Reported by nevermind_quack. Patched by dvossel)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.2
The release of Asterisk 1.6.2.16 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following is a sample of the issues resolved in this release:
* Fix cache of device state changes for multiple servers.
(Closes issue #18284, #18280. Reported, tested by klaus3000. Patched, tested
by russellb)
* Resolve issue where channel redirect function (CLI or AMI) hangs up the call
instead of redirecting the call.
(Closes issue #18171. Reported by: SantaFox)
(Closes issue #18185. Reported by: kwemheuer)
(Closes issue #18211. Reported by: zahir_koradia)
(Closes issue #18230. Reported by: vmarrone)
(Closes issue #18299. Reported by: mbrevda)
(Closes issue #18322. Reported by: nerbos)
* Linux and *BSD disagree on the elements within the ucred structure. Detect
which one is in use on the system.
(Closes issue #18384. Reported, patched, tested by bjm, tilghman)
* app_followme: Don't create a Local channel if the target extension does not
exist.
(Closes issue #18126. Reported, patched by junky)
* Revert code that changed SSRC for DTMF.
(Closes issue #17404, #18189, #18352. Reported by sdolloff, marcbou. rsw686.
Tested by cmbaker82)
* Resolve issue where REGISTER request with a Call-ID matching an existing
transaction is received it was possible that the REGISTER request would
overwrite the initreq of the private structure.
(Closes issue #18051. Reported by eeman. Patched, tested by twilson)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.16
alternative from mk/jpeg.buildlink3.mk
This allows selection of an alternative jpeg library (namely the x86 MMX,
SSE, SSE2 accelerated libjpeg-turbo) via JPEG_DEFAULT=libjpeg-turbo, and
follows the current standard model for alternatives (fam, motif, fuse etc).
The mechanical edits were applied via the following script:
#!/bin/sh
for d in */*; do
[ -d "$d" ] || continue
for i in "$d/"Makefile* "$d/"*.mk; do
case "$i" in *.orig|*"*"*) continue;; esac
out="$d/x"
sed -e 's;graphics/jpeg/buildlink3\.mk;mk/jpeg.buildlink3.mk;g' \
-e 's;BUILDLINK_PREFIX\.jpeg;JPEGBASE;g' \
< "$i" > "$out"
if cmp -s "$i" "$out"; then
rm -f "$out"
else
echo "Edited $i"
mv -f "$i" "$i.orig" && mv "$out" "$i"
fi
done
done
Don't bother bumping the version since it didn't build on DFBSD
before there is no binary package that could have changed, and this
doesn't change the binary packages on other systems.
The release of Asterisk 1.8.1.1 resolves two issues reported by the community
since the release of Asterisk 1.8.1.
* Don't crash after Set(CDR(userfield)=...) in ast_bridge_call. Instead of
setting peer->cdr = NULL, set it to not post.
(Closes issue #18415. Reported by macbrody. Patched, tested by jsolares)
* Fixes issue with outbound google voice calls not working. Thanks to az1234
and nevermind_quack for their input in helping debug the issue.
(Closes issue #18412. Reported by nevermind_quack. Patched by dvossel)
For a full list of changes in this release candidate, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.1.1
Asterisk is a complete PBX in software. It provides all of the
features you would expect from a PBX and more. Asterisk does voice
over IP in three protocols, and can interoperate with almost all
standards-based telephony equipment using relatively inexpensive
hardware.
Asterisk 1.8 is a long term support version (i.e. it will be
supported for four years with an additional year of security only
fixes). See:
https://wiki.asterisk.org/wiki/display/AST/Asterisk+Versions
What's new:
Asterisk 1.8 is the next major release series of Asterisk.
The release of Asterisk 1.8.0 would not have been possible without the support
and contributions of the community. Since Asterisk 1.6.2, we've had over 500
reporters, more than 300 testers and greater than 200 developers contributed to
this release.
You can find a summary of the work involved with the 1.8.0 release in the
sumary:
http://svn.asterisk.org/svn/asterisk/tags/1.8.0/asterisk-1.8.0-summary.txt
A short list of available features includes:
* Secure RTP
* IPv6 Support in the SIP channel driver
* Connected Party Identification Support
* Calendaring Integration
* A new call logging system, Channel Event Logging (CEL)
* Distributed Device State using Jabber/XMPP PubSub
* Call Completion Supplementary Services support
* Advice of Charge support
* Much, much more!
A full list of new features can be found in the CHANGES file.
http://svn.digium.com/view/asterisk/branches/1.8/CHANGES?view=markup
For a full list of changes in the current release candidate, please see the
ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.0
-----
The Asterisk Development Team has announced the release of Asterisk 1.8.1.
The release of Asterisk 1.8.1 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following is a sample of the issues resolved in this release:
* Fix issue when using directmedia. Asterisk needs to limit the codecs offered
to just the ones that both sides recognize, otherwise they may end up sending
audio that the other side doesn't understand.
(Closes issue #17403. Reported, patched by one47. Tested by one47, falves11)
* Resolve issue where Party A in an analog 3-way call would continue to hear
ringback after party C answers.
(Patched by rmudgett)
* Fix playback failure when using IAX with the timerfd module.
(Closes issue #18110. Reported, tested by tpanton. Patched by jpeeler)
* Fix problem with qualify option packets for realtime peers never stopping.
The option packets not only never stopped, but if a realtime peer was not in
the peer list multiple options dialogs could accumulate over time.
(Closes issue #16382. Reported by lftsy. Tested by zerohalo. Patched by
jpeeler)
* Fix issue where it is possible to crash Asterisk by feeding the curl engine
invalid data.
(Closes issue #18161. Reported by wdoekes. Patched by tilghman)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.1
- disable automatic Lua detection for now until lang/lua/builtin.mk exists
The release of Asterisk 1.6.2.15 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following is a sample of the issues resolved in this release:
* When using chan_skinny, don't crash when parking a non-bridged call.
(Closes issue #17680. Reported, tested by jmhunter. Patched, tested by DEA)
* Add ability for Asterisk to try both the encoded and unencoded subscription
URI for a match in hints.
(Closes issue #17785. Reported, tested by ramonpeek. Patched by tilghman)
* Set the caller id on CDRs when it is set on the parent channel.
(Closes issue #17569. Reported, patched by tbelder)
* Ensure user portion of SIP URI matches dialplan when using encoded characters
(Closes issue #17892. Reported by wdoekes. Patched by jpeeler)
* Resolve issue where Party A in an analog 3-way call would continue to hear
ringback after party C answers.
(Patched by rmudgett)
* Fix problem with qualify option packets for realtime peers never stopping.
The option packets not only never stopped, but if a realtime peer was not in
the peer list multiple options dialogs could accumulate over time.
(Closes issue #16382. Reported by lftsy. Tested by zerohalo. Patched by
jpeeler)
* Multiple fixes related to Local channels.
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.15
version 8.1.18 (Nov 11, 2010):
- install man pages read-only and improved the contributed redhat init
script - patches by Eric Biederman <ebiederm@aristanetworks.com>
- spec file improvements in contrib/redhat-rpm - patch by Jodok Ole
Muellers <jodok.muellers@aschendorff.de>
- GSS-API patch for client code - patch by Andras Horvath
<Andras.Horvath@cern.ch>
version 8.1.17 (Sep 29, 2009):
- fix for interface detection when HAVE_SA_LEN is defined - first
detected on NetBSD 5.0 and patched by Chris Ross
<cross+conserver@distal.com>
- first person to connect to a console wanting read/write now gets it
once the active user drops read/write - suggested by Thomas Gardner
<tmg@pobox.com>
- fix typo when setting nonblocking socket for client connections,
fixing stall issues - patch by Eric Biederman
<ebiederm@aristanetworks.com>
- GSS-API patch (--with-gssapi) to help with Kerberos tokens - patch by
Nate Straz <nstraz@redhat.com>
- authenticate username without @REALM when using GSS-API
(--with-striprealm) - based on patch by Andras Horvath
<Andras.Horvath@cern.ch>
- various contrib/redhat-rpm fixes - patch by Fabien Wernli
<wernli@in2p3.fr>
- fix handling of read(stdin) returning -1 in console client - patch by
Ed Swierk <eswierk@arastra.com>
patch-ac has been included upstream.
1.56 Mon Nov 15 21:00:00 CET 2010
- When sending messages in text mode, now we wait a bit
between the +CMSG command and the actual text.
Fixes RT #61729. Thanks to Boris Ivanov for the report.
- Added clear example of logging to a custom file
- Added a warning for not implemented _read_messages_text()
- Added a "assume_registered" option to skip GSM network
registration on buggy/problematic devices.
by Iain Hibbert:
- use libexpat instead of FreeBSD internal libbsdxml
- fix off by one error with busy spinner, which sometimes
resulted in a spurious backspace in the output
- fflush(stdout) for busy spinner
- print streaming statistics after transfers in client mode
- use HAVE_BT_DEVADDR rather than testing for __NetBSD__
- use bdaddr_any() functions instead of memcpy()
- allow server mode to bind to channel 0, indicating to the OS
that the first available channel should be used
- prevent busy loop bug if the socket is remotely closed causing
the read() to return 0 bytes
- fix some [unsigned comparison] compiler warnings
- provide connection ID for all get requests, improves compatibility
with remote windows mobile devices
The release of Asterisk 1.6.2.14 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following is a sample of the issues resolved in this release:
* Fix issue where session timers would be advertised as supported even
when session-timers=refuse was set in sip.conf. Also fix
interoperability problems with session timer behavior in Asterisk.
(Closes issue #17005. Reported by alexcarey. Patched by dvossel)
* Parse all "Accept" headers for SIP SUBSCRIBE requests.
(Closes issue #17758. Reported by ibc. Patched by dvossel)
* Fix issue where queue stats would be reset on reload.
(Closes issue #17535. Reported by raarts. Patched by tilghman)
* Fix issue where MoH files were no longer rescanned on during a
reload.
(Closes issue #16744. Reported by pj. Patched by Qwell)
* Fix issue with dialplan pattern matching where the specificity for
pattern ranges and pattern characters was inconsistent.
(Closes issue #16903. Reported, patched by Nick_Lewis)
For a full list of changes in the current release, please see the
ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.14
a feature update, so users that are upgrading should read UPDATE.txt.
pkgsrc changes:
- update to 1.6.2.13
- bury the asterisk-sounds-extra inside this one to keep it in sync
- handle sound tarballs directly (upstream had changed this to do a
download during the install phase and dump files in $HOME)
- add new documentation files:
- asterisk.txt
- building_queues.txt
- database_transactions.txt
- followme.txt
========
1.6.2.13
========
This release resolves an issue where the .version and ChangeLog files were not
updated for 1.6.2.12. Asterisk 1.6.2.13 has no additional changes from 1.6.2.12
other than the .version, ChangeLog and summary files.
For a full list of changes in the current release, please see the
ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.13
========
1.6.2.12
========
The release of Asterisk 1.6.2.12 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following is a sample of the issues resolved in this release:
* Fix issue where DNID does not get cleared on a new call when using
immediate=yes with ISDN signaling.
(Closes issue #17568. Reported by wuwu. Patched by rmudgett)
* Several updates to res_config_ldap.
(Closes issue #13573. Reported by navkumar. Patched by navkumar, bencer.
Tested by suretec)
* Prevent loss of Caller ID information set on local channel after masquerade.
(Closes issue #17138. Reported by kobaz, patched by jpeeler)
* Fix SIP peers memory leak.
(Closes issue #17774. Reported, patched by kkm)
* Add Danish support to say.conf.sample
(Closes issue #17836. Reported, patched by RoadKill)
* Ensure SSRC is changed when media source is changed to resolve audio delay.
(Closes issue #17404. Reported, tested by sdolloff. Patched by jpeeler)
* Only do magic pickup when notifycid is enabled.
A new way of doing BLF pickup was introduced into 1.6.2. This feature adds a
call-id value into the XML of a SIP_NOTIFY message sent to alert a subscriber
that a device is ringing. This option should only be enabled when the new
'notifycid' option is set, but this was not the case. Instead the call-id
value was included for every RINGING Notify message, which caused a
regression for people who used other methods for call pickup.
(Closes issue #17633. Reported, patched by urosh. Patched by dvossel.
Tested by: dvossel, urosh, okrief, alecdavis)
For a full list of changes in the current release, please see the
ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.12
========
1.6.2.11
========
The release of Asterisk 1.6.2.11 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following are a few of the issues resolved by community developers:
* Send DialPlanComplete as a response, not as a separate event. Otherwise, it
goes to all manager sessions and may exclude the current session, if the
Events mask excludes it.
(Closes issue #17504. Reported, patched by rrb3942)
* Allow the "useragent" value to be restored into memory from the realtime
backend. This value is purely informational. It does not alter configuration
at all.
(Closes issue #16029. Reported, patched by Guggemand)
* Fix rt(c)p set debug ip taking wrong argument Also clean up some coding
errors.
(Closes issue #17469. Reported, patched by wdoekes)
* Ensure channel placed in meetme in ringing state is properly hung up. An
outgoing channel placed in meetme while still ringing which was then hung up
would not exit meetme and the channel was not properly destroyed.
(Closes issue #15871. Reported, patched by Ivan)
* Correct how 100, 200, 300, etc. is said. Also add the crazy British numbers.
(Closes issue #16102. Reported, patched by Delvar)
* cdr_pgsql does not detect when a table is found. This change adds an ERROR
message to let you know when a failure exists to get the columns from the
pgsql database, which typically means that the table does not exist.
(Closes issue #17478. Reported, patched by kobaz)
* Avoid crashing when installing a duplicate translation path with a lower
cost.
(Closes issue #17092. Reported, patched by moy)
* Add missing handling for ringing state for use with queue empty options.
(Closes issue #17471. Reported, patched by jazzy)
* Fix reporting estimated queue hold time. Just say the number of seconds
(after minutes) rather than doing some incorrect calculation with respect to
minutes.
(Closes issue #17498. Reported, patched by corruptor)
For a full list of changes in the current release, please see the
ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.11
========
1.6.2.10
========
The release of Asterisk 1.6.2.10 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following are a few of the issues resolved by community developers:
* Allow users to specify a port for DUNDI peers.
(Closes issue #17056. Reported, patched by klaus3000)
* Decrease the module ref count in sip_hangup when SIP_DEFER_BYE_ON_TRANSFER is
set.
(Closes issue #16815. Reported, patched by rain)
* If there is realtime configuration, it does not get re-read on reload unless
the config file also changes.
(Closes issue #16982. Reported, patched by dmitri)
* Send AgentComplete manager event for attended transfers.
(Closes issue #16819. Reported, patched by elbriga)
* Correct manager variable 'EventList' case.
(Closes issue #17520. Reported, patched by kobaz)
In addition, changes to res_timing_pthread that should make it more stable have
also been implemented.
For a full list of changes in the current release, please see the
ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.10
=======
1.6.2.9
=======
The release of Asterisk 1.6.2.9 resolves several issues reported by the
community, and would have not been possible without your participation.
Thank you!
The following are a few of the issues resolved by community developers:
* Fix the PickupChan() application
(Closes issue #16863. Reported, patched by schern. Patched by cjacobsen.
Tested by Graber, cjacobsen, lathama, rickead2000, dvossel)
* Improve logging by displaying line number
(Closes issue #16303. Reported by dant. Patched by pabelanger. Tested by
dant, pabelanger, lmadsen)
* Notify CLI when modules are loaded/unloaded
(Closes issue #17308. Reported, patched by pabelanger. Tested by russell)
* Make the Makefile logic more explicit and move the Snow Leopard logic down to
where it's not executed on non-Darwin systems
(Closes issue #17028. Reported by pabelanger. Patched by seanbright,
tilghman. Tested by pabelanger)
* Manager cookies are not compatible with RFC2109. Make that no longer true.
(Closes issue #17231. Reported, patched by ecarruda)
* With IMAP backend, messages in INBOX were counted twice for MWI
(Closes issue #17135. Reported by edhorton. Patched by ebroad, tilghman)
* Fix possible segfault when logging
(Closes issue #17331. Reported, patched by under. Patched by dvossel)
* Fix memory hogging behavior of app_queue
(Closes issue #17081. Reported by wliegel. Patched by mmichelson)
* Allow type=user SIP endpoints to be loaded properly from realtime
(Closes issue #16021. Reported, patched by Guggemand)
Additionally, the following issue may be of interest:
* Fix transcode_via_sln option with SIP calls and improve PLC usage
(Review: https://reviewboard.asterisk.org/r/622/)
For a full list of changes in the current release, please see the
ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.9
=======
1.6.2.8
=======
The release of Asterisk 1.6.2.8 resolves several issues reported by the
community, and would have not been possible without your participation.
Thank you!
The following are a few of the issues resolved by community developers:
* Enable auto complete for CLI command 'logger set level'.
(Closes issue #17152. Reported, patched by pabelanger)
* Make the mixmonitor thread process audio frames faster.
(Closes issue #17078. Reported, tested by geoff2010. Patched by dhubbard)
* Add missing 'useragent' field to sip-friends.sql file.
(Closes issue #17171. Reported, patched by thehar)
* Add example dialplan for dialing ISN numbers (http://www.freenum.org)
(Closes issue #17058. Reported, patched by pprindeville)
* Fix issue with double "sip:" in header field.
(Closes issue #15847. Reported, patched by ebroad)
* Add ability to generate ASCII documentation from the TeX files by running
'make asterisk.txt'.
(Closes issue #17220. Reported by lmadsen. Tested, patched by pabelanger)
* When StopMonitor() is called, ensure that it will not be restarted by a
channel event.
(Closes issue #16590. Reported, patched by kkm)
* Small error in the T.140 RTP port verbose log.
(Closes issue #16998. Reported, patched by frawd. Tested by russell)
For a full list of changes in the current release, please see the
ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.8
=======
1.6.2.7
=======
The release of Asterisk 1.6.2.7 resolves several issues reported by the
community, and would have not been possible without your participation. Thank
you!
The following are a few of the issues resolved by community developers:
* Fix building CDR and CEL SQLite3 modules.
(Closes issue #17017. Reported by alephlg. Patched by seanbright)
* Resolve crash in SLAtrunk when the specified trunk doesn't exist.
(Reported in #asterisk-dev by philipp64. Patched by seanbright)
* Include an extra newline after "Aliased CLI command" to get back the prompt.
(Issue #16978. Reported by jw-asterisk. Tested, patched by seanbright)
* Prevent segfault if bad magic number is encountered.
(Issue #17037. Reported, patched by alecdavis)
* Update code to reflect that handle_speechset has 4 arguments.
(Closes issue #17093. Reported, patched by gpatri. Tested by pabelanger,
mmichelson)
* Resolve a deadlock in chan_local.
(Closes issue #16840. Reported, patched by bzing2, russell. Tested by bzing2)
For a full list of changes in this releases, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.7
=======
1.6.2.6
=======
The release of Asterisk 1.6.2.6 resolves several issues reported by the
community, and would have not been possible without your participation. Thank
you!
The following are a few of the issues resolved by community developers:
* Make sure to clear red alarm after polarity reversal.
(Closes issue #14163. Reported, patched by jedi98. Tested by mattbrown,
Chainsaw, mikeeccleston)
* Fix problem with duplicate TXREQ packets in chan_iax2
(Closes issue #16904. Reported, patched by rain. Tested by rain, dvossel)
* Fix crash in app_voicemail related to message counting.
(Closes issue #16921. Reported, tested by whardier. Patched by seanbright)
* Overlap receiving: Automatically send CALL PROCEEDING when dialplan starts
(Reported, Patched, and Tested by alecdavis)
* For T.38 reINVITEs treat a 606 the same as a 488.
(Closes issue #16792. Reported, patched by vrban)
* Fix ConfBridge crash when no timing module is loaded.
(Closes issue #16471. Reported, tested by kjotte. Patched, tested by junky)
For a full list of changes in this releases, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.6
=======
1.6.2.5
=======
The Asterisk Development Team has announced security releases for the following
versions of Asterisk:
* 1.6.2.5
The releases of Asterisk 1.6.0.25, 1.6.1.17, and 1.6.2.5 resolve an issue with
invalid parsing of ACL (Access Control List) rules leading to a possible
compromise in security. The issue and resolution are described in the
AST-2010-003 security advisory.
For more information about the details of this vulnerability, please read the
security advisory AST-2010-003, which was released at the same time as this
announcement.
For a full list of changes in the current releases, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.5
Security advisory AST-2010-003 is available at:
http://downloads.asterisk.org/pub/security/AST-2010-003.pdf
=======
1.6.2.4
=======
The Asterisk Development Team has announced security releases for the following
versions of Asterisk:
* 1.6.2.4
The releases of Asterisk 1.2.40, 1.4.29.1, 1.6.0.24, 1.6.1.16, and 1.6.2.4
include documention describing a possible dialplan string injection with common
usage of the ${EXTEN} (and other expansion variables). The issue and resolution
are described in the AST-2010-002 security advisory.
If you have a channel technology which can accept characters other than numbers
and letters (such as SIP) it may be possible to craft an INVITE which sends data
such as 300&Zap/g1/4165551212 which would create an additional outgoing channel
leg that was not originally intended by the dialplan programmer.
Please note that this is not limited to an specific protocol or the Dial()
application.
The expansion of variables into programmatically-interpreted strings is a common
behavior in many script or script-like languages, Asterisk included. The ability
for a variable to directly replace components of a command is a feature, not a
bug - that is the entire point of string expansion.
However, it is often the case due to expediency or design misunderstanding that
a developer will not examine and filter string data from external sources before
passing it into potentially harmful areas of their dialplan.
With the flexibility of the design of Asterisk come these risks if the dialplan
designer is not suitably cautious as to how foreign data is allowed to enter the
system unchecked.
This security release is intended to raise awareness of how it is possible to
insert malicious strings into dialplans, and to advise developers to read the
best practices documents so that they may easily avoid these dangers.
For more information about the details of this vulnerability, please read the
security advisory AST-2010-002, which was released at the same time as this
announcement.
For a full list of changes in the current releases, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.4
Security advisory AST-2010-002 is available at:
http://downloads.asterisk.org/pub/security/AST-2010-002.pdf
The README-SERIOUSLY.bestpractices.txt document is available in the top-level
directory of your Asterisk sources, or available in all Asterisk branches from
1.2 and up.
http://svn.asterisk.org/svn/asterisk/trunk/README-SERIOUSLY.bestpractices.txt
=======
1.6.2.3
=======
Was never released.
=======
1.6.2.2
=======
The Asterisk Development Team has announced security releases for Asterisk as
the following versions:
* 1.6.2.2
The releases of Asterisk 1.6.0.22, 1.6.1.14, and 1.6.2.2 include the fix
described in security advisory AST-2010-001.
The issue is that an attacker attempting to negotiate T.38 over SIP can remotely
crash Asterisk by modifying the FaxMaxDatagram field of the SDP to contain
either a negative or exceptionally large value. The same crash will occur when
the FaxMaxDatagram field is omitted from the SDP, as well.
For more information about the details of this vulnerability, please read the
security advisory AST-2009-009, which was released at the same time as this
announcement.
For a full list of changes in the current releases, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.2
Security advisory AST-2010-001 is available at:
http://downloads.asterisk.org/pub/security/AST-2010-001.pdf
=======
1.6.2.1
=======
The release of Asterisk 1.6.2.1 resolved several issues reported by the
community, and would have not been possible without your participation. Thank
you!
* CLI 'queue show' formatting fix.
(Closes issue #16078. Reported by RoadKill. Tested by dvossel. Patched by
ppyy.)
* Fix misreverting from 177158.
(Closes issue #15725. Reported, Tested by shanermn. Patched by dimas.)
* Fixes subscriptions being lost after 'module reload'.
(Closes issue #16093. Reported by jlaroff. Patched by dvossel.)
* app_queue segfaults if realtime field uniqueid is NULL
(Closes issue #16385. Reported, Tested, Patched by haakon.)
* Fix to Monitor which previously assumed the file to write to did not contain
pathing.
(Closes issue #16377, #16376. Reported by bcnit. Patched by dant.
A summary of changes in this release can be found in the release summary:
http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-1.6.2.1-summary.txt
For a full list of changes in this releases, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.1
=======
1.6.2.0
=======
The release of Asterisk 1.6.2.0 is the first feature release since Asterisk
1.6.1.0, which was released April 27, 2009. Many new features have been included
in this release. For a complete list of changes, please see the CHANGES file.
For those upgrading from a previous release, please see UPGRADE.txt
It should be explicitly stated that Asterisk 1.6.2.0 is a major upgrade over any
previous release, and special care should be taken when upgrading existing
systems. Please see the UPGRADE.txt file for more information, available at:
http://svn.asterisk.org/svn/asterisk/tags/1.6.2.0/UPGRADE.txt
A detailed overview to the new features available in Asterisk 1.6.2.0 are
forthcoming within the next few days. Please watch http://blogs.asterisk.org for
further information!
Below is a summary of several new features available in this release:
* chan_dahdi now supports MFC/R2 signaling when Asterisk is compiled with
support for LibOpenR2. http://www.libopenr2.org/
* Added a new 'faxdetect=yes|no' configuration option to sip.conf. When this
option is enabled, Asterisk will watch for a CNG tone in the incoming audio
for a received call. If it is detected, the channel will jump to the
'fax' extension in the dialplan.
* A new application, Originate, has been introduced, that allows asynchronous
call origination from the dialplan.
* Added ConfBridge dialplan application which does conference bridges without
DAHDI. For information on its use, please see the output of
"core show application ConfBridge" from the CLI.
* extensions.conf now allows you to use keyword "same" to define an extension
without actually specifying an extension. It uses exactly the same pattern
as previously used on the last "exten" line. For example:
exten => 123,1,NoOp(something)
same => n,SomethingElse()
* Asterisk now provides the ability to define custom CLI aliases. For example,
if you would like to define short form aliases for frequently used commands,
such as "sh ch" for "core show channels", that is now possible. See the
cli_aliases.conf configuration file for more information.
* Asterisk now has support for subscribing to the state of remote voice
mailboxes via SIP.
* Asterisk now includes expanded HD codec support. G.722.1 and G.722.1C
(Siren7/Siren14) passthrough, recording, and playback is now supported.
Transcoding will be made available via add-on modules soon for this version of
Asterisk.
This is just a subset of the changes available in this release. Please see the
CHANGES file for additional information, available at:
http://svn.asterisk.org/svn/asterisk/tags/1.6.2.0/CHANGES
A summary of changes in this release can be found in the release summary:
http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-1.6.2.0-summary.txt
For a full list of changes in this releases, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.0
1.53 Thu Apr 01 13:49:00 CET 2010
- ***CHANGED*** default log file position
from /var/log/modem.log to /tmp/modem.log.
Too many failed tests and user reports made me
reconsider my poor default choice.
- Added voice dialing. Just dialing though.
You can't perform real voice calls through Device::Modem (yet :)
Thanks to Marek Jaros.
- Added ';' (voice dialing) and 'p' (pause) as valid values
for dial() number.
1.52 Sun Mar 28 15:50:00 CET 2010
- Added automatic port reconnection in the port() method.
This should improve connection reliability and reduce risk
of "Can't call method XXXXXX on undefined value YYYYYY" errors.
to trigger/signal a rebuild for the transition 5.10.1 -> 5.12.1.
The list of packages is computed by finding all packages which end
up having either of PERL5_USE_PACKLIST, BUILDLINK_API_DEPENDS.perl,
or PERL5_PACKLIST defined in their make setup (tested via
"make show-vars VARNAMES=..."), minus the packages updated after
the perl package update.
sno@ was right after all, obache@ kindly asked and he@ led the
way. Thanks!
* Provide compilation option for GTK+3 as well as GTK+2
* Make program configuration check for _POSIX_CLOCK_SELECTION as
well as _POSIX_MONOTONIC_CLOCK when checking the availability of
monotonic clocks for condition variables (corrects BSD builds)
* Ensure PIPE_BUF is defined in mainwindow.cpp (corrects Hurd build).
* Upgrade internal c++-gtk-utils version to 1.2.3.
Changes 3.2.2:
* Update internal copy of c++-gtk-utils to version 1.2.2 and fix
compilation error with gcc-4.5.0.
* Provide an automatic redial option where the modem is in use or
the recipient of a fax is busy.
* Get GUI to deal with a corner case where sending a fax from the
socket server to an empty number (open connection) is cancelled.
* Provide an error dialog if, on program start-up, a connection to
the dbus session message bus cannot be established.
* Use Cgu::start_timeout_seconds() instead of Cgu::start_timeout()
where glib supports it, and so bump c++-gtk-utils requirement to
version 1.2.1.
The Asterisk releases for 1.6.0.28 and 1.6.1.20 are the last maintenance
releases for Asterisk branches 1.6.0 and 1.6.1 and have now moved to security
maintenance only.
The releases of Asterisk 1.6.0.28 and 1.6.1.20 resolves several issues reported
by the community, and would have not been possible without your participation.
Thank you!
The following are a few of the issues resolved by community developers:
* Fix issue where MixMonitor() recordings would be shorter than total duration
.
(Closes issue #17078. Reported,tested by geoff2010. Patched by dhubbard)
* When StopMonitor() is called, ensure it will not be restarted by a channel
event.
(Closes issue #16590. Reported, patched by kkm)
* Allow hidecalleridname feature to work.
(Closes issue #17143. Reported, patched by djensen99)
* Resolve deadlocks in chan_local.
(Closes issue #17185. Reported, tested by schmoozecom, GameGamer43)
* Ensure channel state is not incorrectly set in the case of a very early
answer by chan_dahdi.
(Closes issue #17067. Reported, patched by tzafrir)
* Registration fix for SIP realtime. Make sure realtime fields are not empty.
(Closes issue #17266. Reported, patched by Nick_Lewis. Tested by sberney)
Information about the Asterisk maintenance schedule is available at:
http://www.asterisk.org/asterisk-versions
For a full list of changes in the current release candidates, please see the
ChangeLogs:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.1.20
bug fix releases. At this point the 1.6.1 series is going to
security fixes only. That means this package will be moving to
the 1.6.2 series in the near future.
-----
1.6.1.18:
The following are a few of the issues resolved by community developers:
* Make sure to clear red alarm after polarity reversal.
(Closes issue #14163. Reported, patched by jedi98. Tested by mattbrown,
Chainsaw, mikeeccleston)
* Fix problem with duplicate TXREQ packets in chan_iax2.
(Closes issue #16904. Reported, patched by rain. Tested by rain, dvossel)
* Update documentation to not imply we support overriding options.
(Closes issue #16855. Reported by davidw)
* Modify queued frames from Local channels to not set the other side to up.
(Closes issue #16816. Reported, tested by jamhed)
* For T.38 reINVITEs treat a 606 the same as a 488.
(Closes issue #16792. Reported, patched by vrban)
For a full list of changes in this releases, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.1.18
-----
1.6.1.19:
The following are a few of the issues resolved by community developers:
* Fix building CDR and CEL SQLite3 modules.
(Closes issue #17017. Reported by alephlg. Patched by seanbright)
* Resolve crash in SLAtrunk when the specified trunk doesn't exist.
(Reported in #asterisk-dev by philipp64. Patched by seanbright)
* Update code to reflect that handle_speechset has 4 arguments.
(Closes issue #17093. Reported, patched by gpatri. Tested by pabelanger,
mmichelson)
* Pass the PID of the Asterisk process, not the PID of the canary.
(Closes issue #17065. Reported by globalnetinc. Patched by makoto. Tested by
frawd, globalnetinc)
* Resolve a deadlock in chan_local.
(Closes issue #16840. Reported, patched by bzing2, russell. Tested by bzing2)
For a full list of changes in this releases, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.1.19
