I am talking to upstream about integrating patches, and about to
package an alpha in wip. This should be viewed as a soft
MAINTAINERship, but please ask me if you want to do anything
signficant to avoid duplicated effort.
1.59 Mon Jun 15 08:17:54 CEST 2020
- Merged pull request #6 from ghciv6/fix_multi_instance_log
fixed log handling with multi instances and typo in close().
Thanks to @ghciv6 !
1.58
- Updated test suite a bit.
- Added the tests to the manifest.
- Got rid of indirect object syntax.
- Moved test.pl to the actual test suite.
- Updated $VERSION declarations according to:
http://www.dagolden.com/index.php/369/version-numbers-should-be-boring/
- Added some extra tests (xt/author, xt/release).
- Fixed some spelling.
Changelog:
Bugs fixed in this release:
-----------------------------------
[ASTERISK-28878] -
chan_pjsip: PJSIP_MEDIA_OFFER Broken asterisk 16
(Reported by Joseph Ades)
[ASTERISK-28965] -
res_pjsip: Apply outbound proxy to static contacts on AOR
(Reported by Joshua C. Colp)
[ASTERISK-28930] -
./configure --without-ssl build failure
(Reported by Jaco Kroon)
[ASTERISK-28886] -
chan_pjsip: PJSIP_SC_NULL does not exist in pjproject 2.7.2
(Reported by Jared Smith)
[ASTERISK-28957] -
chan_sip: chan_sip does not process 400 response to an INVITE.
(Reported by Frederic LE FOLL)
[ASTERISK-28888] -
res_corosync: causes asterisk crash in huge distributed environment.
(Reported by Università di Bologna - CESIA VoIP)
[ASTERISK-28955] -
"setvar" doesn't work properly in dahdi-channels.conf
(Reported by Marin Odrljin)
[ASTERISK-28954] -
StreamEcho() only returns 1 active stream
(Reported by Bill Kervaski)
[ASTERISK-28942] -
res_sorcery_memory_cache: Individual object expiration behaves unexpectedly with full backend caching
(Reported by Joshua C. Colp)
[ASTERISK-28953] -
res_pjsip_session: Preserve stream label
(Reported by Joshua C. Colp)
[ASTERISK-28952] -
Queue wrapuptime sometimes not respected (based on stale lastcall time)
(Reported by Walter Doekes)
[ASTERISK-28950] -
Stale code in app_queue to check untouched channel
(Reported by Walter Doekes)
[ASTERISK-28644] -
Stale comment in app_queue about ring_entry exception
(Reported by Walter Doekes)
[ASTERISK-28948] -
ARI channel create doesn't referencing the channel_id parameter
(Reported by sungtae kim)
[ASTERISK-28938] -
core_unreal / core_local: Add support for multistream and re-negotiation
(Reported by Joshua C. Colp)
[ASTERISK-28939] -
res_rtp_asterisk: Don't have send/receive buffers on non-WebRTC
(Reported by Joshua C. Colp)
[ASTERISK-28944] -
bridge_softmix: Transitioning a stream from inactive -> sendrecv/sendonly doesn't re-negotiation
(Reported by Joshua C. Colp)
[ASTERISK-28923] -
T.38 Segfaults in chan_pjsip_queryoption
(Reported by Yury Kirsanov)
[ASTERISK-28940] -
/channels/create doesn't get any parameters from the body
(Reported by sungtae kim)
[ASTERISK-28936] -
res_pjsip: crash when dialing non-sip uri
(Reported by Walter Doekes)
[ASTERISK-28900] -
res_fax: Double frame free when gateway in use with off-nominal format usage
(Reported by Gregory Massel)
[ASTERISK-28929] -
pjproject_bundled: Honor --without-pjproject.
(Reported by Alexander Traud)
[ASTERISK-28932] -
res_pjsip_logger writing too big packets
(Reported by nappsoft)
[ASTERISK-28921] -
Wrong return value check for fwrite when writing to pcap file
(Reported by nappsoft)
Improvements made in this release:
-----------------------------------
[ASTERISK-28959] -
res_pjsip: Added option for disable rport parameter set
(Reported by sungtae kim)
[ASTERISK-28958] -
Continue reading string when ping received by websocket
(Reported by Nickolay V. Shmyrev)
[ASTERISK-28945] -
AMI SendText - add Content-Type parameter
(Reported by Kevin Harwell)
[ASTERISK-28949] -
res_http_websocket: Add masking to websocket client
(Reported by Moises Silva)
[ASTERISK-28899] -
Upgrade Asterisk to bundled pjproject 2.10
(Reported by Kevin Harwell)
Fix taken from the upstream project's 9.0.305 Alpha.01 release, noted to
be a temporary workaround. (Separately, from how I read the change log,
there has been no stable 9.0 release since 9.0.302.) Tested on Debian
9.13 (which has an older version of glibc which wouldn't reproduce the
issue) and Fedora 31 & 32.
(This issue was reported on pkgsrc-users back in July 2019 by Pierre
Dupond, and I'd provided a workaround for it in that email chain, but
I'd never actually committed anything to pkgsrc.)
Version 2.8
Features
esptool.py image_info now prints a summary of segment memory types (IRAM, DRAM, etc) based on the address range.
esptool.py write_flash will warn if it looks like a bootloader binary is built for ESP32-S2 or another newer chip (support for flashing ESP32-S2 will be added in a future version.)
Bug Fixes
Removed ESP8266 SDK & ESP-IDF dependencies when building the flasher stub binaries. Previously the SDKs were used to include some register address macros, only. This removes any uncertainty about whether the flasher stub binary is a derived work of either SDK. The flasher stub binary itself is the same as the binary in v2.7.
Fixed minor issues running esptool automated tests on macOS.
Minor flake8 fixes including compatibility with newer flake8 versions.
ESP32 Only
Features
Support detection of new ESP32 silicon revisions
New esptool.py elf2image --min-rev X option allows creating a .bin file which only supports a minimum ESP32 silicon revision.
Bugfixes
Fix burning custom MAC with espefuse.py when 3/4 Coding Scheme is set
Changelog:
Bugs fixed in this release:
-----------------------------------
[ASTERISK-28940] -
/channels/create doesn't get any parameters from the body
(Reported by sungtae kim)
[ASTERISK-28932] -
res_pjsip_logger writing too big packets
(Reported by nappsoft)
[ASTERISK-28921] -
Wrong return value check for fwrite when writing to pcap file
(Reported by nappsoft)
[ASTERISK-28794] -
res_pjsip: Crash when escaping during URI printing
(Reported by nappsoft)
[ASTERISK-28884] -
x-ast-orig-host not filtered out from request URI and To header
(Reported by nappsoft)
[ASTERISK-28871] -
res_pjsip_session: Unnecessary re-Invite on call answer
(Reported by Alexei Gradinari)
[ASTERISK-28903] -
res_srtp: Answered Crypto Suite might be wrong in SDP/SDES.
(Reported by Alexander Traud)
[ASTERISK-28898] -
bridge_softmix: Conference bridge not passing silent rtp packets
(Reported by Jonathan Hunter)
[ASTERISK-28892] -
res_musiconhold: Module res_musiconhold throws false warning
(Reported by Nicholas John Koch)
[ASTERISK-28904] -
RTP ICE leaks the memory
(Reported by sungtae kim)
[ASTERISK-26780] -
res_pjsip: PJSIP Registration Fails when transport=transport-udp6
(Reported by Peter Sokolov)
[ASTERISK-28854] -
SIGSEGV when pjsip show history encounters IPV6 address
(Reported by Roger James)
[ASTERISK-28804] -
[patch] app_osplookup.c: Avoid a format truncation.
(Reported by Alexander Traud)
[ASTERISK-28797] -
[patch] tcptls: Fix notice when TLS is enabled but not configured.
(Reported by Alexander Traud)
[ASTERISK-28776] -
Non async-signal-safe syscalls used after fork before exec
(Reported by nappsoft)
[ASTERISK-28870] -
streams: One memory leak and one issue cloning streams
(Reported by George Joseph)
[ASTERISK-28829] -
app_queue: leaking stasis subscription when Redirecting call
(Reported by lvl)
[ASTERISK-25844] -
app_queue: Ghost channels in "core show channels" output
(Reported by Etienne Lessard)
[ASTERISK-22920] -
Crash while Forwarding from TLS extension with CHANNEL args secure_bridge_media and secure_bridge_signaling
(Reported by Shlomi Gutman)
[ASTERISK-28859] -
pjsip: Increase maximum candidate count
(Reported by Joshua C. Colp)
[ASTERISK-28852] -
Unprotected access to nochecksums variable, causes build failures
(Reported by Guido Falsi)
[ASTERISK-28848] -
app_fax: Compile.
(Reported by Alexander Traud)
Improvements made in this release:
-----------------------------------
[ASTERISK-28895] -
res_pjsip_logger: Add tons'o'functionality
(Reported by Joshua C. Colp)
[ASTERISK-28896] -
ari: Add support for specifying variables on channel create
(Reported by Joshua C. Colp)
[ASTERISK-28879] -
pjproject has race conditions in it's build system
(Reported by Guido Falsi)
[ASTERISK-28866] -
third-party/pjproject/configure.m4 contains bashisms
(Reported by Guido Falsi)
[ASTERISK-28853] -
Missing include on FreeBSD
(Reported by Guido Falsi)
[ASTERISK-28832] -
chan_mobile creates PCMA streams that make some VoIP clients crash or not render received audio
(Reported by Peter Turczak)
Changelog:
Version 3.2.15 (3rd June 2020)
--------------
Fix build for gcc-10 (efax/efaxlib.h, efax/efaxlib.c,
efax/Makefile.am, efax/Makefile.in).
Version 3.2.14 (6th March 2020)
--------------
Remove X11 specific code to allow the program to run better
against wayland compositors (acinclude.m4, configure.ac;
dialogs.cpp, helpfile.cpp, logger.cpp, main.cpp, mainwindow.cpp,
prog_defs.h; src/Makefile.am).
Fix label layout in settings dialog (settings.cpp).
Apply SO_REUSEADDR option when constructing sockets
(socket_server.cpp).
Deal with strict aliasing warning (efax/efaxos.c).
These packages are susceptible to bugs when confronted with non-ASCII
characters.
See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=94182.
It takes some time to analyze and fix these individually, therefore they
are only marked as "needs work".
asterisk 14.7.8:
* AST-2018-009: Fix crash processing websocket HTTP Upgrade requests
The HTTP request processing in res_http_websocket allocates additional
space on the stack for various headers received during an Upgrade request.
An attacker could send a specially crafted request that causes this code
to overflow the stack, resulting in a crash.
* No longer allocate memory from the stack in a loop to parse the header
values. NOTE: There is a slight API change when using the passed in
strings as is. We now require the passed in strings to no longer have
leading or trailing whitespace. This isn't a problem as the only callers
have already done this before passing the strings to the affected
function.
asterisk 14.7.7:
* AST-2018-008: Fix enumeration of endpoints from ACL rejected addresses.
When endpoint specific ACL rules block a SIP request they respond with a
403 forbidden. However, if an endpoint is not identified then a 401
unauthorized response is sent. This vulnerability just discloses which
requests hit a defined endpoint. The ACL rules cannot be bypassed to gain
access to the disclosed endpoints.
* Made endpoint specific ACL rules now respond with a 401 unauthorized
which is the same as if an endpoint were not identified. The fix is
accomplished by replacing the found endpoint with the artificial endpoint
which always fails authentication.
asterisk 14.7.6:
* AST-2018-003: Crash with an invalid SDP fmtp attribute
pjproject's fmtp retrieval function failed to catch invalid fmtp attributes.
Because of this Asterisk would crash if given an SDP with an invalid fmtp
attribute.
When retrieving the format this patch now makes sure the fmtp attribute is
available. If not available it now returns an error status.
* AST-2018-002: Crash with an invalid SDP media format description
pjproject's media format parsing algorithm failed to catch invalid values.
Because of this Asterisk would crash if given an SDP with a invalid media
format description.
When parsing the media format description this patch now properly parses the
value and returns an error status if it can't successfully parse/convert the
value.
* AST-2018-005: res_pjsip_transport_management: Move to core
Since res_pjsip_transport_management provides several attack
mitigation features, its functionality moved to res_pjsip and
this module has been removed. This way the features will always
be available if res_pjsip is loaded.
* AST-2018-005: Fix tdata leaks when calling pjsip_endpt_send_response(2)
pjsip_distributor:
authenticate() creates a tdata and uses it to send a challenge or
failure response. When pjsip_endpt_send_response2() succeeds, it
automatically decrements the tdata ref count but when it fails, it
doesn't. Since we weren't checking for a return status, we weren't
decrementing the count ourselves on error and were therefore leaking
tdatas.
res_pjsip_session:
session_reinvite_on_rx_request wasn't decrementing the ref count
if an error happened while sending a 491 response.
pre_session_setup wasn't decrementing the ref count if
while sending an error after a pjsip_inv_verify_request failure.
res_pjsip:
ast_sip_send_response wasn't decrementing the ref count on error.
* AST-2018-005: Add a check for NULL tdata in ast_sip_failover_request
It was discovered that there are some corner cases where a pjsip tsx
might have no last_tx so calling ast_sip_failover_request with
a NULL last_tx as its tdata would cause a crash.
* AST-2018-004: Restrict the number of Accept headers in a SUBSCRIBE.
When receiving a SUBSCRIBE request the Accept headers from it are
stored locally. This operation has a fixed limit of 32 Accept headers
but this limit was not enforced. As a result it was possible for
memory outside of the allocated space to get written to resulting
in a crash.
This change enforces the limit so only 32 Accept headers are
processed.
libsrtp 2.3.0
Major changes in this release are a fuzzer for libsrtp, NSS as optional crypto back end and cmake support for building. For more details and a complete list of changes please see the CHANGES file.
libsrtp 2.2.0
First release in the 2.2 series.
The major change with this release is that the all the code has been reformatted to be consistent and this consistency can be enforced with the include .clang-format file. This resulted in a lot of none functional changes but was considered worth it to simplify maintenance in the future. There are numerous other minor fixes, see the CHANGES file for more details.
libsrtp 2.1.0
First release in the 2.1 series.
libsrtp 2.0.0
Initial libsrtp 2.0 release.
Changelog:
16.10.0:
New Features made in this release:
-----------------------------------
[ASTERISK-6863] -
[patch] allow Asterisk to set high ToS bits as non-root on Linux
(Reported by Matt Addison)
Bugs fixed in this release:
-----------------------------------
[ASTERISK-28852] -
Unprotected access to nochecksums variable, causes build failures
(Reported by Guido Falsi)
[ASTERISK-28846] -
stream: Enforce formats immutability
(Reported by Joshua C. Colp)
[ASTERISK-28847] -
ARI channels cuts the endpoint string over 80 characters
(Reported by sungtae kim)
[ASTERISK-28811] -
Crash occurs when fax session switches from T.38 to audio
(Reported by Alexey Vasilyev)
[ASTERISK-28839] -
Sporadic crashes with Segmentation fault
(Reported by Joeran Vinzens)
[ASTERISK-28835] -
IPv6 addresses in SDP incorrectly formatted
(Reported by Daniel Heckl)
[ASTERISK-28372] -
Asterisk REPLY Wrong Contact header port (TCP)
(Reported by Anton Satskiy)
[ASTERISK-24428] -
Document that Asterisk will use the default SIP ports (5060 for TCP, 5061 for TLS) if the extern option variants aren't used
(Reported by sstream)
[ASTERISK-28838] -
AST_MODULE_INFO requires, MODULEINFO does not mention
(Reported by Alexander Traud)
[ASTERISK-28841] -
app_confbridge: Add support for disabling text messaging for a user
(Reported by Joshua C. Colp)
[ASTERISK-28837] -
pjproject_bundled: Honor --without-pjproject.
(Reported by Alexander Traud)
[ASTERISK-28827] -
res_rtp_asterisk: Loop when receive buffer is flushed by a received packet that is also in receive buffer with NACK
(Reported by nappsoft)
[ASTERISK-27195] -
chan_sip: only sets ToS bits on UDP socket, ignoring TCP and TLS sockets
(Reported by Joshua Roys)
[ASTERISK-28826] -
res_rtp_asterisk: Duplicate seqnos being added to send buffer with NACK
(Reported by nappsoft)
[ASTERISK-28812] -
First DTMF is not get
(Reported by Bernard Merindol)
[ASTERISK-28758] -
pjsip startup errors when using "with-ssl" configure option
(Reported by Patrick Wakano)
[ASTERISK-28824] -
BuildSystem: Search for Python/C API when possibly needed only.
(Reported by Alexander Traud)
[ASTERISK-27717] -
[patch] BuildSystem: In NetBSD, the Python Programming Language is python-2.7.
(Reported by Alexander Traud)
[ASTERISK-28798] -
[patch] chan_sip: TCP/TLS client without server.
(Reported by Alexander Traud)
[ASTERISK-28817] -
chan_pjsip: constant DTMF tone if RTP is not setup yet
(Reported by Kevin Harwell)
[ASTERISK-28819] -
[patch] bridge_softmix_binaural: Show state in menuselect.
(Reported by Alexander Traud)
[ASTERISK-28816] -
[patch] BuildSystem: Remove doc/tex and doc/pdf leftovers.
(Reported by Alexander Traud)
[ASTERISK-28818] -
[patch] BuildSystem: Allow space in path.
(Reported by Alexander Traud)
[ASTERISK-28796] -
func_channel: cannot read fields exten, context, userfield, channame from dialplan
(Reported by Sébastien Duthil)
[ASTERISK-28809] -
[patch] res_rtp_asterisk: Avoid absolute value on unsigned subtraction.
(Reported by Alexander Traud)
[ASTERISK-28803] -
[patch] chan_unistim: Avoid tautological warnings with clang.
(Reported by Alexander Traud)
[ASTERISK-28808] -
[patch] test_stasis: Avoid always true warning with clang.
(Reported by Alexander Traud)
[ASTERISK-28056] -
res_pjsip: Incorrect endpoint status after endpoint synchronization for a specific AOR
(Reported by Jason Hord)
[ASTERISK-28795] -
channel: write to a stream on multi-frame writes
(Reported by Kevin Harwell)
[ASTERISK-28789] -
test_utils: incorrectly printing error 'declined to load'
(Reported by Alexander Traud)
[ASTERISK-28788] -
func_aes: incorrectly printing error 'declined to load'
(Reported by Alexander Traud)
[ASTERISK-28790] -
Crash during conference call using confbridge and video
(Reported by Pascal Cadotte Michaud)
[ASTERISK-16676] -
DAHDIRAS fails to properly initiate pppd unless asterisk is running as root
(Reported by Jaco Kroon)
[ASTERISK-21205] -
[patch] dundi_read_result crash due to negative number
(Reported by Jaco Kroon)
[ASTERISK-28784] -
res_pjsip_sdp_rtp: Only do hold/unhold on first audio stream
(Reported by Joshua C. Colp)
[ASTERISK-28743] -
Asterisk is crashing if the 200 OK with SDP
(Reported by sungtae kim)
[ASTERISK-28783] -
res_pjsip_session: Allow default non-audio streams to have reflected state
(Reported by Joshua C. Colp)
[ASTERISK-28774] -
chan_pjsip's rtptimeout is erroneously triggered during direct-media (native_rtp) bridge
(Reported by Michael Neuhauser)
[ASTERISK-20325] -
Comments in configs/func_odbc.conf.sample are not consistent with examples. Missing examples.
(Reported by Olivier Krief)
[ASTERISK-28780] -
app_mixmonitor: Memory leak due to race condition between AMI MixMonitor and hangup
(Reported by Joshua C. Colp)
[ASTERISK-28773] -
Incorrect Sender SSRC in RTCP when p2p rtp bridge is active
(Reported by Torrey Searle)
[ASTERISK-28769] -
DTLS Handshake Fails to Occur if ice_support is enabled but not used
(Reported by Torrey Searle)
[ASTERISK-28759] -
A non negotiated rtp frame causes call disconnection when there is a SSRC change
(Reported by Paulo Vicentini)
[ASTERISK-26711] -
func_enum: ENUM code wrong case
(Reported by Vitold)
[ASTERISK-23407] -
Fix the FSF address in the headers of lots of pjproject files
(Reported by Jared Smith)
[ASTERISK-19460] -
[patch] Function TXTCIDNAME never actually makes DNS calls and always returns an empty string
(Reported by George Joseph)
Improvements made in this release:
-----------------------------------
[ASTERISK-28853] -
Missing include on FreeBSD
(Reported by Guido Falsi)
[ASTERISK-28813] -
func_volume: Allow decimal numbers as parameter to improve granularity
(Reported by Jean Aunis - Prescom)
[ASTERISK-27946] -
dial (API): Storage of dialed target uses AST_MAX_EXTENSION when it shouldn't
(Reported by Joshua Elson)
[ASTERISK-28782] -
Add support for Content-Disposition header in multi-part INVITES
(Reported by Torrey Searle)
[ASTERISK-28787] -
res_pjsip_session: Decide more intelligently when to add video
(Reported by Joshua C. Colp)
16.9.0:
Bugs fixed in this release:
-----------------------------------
[ASTERISK-28766] -
PJSIP blind transfer not completed after using Proceeding()
(Reported by lvl)
[ASTERISK-28685] -
check_expr2: linking (when hardening) and cross-compiling troubles
(Reported by Sebastian Kemper)
[ASTERISK-28764] -
res_rtp_asterisk: Improve NACK support and seqno handling
(Reported by Joshua C. Colp)
[ASTERISK-28755] -
SIP/Stasis: SIP headers not transmitted in the "variables" field
(Reported by Jean Aunis - Prescom)
[ASTERISK-28754] -
ASTERISK-28738 Causes Audio Issue After Hold
(Reported by Ross Beer)
[ASTERISK-28697] -
res_pjsip: Named ACL does not update on reload if changed
(Reported by Timothy Vanderaerden)
[ASTERISK-28746] -
res_pjsip_outbound_registration keeps retrying the first entry in a SRV record set
(Reported by George Joseph)
[ASTERISK-28716] -
ICE: pjnath shouldn't wait for ICE to complete before allowing sending
(Reported by Benjamin Keith Ford)
[ASTERISK-28738] -
Incorrect state machine used when MOH_PASSTHRU is used
(Reported by Torrey Searle)
[ASTERISK-28742] -
res_rtp_asterisk: static for audio due to incomplete dtls/srtp setup
(Reported by Kevin Harwell)
[ASTERISK-28735] -
Realtime MoH Unknown format '' -- defaulting to SLIN
(Reported by Ross Beer)
[ASTERISK-28730] -
res_pjsip_session: Fix out of order session refreshes
(Reported by Joshua C. Colp)
[ASTERISK-28718] -
chan_sip: Returns 403 if RTP ports are depleted, should return 503
(Reported by Walter Doekes)
[ASTERISK-28719] -
Cannot remove defaultrule from queue using realtime queues
(Reported by EDV O-TON)
[ASTERISK-28713] -
res_stasis_playback: Error building JSON
(Reported by Sébastien Duthil)
[ASTERISK-28714] -
REGRESSION: Feature subscription_persistence_recreate (ASTERISK-27759) Causes Segfaults
(Reported by Ross Beer)
[ASTERISK-26082] -
res_pjsip_messaging: MessageSend Content-Type can't be changed
(Reported by Alex)
[ASTERISK-28423] -
ARI causes STASIS Deadlock
(Reported by Ross Beer)
[ASTERISK-28679] -
stasis application is destroyed after its creation
(Reported by Francois Blackburn)
[ASTERISK-25421] -
PJSIP. MESSAGE_SEND_STATUS set to SUCCESS in spite of the error when sending
(Reported by Dmitriy Serov)
[ASTERISK-28686] -
chan_sip strictrtp=yes fails when media source is changed: no audio
(Reported by Walter Doekes)
[ASTERISK-28139] -
RTP Stream Incorrect Payload Type Causes Asterisk To Drop Calls
(Reported by Paul Brooks)
[ASTERISK-26955] -
pjsip: SIP Packets with Via "received=" Containing IPv6 Address Delimited by "[]" Rejected
(Reported by Peter Sokolov)
Improvements made in this release:
-----------------------------------
[ASTERISK-28750] -
TLS/SSL Key too small error
(Reported by Martin Zeh)
[ASTERISK-28733] -
stream: Add support for adding/removing streams during SFU/calls
(Reported by Joshua C. Colp)
[ASTERISK-24798] -
Documentation - Clarify That Format Is Set By File Name Extension In MixMonitor
(Reported by xrobau)
[ASTERISK-28726] -
install_prereq script uses the interactive mode when installing aptitude
(Reported by Sylvain Afchain)
16.8.0:
New Features made in this release:
-----------------------------------
[ASTERISK-17491] -
CURLOPT() needs a "followlocation" parameter / "maxredirs" doesn't do anything
(Reported by candrews)
[ASTERISK-28639] -
res_pjsip_endpoint_identifier_ip: Add ability to match on source port
(Reported by Sean Bright)
Bugs fixed in this release:
-----------------------------------
[ASTERISK-28679] -
stasis application is destroyed after its creation
(Reported by Francois Blackburn)
[ASTERISK-28423] -
ARI causes STASIS Deadlock
(Reported by Ross Beer)
[ASTERISK-28714] -
REGRESSION: Feature subscription_persistence_recreate (ASTERISK-27759) Causes Segfaults
(Reported by Ross Beer)
[ASTERISK-28677] -
CDR billsec is always 0 for transferred calls
(Reported by Maciej Michno)
[ASTERISK-28702] -
chan_dahdi: holding a channel via flash to dialtone times out after 0:16:40
(Reported by Andrew Siplas)
[ASTERISK-28706] -
silk 24hHz doesn't show up in 'core show translation' output
(Reported by Sean Bright)
[ASTERISK-24484] -
Update documentation for statsd module - usage requirements unclear
(Reported by Dan Jenkins)
[ASTERISK-28695] -
core: minmemfree watermark uses free RAM, not available RAM
(Reported by Kevin Flyn)
[ASTERISK-28693] -
chan_sip: SIP MESSAGE beginning with a whitespace appears empty in the dialplan
(Reported by Frank Matano)
[ASTERISK-23739] -
[patch]Segfault forwarding voicemail with ODBC storage enabled and realtime voicemail_data is used
(Reported by Stas Kobzar)
[ASTERISK-27622] -
empty voicemail.conf required for ARA (realtime) voicemail to leave message
(Reported by Jim Van Meggelen)
[ASTERISK-28349] -
Pause reason not reported in QueueMember AMI event
(Reported by Niksa Baldun)
[ASTERISK-21794] -
CLI command 'realtime update2' syntax failure when using according to usage help
(Reported by Cedric BASSAGET)
[ASTERISK-25429] -
res_pjsip_endpoint_identifier_ip: Document support for hostnames
(Reported by Joshua C. Colp)
[ASTERISK-27775] -
res_pjsip_notify: Multiple Event headers can be present instead of just one
(Reported by AvayaXAsterisk)
[ASTERISK-28682] -
app_record: Lack of `beep` audio file causes application to return error and hangup
(Reported by Corey Farrell)
[ASTERISK-28507] -
Wiki docs missing for MessageWaiting
(Reported by David M. Lee)
[ASTERISK-27759] -
res_pjsip_pubsub: Subscription persistence does not preserve XML version number
(Reported by Bryan Nelson)
[ASTERISK-28605] -
chan_dahdi: Deadlock in Hangup Scenarios with concurrent command pri show span X
(Reported by Dirk Wendland)
[ASTERISK-28633] -
stasis bridge topic leak
(Reported by Joeran Vinzens)
[ASTERISK-28492] -
pjsip reload not reloading wizard endpoint/pickup_group endpoint/call_group
(Reported by Jean-Denis Girard)
[ASTERISK-28562] -
SIP WSS message not processed until next frame arrives
(Reported by Robert Sutton)
[ASTERISK-27243] -
contrib: valgrind.supp doesn't suppress what it's supposed to due to invalid syntax
(Reported by Richard Kenner)
[ASTERISK-28497] -
func_odbc: truncating Unicode string on readsql
(Reported by Boris P. Korzun)
[ASTERISK-28647] -
chan_sip: RTP frames not transmitted after emitting a COLP
(Reported by Jean Aunis - Prescom)
[ASTERISK-28667] -
Asterisk ignores parsing of config files if a Byte order mark is present
(Reported by Robin Leffmann)
[ASTERISK-28664] -
"trustrpid" is misspelled in sip_to_pjsip.py
(Reported by Pascal Cadotte Michaud)
[ASTERISK-28604] -
app_meetme, chan_ooh323 and cdr_mysql don't build on 17.0.0
(Reported by George Joseph)
[ASTERISK-28659] -
res_pjsip_sdp_rtp: Bundle includes non-existent media stream if codecs create additional streams and offer does not have them
(Reported by nappsoft)
[ASTERISK-28660] -
res_fax: wrap Asterisk initiated negotiation with config option
(Reported by Kevin Harwell)
[ASTERISK-28636] -
app_chanisavail+cdr: ChanIsAvail sometimes fails to deactivate CDR.
(Reported by Frederic LE FOLL)
[ASTERISK-28626] -
Missing arguments in PJSIP_CONTACT function documentation
(Reported by Pascal Cadotte Michaud)
[ASTERISK-28609] -
Memory Leak in res_rtp_asterisk.c
(Reported by Ted G)
[ASTERISK-28651] -
chan_sip logs errors on tx to non-existent TCP connections
(Reported by Jaco Kroon)
[ASTERISK-28502] -
chan_pjsip incorrectly re-writes REGISTER 200 Response Contact
(Reported by Ross Beer)
[ASTERISK-28625] -
Playback of local files impacted by large media cache
(Reported by Kevin Reeves)
Improvements made in this release:
-----------------------------------
[ASTERISK-28710] -
Should be able to disable the /httpstatus URI in the built-in HTTP server
(Reported by Sean Bright)
[ASTERISK-28638] -
Simplify dialplan for Dial, Page, and ChanIsAvail
(Reported by cmaj)
[ASTERISK-28673] -
GET FULL VARIABLE documentation clarification
(Reported by Jonathan Harris)
[ASTERISK-28658] -
app_confbridge: Add support for setting maximum sample rate
(Reported by Joshua C. Colp)
Parts are inspired by the FreeBSD port.
I could not easily find a telnetd with SSL support so I did not really test it.
Without SSL/TLS, it disconnects from NetBSD's telnetd if telnetd is run
with "-a valid" ("Authentication failed: No authentication method
available"); but "telnetd -a none" works.
The remserial program acts as a communications bridge between a
TCP/IP network port and a Linux device such as a serial port. Any
character-oriented Linux /dev device will work.
The program can also use pseudo-ttys as the device. A pseudo-tty
is like a serial port in that it has a /dev entry that can be opened
by a program that expects a serial port device, except that instead
of belonging to a physical serial device, the data can be intercepted
by another program. The remserial program uses this to connect a
network port to the "master" (programming) side of the pseudo-tty
allowing the device driver (slave) side to be used by some program
expecting a serial port. See example 3 below for details.
The program can operate as a server accepting network connections
from other machines, or as a client, connecting to remote machine
that is running the remserial program or some other program that
accepts a raw network connection. The network connection passes
data as-is, there is no control protocol over the network socket.
Multiple copies of the program can run on the same computer at the
same time assuming each is using a different network port and
device.
pkglint -r --network --only "migrate"
As a side-effect of migrating the homepages, pkglint also fixed a few
indentations in unrelated lines. These and the new homepages have been
checked manually.
pkglint --only "https instead of http" -r -F
With manual adjustments afterwards since pkglint 19.4.4 fixed a few
indentations in unrelated lines.
This mainly affects projects hosted at SourceForce, as well as
freedesktop.org, CTAN and GNU.
pkglint --only "https instead of http" -r -F
With manual adjustments afterwards since pkglint 19.4.4 fixed a few
indentations in unrelated lines.
This mainly affects projects hosted at SourceForce, as well as
freedesktop.org, CTAN and GNU.
Changes:
1.41.0
------
[-] * Documentation improvements.
[-] * Updated MySQL script to be compatible with current server versions.
[-] * Fixed SMSD operation on phones with more SMS folders.
[-] * Fixed off by one in Python example script.
[-] * Fixed PostgreSQL compilation on openSUSE.
[-] * Several compatibility fixes with recent compilers.
[-] * Improved USSD support.
[-] * Localization updates.
Changelog:
16.7.0
Security bugs fixed in this release:
-----------------------------------
[ASTERISK-28589] - chan_sip: Depending on configuration an INVITE can alter Addr of a peer (Reported by Andrey V. T.)
[ASTERISK-28580] - Bypass SYSTEM write permission in manager action allows system commands execution (Reported by Eliel Sardañons)
Improvements made in this release:
-----------------------------------
[ASTERISK-28602] - res_pjsip_outbound_registration: Maximum retries reached (Reported by Daniel)
[ASTERISK-28586] - Typo in README-SERIOUSLY.bestpractices.md (Reported by Sam Banks)
[ASTERISK-22192] - [patch] Allow voicemail forwards with ODBC backend when format differs from attachfmt column (Reported by cmaj)
[ASTERISK-28567] - Problem with ASTERISK-20207: Asterisk should clear out any .lock files in the voice mail directory on startup. (Reported by Michael)
[ASTERISK-28542] - [patch] add the ability for asterisk to generate on-hold re-invites (Reported by Torrey Searle)
[ASTERISK-28512] - Add pass-through support for H.265 (HEVC) codec (Reported by Florian Floimair)
Bugs fixed in this release:
-----------------------------------
[ASTERISK-28609] - Memory Leak in res_rtp_asterisk.c (Reported by Ted G)
[ASTERISK-28604] - app_meetme, chan_ooh323 and cdr_mysql don't build on 17.0.0 (Reported by George Joseph)
[ASTERISK-28659] - res_pjsip_sdp_rtp: Bundle includes non-existent media stream if codecs create additional streams and offer does not have them (Reported by nappsoft)
[ASTERISK-28641] - res_pjsip Segfaults when realtime configuration to an AOR points to a not existent AOR (Reported by Ross Beer)
[ASTERISK-28644] - Stale comment in app_queue about ring_entry exception (Reported by Walter Doekes)
[ASTERISK-28445] - res_pjsip_session: ast_json_vpack: Invalid UTF-8 string on hangup when TEST_FRAMEWORK enabled (Reported by Bernhard Schmidt)
[ASTERISK-28637] - chan_sip+native_bridge_rtp: directmedia compatibility check failure when negociated ptime is not default ptime. (Reported by Frederic LE FOLL)
[ASTERISK-28631] - res_parking: Doesn't park when parkee and parker are the same (Reported by Ross Beer)
[ASTERISK-28621] - Enforce T.38 error correction mode at 200 ok received (Reported by Salah Ahmed)
[ASTERISK-28624] - res_pjsip_outbound_registration: add SRV failover (Reported by Kevin Harwell)
[ASTERISK-28608] - app_amd: Use time calculation to calculate timeout (Reported by Michael Cargile)
[ASTERISK-28615] - chan_dahdi: PRI span status may stay "Down, Active" after a short alarm (Reported by Frederic LE FOLL)
[ASTERISK-28576] - res_rtp_asterisk: ICE Completion Crash when sent packet length doesn't match (Reported by Joshua Elson)
[ASTERISK-26481] - FILE function grabs garbage along with read data when target line has no newline (Reported by Jonathan Harris)
[ASTERISK-28618] - bridge_softmix: hold not cleared when joining a softmix bridge (Reported by Kevin Harwell)
[ASTERISK-28616] - parking: Deadlock when multi call parking (Reported by Joshua C. Colp)
[ASTERISK-28423] - ARI causes STASIS Deadlock (Reported by Ross Beer)
[ASTERISK-28572] - Memory leaks in res_calendar_exchange and res_calendar_icalendar (Reported by Yoooooo Ha)
[ASTERISK-28585] - ari/resource_events: Crash in event session cleanup (Reported by Kevin Harwell)
[ASTERISK-28590] - utils.c throws repeated warnings; "pthread_attr_setstacksize: Invalid argument" (Reported by Speed Dial Dave)
[ASTERISK-28578] - race condition on pjsip channelstats command (Reported by Salah Ahmed)
[ASTERISK-28571] - cdr_pgsql: accesses obsolete (and finally removed) column (Reported by Christoph Moench-Tegeder)
[ASTERISK-28575] - MWI Send Notify Crash on 16.6 (Reported by Joshua Elson)
[ASTERISK-28574] - pjproject fails to build on 16.6.0, works on 16.5 (Reported by Niklas Larsson)
[ASTERISK-28561] - Asterisk Deadlocks (Reported by Aheliotech)
[ASTERISK-28552] - res_pjsip_mwi: Frack during unload on unsolicited_mwi container (Reported by Kevin Harwell)
[ASTERISK-28566] - CDR backend unload problem during active call(s) (Reported by Marian Piater)
[ASTERISK-28553] - stasis.c: Crash during unload (Reported by Kevin Harwell)
[ASTERISK-28086] - chan_pjsip: Crash when initiating PlayDTMF over AMI (Reported by Jeremiah Gadd)
[ASTERISK-28544] - Wrong contact representation in ipv6 mode (Reported by Jørgen H)
[ASTERISK-28534] - Segmentation fault when there is no priority for an extension (Reported by Timothy Vanderaerden)
[ASTERISK-28463] - res_pjsip_path: Crash when invalid contact is configured (Reported by Juan Martin)
[ASTERISK-28521] - pjsip: Memory Leak (Reported by Mark)
[ASTERISK-28523] - Asterisk 16.5.0 Memory leak (Reported by Cyril Ramière)
[ASTERISK-28538] - chan_pjsip: Deadlock on fax detection (Reported by Joshua C. Colp)
[ASTERISK-28536] - Asterisk release candidates fail to build on FreeBSD (Reported by Guido Falsi)
[ASTERISK-23756] - setvar directive when used in template and a child of said template, results in duplicate variable names (Reported by Michael Goryainov)
New Features made in this release:
-----------------------------------
[ASTERISK-28614] - app_senddtmf: Allow "receiving" DTMF with PlayDTMF instead of only "sending" (Reported by lvl)
[ASTERISK-28613] - func_curl: CURLOPT cannot set Content-Type header (Reported by Martin Tomec)
[ASTERISK-28553] - stasis.c: Crash during unload (Reported by Kevin Harwell)
[ASTERISK-28086] - chan_pjsip: Crash when initiating PlayDTMF over AMI (Reported by Jeremiah Gadd)
[ASTERISK-28544] - Wrong contact representation in ipv6 mode (Reported by Jørgen H)
[ASTERISK-28534] - Segmentation fault when there is no priority for an extension (Reported by Timothy Vanderaerden)
[ASTERISK-28463] - res_pjsip_path: Crash when invalid contact is configured (Reported by Juan Martin)
[ASTERISK-28521] - pjsip: Memory Leak (Reported by Mark)
[ASTERISK-28523] - Asterisk 16.5.0 Memory leak (Reported by Cyril Ramière)
[ASTERISK-28538] - chan_pjsip: Deadlock on fax detection (Reported by Joshua C. Colp)
[ASTERISK-28536] - Asterisk release candidates fail to build on FreeBSD (Reported by Guido Falsi)
[ASTERISK-23756] - setvar directive when used in template and a child of said template, results in duplicate variable names (Reported by Michael Goryainov)
New Features made in this release:
-----------------------------------
[ASTERISK-28614] - app_senddtmf: Allow "receiving" DTMF with PlayDTMF instead of only "sending" (Reported by lvl)
[ASTERISK-28613] - func_curl: CURLOPT cannot set Content-Type header (Reported by Martin Tomec)
[ASTERISK-28533] - func_jitterbuffer: Add support for video synchronization (Reported by Joshua C. Colp)
16.6.0
Security bugs fixed in this release:
-----------------------------------
[ASTERISK-28495] - res_pjsip_t38: 200 OK with SDP answer with declined stream causes crash (Reported by Alexei Gradinari)
Bugs fixed in this release:
-----------------------------------
[ASTERISK-28521] - pjsip: Memory Leak (Reported by Mark)
[ASTERISK-28523] - Asterisk 16.5.0 Memory leak (Reported by Cyril Ramière)
[ASTERISK-28538] - chan_pjsip: Deadlock on fax detection (Reported by Joshua C. Colp)
[ASTERISK-28536] - Asterisk release candidates fail to build on FreeBSD (Reported by Guido Falsi)
[ASTERISK-28511] - codec_resample: Bad sound quality when up sampling from SLIN16 to SLIN32 (Reported by Ruddy G)
[ASTERISK-28525] - chan_dahdi: set CHANNEL(hangupsource) when a PRI channel hangs up (Reported by Frederic LE FOLL)
[ASTERISK-28527] - ChanIsAvail() creates a CDR if unanswered=yes is set in cdr.conf (Reported by Frederic LE FOLL)
[ASTERISK-28499] - translate: Crash when frame does not have a "src" field set (Reported by Gregory Massel)
[ASTERISK-25592] - chan_unistim: Clang Warning: variable sized type not at end of a struct (Reported by Alexander Traud)
[ASTERISK-28488] - pjsip mwi: n+1 sip notify's sent on re-register (Reported by Chris Savinovich)
[ASTERISK-28509] - PJSIP cnonce generated on Linux contains 36 characters, NEC only supports up to 32 characters (Reported by Dan Cropp)
[ASTERISK-28505] - app_voicemail/IMAP: segfault in leave_voicemail because not checking mailstream (Reported by Alexei Gradinari)
[ASTERISK-28487] - compile menuselect on gentoo (Reported by Kilburn)
[ASTERISK-28472] - Asterisk occasionally passes a NULL as srtp->session to srtp_protect/unprotect causing SEGV (Reported by Jonas Swiatek)
[ASTERISK-28498] - cel / cdr: Event times may be incorrect (Reported by Joshua C. Colp)
[ASTERISK-28480] - json integer overflow in ssrc and timestamp (Reported by Salah Ahmed)
[ASTERISK-28228] - res_pjsip: pjsip show contacts prints double entries (Reported by Ian Jones)
[ASTERISK-28483] - packet lost on UDPTL wrap around (Reported by Torrey Searle)
[ASTERISK-28477] - Crash when not specifying "dbfile" in res_config_sqlite3.conf (Reported by Dennis)
[ASTERISK-28478] - Crash performing "core reload" with modified res_config_sqlite3.conf (Reported by Dennis)
[ASTERISK-26968] - chan_pjsip: Transfer() does not result in TRANSFERSTATUS reflecting SIP response to transfer (Reported by Dan Cropp)
[ASTERISK-28282] - AST_SCHED_REPLACE_UNREF causes wait-on-self deadlocks (in chan_sip) (Reported by Walter Doekes)
New Features made in this release:
-----------------------------------
[ASTERISK-17808] - [patch] Unregister a realtime moh class (Reported by Byron Clark)
[ASTERISK-28489] - Channel variable SIPFROMDOMAIN for chan_pjsip to setup From header URI domain (Reported by Stas Kobzar)
AUTOFIX: Makefile:290: Replacing "${PKGSRC_COMPILER} == \"clang\"" with "${PKGSRC_COMPILER:Mclang}".
The PKGSRC_COMPILER can be a list of chained compilers, e.g. "ccache
distcc clang". Therefore, comparing it using == or != leads to wrong
results in these cases.
Qodem is a from-scratch clone implementation of the Qmodem
communications program made popular in the days when Bulletin Board
Systems ruled the night. Qodem emulates the dialing directory and the
terminal screen features of Qmodem over both modem and Internet
connections.
OK kamil@
Asterisk is a complete PBX in software. It provides all of the
features you would expect from a PBX and more. Asterisk does voice
over IP in three protocols, and can interoperate with almost all
standards-based telephony equipment using relatively inexpensive
hardware.
Asterisk provides Voicemail services with Directory, Call Conferencing,
Interactive Voice Response, Call Queuing. It has support for
three-way calling, caller ID services, ADSI, SIP and H.323 (as both
client and gateway).
From the website:
2009-06-22 15:13:28 Version .30 released. FOP2 is born.
I have just released FOP 0.30, this version works reasonably well with
Asterisk 1.6. There are no new features. It is a maintenance and
compatiblity release.
I would also like to inform you that FOP2 is born. It is the next
generation FOP. A complete rewrite focused on the user and taking into
account all what I learned throughout the years.
Please visit http://www.fop2.com to read more about it.
FOP1 will not be discontinued. I will keep mantaining it but I won't be
adding any new features. I will fix bugs and make it work with future
asterisk releases.
Pkgsrc changes:
* Adapt to re-location to github
* Fix patching of the conserver.cf man page
* Adapt to README -> README.md change
* Enable LICENSE setting (even though there's more to it, see comment)
Upstream changes:
version 8.2.4 (March 26, 2019):
- Correct man page typo (Ed Maste <emaste@freebsd.org>)
- Remove autotools generated files from repo and create with release
- Better integration of Cirrus CI - FreeBSD, Linux, and MacOS
- Moving README to markdown
- Fix#12 - Remote infomation flags (i.e. "-x") cannot be filtered by console
- Fix#8 - defaultaccess appears broken
- Rename configure.in and use autoreconf
- Better use of version.h and letting configure build things with versions
version 8.2.3 (March 17, 2019):
- Correct 'impi' typo (Ed Maste <emaste@freebsd.org>)
- Correct argument type passed to time() (Ed Maste <emaste@freebsd.org>)
- Fix compilation without deprecated OpenSSL APIs
(Rosen Penev <rosenp@gmail.com>)
- Fix compilation without deprecated OpenSSL 1.1 APIs
(Rosen Penev <rosenp@gmail.com>)
- Fix#6 - clang "-Wstring-plus-int" warning
(Bryan Stansell <bryan@conserver.com>)
- configure.in: Add test for closefrom (Ed Maste <emaste@freebsd.org>)
- regenerate autoconf files (Ed Maste <emaste@freebsd.org>)
- Use closefrom if available (Ed Maste <emaste@freebsd.org>)
- Correct typo (Ed Maste <emaste@freebsd.org>)
- Add Cirrus-CI FreeBSD CI build config (Ed Maste <emaste@freebsd.org>)
- off by one found by Ed Maste (Bryan Stansell <bryan@conserver.com>)
version 8.2.2 (May 28, 2018):
- fixes for OpenSSL 1.1+ - patch by Eneas U de Queiroz
<cote2004-github@yahoo.com>
- adjustments to documentation after move to github
- removal of old RCS/CVS tags since we have git
wrong size, and the linker complained about ckcpro's 'dest' (which
was int vs long.)
i bumped the package version since it actually fixes real bugs on
big endian 64 bit platforms, and maybe bugs on other 64 bit.
Changes:
1.40.0
------
[+] * Added SMSD configuration option RetryTimeout.
[-] * Removed non configurable sleep after failed message send.
[+] * SMSD now tries to store whole decoded text for concatenated
messages in the first entry in database.
[-] * Improved compatibility with Sierra SL8084TR.
[+] * Added support for delivery reports stored in SR memory.
[+] * Configure CNMI parameters for AT driver.
0.4.0:
Fix2: reset LIGHT_EX colors with RESET_ALL.
Fix: ignore invalid "erase" ANSI codes.
Fix stream wrapping under PyCharm.
Added contextlib magic methods to ansitowin32.StreamWrapper.
Fix: don't cache stdio handles, since they might be closed/changed by fd redirection. This fixes an issue with pytest.
Drop support for EOL Python 2.5, 2.6, 3.1, 3.2 and 3.3, and add 3.6.
AST-2017-005, AST-2017-006, and AST-2017-008. There was no release
announcement as only security patches were issued. I just found
this update while looking to see what updates I was missing for
more recent versions of Asterisk. The Asterisk 11.x series was
declared end-of-life on Oct. 25th, 2017, so there will not be any
more updates to this package (other then PKGREVISION bumps for
dependencies) before it gets deleted. There is a reasonable chance
that there are unpatched vulnerabilities in this package. Anybody
still using it should upgrade a newer version as soon as possibble.
----- AST-2017-2005 -----
Description The "strictrtp" option in rtp.conf enables a feature of the
RTP stack that learns the source address of media for a
session and drops any packets that do not originate from
the expected address. This option is enabled by default in
Asterisk 11 and above.
The "nat" and "rtp_symmetric" options for chan_sip and
chan_pjsip respectively enable symmetric RTP support in the
RTP stack. This uses the source address of incoming media
as the target address of any sent media. This option is not
enabled by default but is commonly enabled to handle
devices behind NAT.
A change was made to the strict RTP support in the RTP
stack to better tolerate late media when a reinvite occurs.
When combined with the symmetric RTP support this
introduced an avenue where media could be hijacked. Instead
of only learning a new address when expected the new code
allowed a new source address to be learned at all times.
If a flood of RTP traffic was received the strict RTP
support would allow the new address to provide media and
with symmetric RTP enabled outgoing traffic would be sent
to this new address, allowing the media to be hijacked.
Provided the attacker continued to send traffic they would
continue to receive traffic as well.
Resolution The RTP stack will now only learn a new source address if it
has been told to expect the address to change. The RTCP
support has now also been updated to drop RTCP reports that
are not regarding the RTP session currently in progress. The
strict RTP learning progress has also been improved to guard
against a flood of RTP packets attempting to take over the
media stream.
----- AST-2017-006 -----
Description The app_minivm module has an "externnotify" program
configuration option that is executed by the MinivmNotify
dialplan application. The application uses the caller-id
name and number as part of a built string passed to the OS
shell for interpretation and execution. Since the caller-id
name and number can come from an untrusted source, a
crafted caller-id name or number allows an arbitrary shell
command injection.
Resolution Patched Asterisk's app_minivm module to use a different
system call that passes argument strings in an array instead
of having the OS shell determine the application parameter
boundaries.
----- AST-2017-008 -----
Description This is a follow up advisory to AST-2017-005.
Insufficient RTCP packet validation could allow reading
stale buffer contents and when combined with the "nat" and
"symmetric_rtp" options allow redirecting where Asterisk
sends the next RTCP report.
The RTP stream qualification to learn the source address of
media always accepted the first RTP packet as the new
source and allowed what AST-2017-005 was mitigating. The
intent was to qualify a series of packets before accepting
the new source address.
Resolution The RTP/RTCP stack will now validate RTCP packets before
processing them. Packets failing validation are discarded.
RTP stream qualification now requires the intended series of
packets from the same address without seeing packets from a
different source address to accept a new source address.
Asterisk is a complete PBX in software. It provides all of the
features you would expect from a PBX and more. Asterisk does voice
over IP in three protocols, and can interoperate with almost all
standards-based telephony equipment using relatively inexpensive
hardware.
Asterisk provides Voicemail services with Directory, Call Conferencing,
Interactive Voice Response, Call Queuing. It has support for
three-way calling, caller ID services, ADSI, SIP and H.323 (as both
client and gateway).
This is a standard version. It is scheduled to go to security
fixes only on October 3th, 2018, and EOL on October 3th, 2019.
See here for more information about Asterisk versions:
https://wiki.asterisk.org/wiki/display/AST/Asterisk+Versions
pkgsrc-users@ a few weeks ago. This package is ancient and has
been EOL for a couple of years. It likely has numerous security
issues. Also, the PKGNAME will conflict with the upcoming Asterisk
18.* in a couple of years times. There were no objections.
Performing substitutions during post-patch breaks tools such as mkpatches,
making it very difficult to regenerate correct patches after making changes,
and often leading to substituted string replacements being committed.
pkgsrc changes:
- Indent a DEPENDS (suggested by `pkglint -Wall')
Changes:
1.39.0
------
* Fixed answering call in AT module.
* Improved support for Huawei E392 and E3131.
* Fixed compatibility of binaries with Windows XP and 2003.
* Improved support for ZTE MF667.
* Updated list of GSM networks and countries.
This switch is meant to be used by packages requiring an implementation of the
former libusb (as in devel/libusb). The original implementation can be
chosen by setting LIBUSB_TYPE to "native".
The alternative implementation libusb-compat (as in devel/libusb-compat) wraps
libusb1 (in devel/libusb1). This implementation can be chosen by setting
LIBUSB_TYPE to "compat". On NetBSD, it has the advantage of not requiring root
privileges to locate and use USB devices without a kernel driver.
This second part switches packages using libusb to this framework. It does not
change compilation options or dependencies at this point.
Compile-tested on most packages affected and available on NetBSD/amd64.
it fixes AST-2017-005, AST-2017-006, AST-2017-006, AST-2017-008,
AST-2017-009, AST-2017-010, AST-2017-011, AST-2017-012, AST-2017-013,
and AST-2017-014. Note that several of these are related to PJSIP
which pkgsrc doesn't use.
----- 14.7.5 -----
The Asterisk Development Team would like to announce security
releases for Asterisk 13, 14 and 15, and Certified Asterisk 13.18.
The available releases are released as versions 13.18.5, 14.7.5,
15.1.5 and 13.18-cert2.
The following security vulnerabilities were resolved in these versions:
* AST-2017-014: Crash in PJSIP resource when missing a contact header
A select set of SIP messages create a dialog in Asterisk. Those SIP messages
must contain a contact header. For those messages, if the header was not
present and using the PJSIP channel driver, it would cause Asterisk to crash.
The severity of this vulnerability is somewhat mitigated if authentication is
enabled. If authentication is enabled a user would have to first be authorized
before reaching the crash point.
For a full list of changes in the current releases, please see the ChangeLogs:
https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-14.7.5
The security advisory is available at:
https://downloads.asterisk.org/pub/security/AST-2017-014.pdf
Thank you for your continued support of Asterisk!
----- 14.7.4 -----
The Asterisk Development Team has announced security releases for
Certified Asterisk 13.13 and Asterisk 13, 14 and 15. The available
security releases are released as versions 13.13-cert9, 13.18.4,
14.7.4 and 15.1.4.
The release of these versions resolves the following security
vulnerabilities:
* AST-2017-012: Remote Crash Vulnerability in RTCP Stack
If a compound RTCP packet is received containing more than
one report (for example a Receiver Report and a Sender
Report) the RTCP stack will incorrectly store report
information outside of allocated memory potentially causing
a crash.
For a full list of changes in the current releases, please see the
ChangeLogs:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-14.7.4
The security advisories are available at:
http://downloads.asterisk.org/pub/security/AST-2017-012.htmlhttp://downloads.asterisk.org/pub/security/AST-2017-012.pdf
Thank you for your continued support of Asterisk!
----- 14.7.3 -----
The Asterisk Development Team has announced security releases for
Certified Asterisk 13.13 and Asterisk 13, 14 and 15. The available
security releases are released as versions 13.13-cert8, 13.18.3,
14.7.3 and 15.1.3.
The release of these versions resolves the following security
vulnerabilities:
* AST-2017-013: DOS Vulnerability in Asterisk chan_skinny
If the chan_skinny (AKA SCCP protocol) channel driver is
flooded with certain requests it can cause the asterisk
process to use excessive amounts of virtual memory
eventually causing asterisk to stop processing requests of
any kind.
For a full list of changes in the current releases, please see the
ChangeLogs:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog=14.7.3
The security advisories are available at:
http://downloads.asterisk.org/pub/security/AST-2017-013.pdf
Thank you for your continued support of Asterisk!
----- 14.7.2 -----
The Asterisk Development Team would like to announce the release
of Asterisk 14.7.2.
The release of Asterisk 14.7.2 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following issues are resolved in this release:
Bugs fixed in this release:
-----------------------------------
* ASTERISK-27387 - Regression: pjsip 13.18.0 - from_user - "+"
character isn't allowed any more
(Reported by Michael Maier)
* ASTERISK-27391 - Regression: Deadlock between AOR named lock
and pjproject grp lock
(Reported by shaurya jain)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-14.7.2
Thank you for your continued support of Asterisk!
----- 14.7.0 -----
The Asterisk Development Team would like to announce the release
of Asterisk 14.7.0.
The release of Asterisk 14.7.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following issues are resolved in this release:
Improvements made in this release:
-----------------------------------
* ASTERISK-27278 - [patch] chan_sip: Provide access to read the
full SIP Request-URI from INVITE
(Reported by David J. Pryke)
* ASTERISK-27255 - alembic: Add support for Microsoft SQL
server
(Reported by Florian Floimair)
* ASTERISK-27253 - [patch] libsrtp-2.1.x support
(Reported by Alexander Traud)
* ASTERISK-27220 - Enable CHANNEL function to get from and to
tag from SIP Headers
(Reported by Andre Nazario)
* ASTERISK-27169 - Google OAuth 2.0 support for XMPP / Motif
(Reported by Andrey)
* ASTERISK-27173 - Support for GMIME 3.0
(Reported by Tzafrir Cohen)
* ASTERISK-27092 - [patch] app_queue: Add Priority to AMI
QueueStatus
(Reported by Niklas Larsson)
* ASTERISK-27085 - [patch] chan_pjsip: Port SIPDtmfMode to
chan_pjsip
(Reported by Torrey Searle)
Bugs fixed in this release:
-----------------------------------
* ASTERISK-27346 - res_xmpp: Crash if OAuth 2.0 is used before
curl is loaded
(Reported by Ronald Raikes)
* ASTERISK-27372 - ARI: Node ARI client broken in latest
versions of 13 and 14
(Reported by Benjamin Keith Ford)
* ASTERISK-27047 - res_pjsip: user=phone added to Anonymous
caller-id when it shouldn't be.
(Reported by dtryba)
* ASTERISK-27270 - cdr_mysql: various crashes at second module
reload if cdr_mysql.conf is configured
(Reported by Tzafrir Cohen)
* ASTERISK-25266 - Application Originate returns SUCCESS to
ORIGINATE_STATUS upon failure to originate
(Reported by Allen Ford)
* ASTERISK-27192 - res_pjsip: Loss of SIP registrations causing
unavailable endpoints
(Reported by Richard Mudgett)
* ASTERISK-27305 - res_ari: Memory leaks in ARI when using
Content-Type: application/json
(Reported by David Hajek)
* ASTERISK-26922 - chan_sip: tcpbind uses wrong source address
(Reported by Ksenia)
* ASTERISK-27324 - [patch] Dual-Stack server cannot be used as
IPv4 client via TCP/TLS
(Reported by Alexander Traud)
* ASTERISK-27317 - vector: multiple evaluation of elem in
AST_VECTOR_ADD_SORTED.
(Reported by Corey Farrell)
* ASTERISK-27318 - res_pjsip_mwi: uninitialized value from
ast_strings_match
(Reported by Corey Farrell)
* ASTERISK-27284 - Status of RFC 3323 and PJSIP
(Reported by dtryba)
* ASTERISK-27296 - [patch] False positive busy checks when
icalendar's recurrence-id mechanism is involved
(Reported by Benoît Dereck-Tricot)
* ASTERISK-27216 - app_queue: does its
check-makeannouncement-logic twice each head-caller-loop
(Reported by Stefan Engström)
* ASTERISK-27298 - Problem with expires on pjsip /
outbound-publish
(Reported by Cyrille Demaret)
* ASTERISK-27295 - Contact is improperly translated after
d178f497
(Reported by Sean Bright)
* ASTERISK-27292 - Multiple RTP Stream Created Breaking RFC2833
(SSRC Changes)
(Reported by Ross Beer)
* ASTERISK-27289 - A codeblock that maintains a bug,but maybe
the codeblock will never run
(Reported by Huangyx)
* ASTERISK-27283 - Realtime config fail with PostgreSQL version
before 9.1
(Reported by Rodrigo Ramirez Norambuena)
* ASTERISK-27257 - bridge_native_rtp: half-way direct media
when using early bridging
(Reported by Jean Aunis - Prescom)
* ASTERISK-27279 - Crash in pubsub_on_rx_request NULL pointer -
Possible PJSIP Vulnerability
(Reported by Ross Beer)
* ASTERISK-26606 - tcptls: Incorrect OpenSSL function call
leads to misleading error report
(Reported by Bob Ham)
* ASTERISK-16898 - SRTP unprotect: authentication failure when
RTP sequence number switches from 65535 -> 0
(Reported by Marcello Ceschia)
* ASTERISK-27274 - RTCP needs better packet validation to
resist port scans.
(Reported by Richard Mudgett)
* ASTERISK-27252 - RTP: One way audio with direct media and
strictrtp=yes.
(Reported by Richard Mudgett)
* ASTERISK-25524 - module reload res_calendar.so does not
reload everything in calendar.conf
(Reported by Jesper)
* ASTERISK-24588 - res_calendar does not process CalDAV from
Owncloud [fix included]
(Reported by Stefan Gofferje)
* ASTERISK-25523 - res_calendar: Warning about invalid channel
value (for notification) occurs even when event has no
notification configured.
(Reported by Jesper)
* ASTERISK-21399 - RTP Multicast of L16 (type 10): Asterisk and
wireshark disagree
(Reported by Tzafrir Cohen)
* ASTERISK-27248 - [patch]external_media_address and
external_signaling_address don't always honor localnet
(Reported by Walter Doekes)
* ASTERISK-27217 - chan_sip: Asterisk crashing when
subscription doesn't get set
(Reported by Bryan Walters)
* ASTERISK-24066 - res_smdi: convert to astobj2
(Reported by Corey Farrell)
* ASTERISK-17540 - SDP origin attribute modified when issuing
re-INVITE because of directmedia=yes
(Reported by saghul)
* ASTERISK-27254 - alembic: prune_on_boot fix erroneous
(Reported by Florian Floimair)
* ASTERISK-27232 - When in queue on g722 with interruptions,
music on hold can get stuck and no longer play
(Reported by Jens T.)
* ASTERISK-27024 - nat/external_media settings ignored in 14.4.1
(Reported by Christopher van de Sande)
* ASTERISK-26879 - PJSIP external_media_address ignored if no
local_net options are provided
(Reported by Matt Jordan)
* ASTERISK-27165 - CDR: CDR(start,u) function won't work in
cdr_custom config
(Reported by Jacek Konieczny)
* ASTERISK-27236 - Segfault ast_channel_name (chan=0x0) at
channel_internal_api.c:478 during T.38 Fax Receive
(Reported by Ross Beer)
* ASTERISK-27225 - Crash when freeing dtls_cfg->cafile
(Reported by Richard Kenner)
* ASTERISK-27177 - ooh323c: misleading indentation in
addons/ooh323c/src/ooSocket.c
(Reported by Tzafrir Cohen)
* ASTERISK-27241 - libc segfault upon entry into app_directory
(Reported by David Moore)
* ASTERISK-27152 - Sending a "tel" uri in a From or To header
in an unauthenticated message causes asterisk to crash
(Reported by Ross Beer)
* ASTERISK-27103 - core: ast_safe_system command injection
possible.
(Reported by Corey Farrell)
* ASTERISK-27013 - res_rtp_asterisk: Media can be hijacked even
with strict RTP enabled
(Reported by Joshua Colp)
* ASTERISK-26994 - Confbridge: CBAnn channels intermittently
become stuck when caller hangs up before recording name
(Reported by James Terhune)
* ASTERISK-20858 - app_minivm fails to clean up mkstemp files
(Reported by Walter Doekes)
* ASTERISK-16777 - several filename bugs in Record()
application
(Reported by klaus3000)
* ASTERISK-27209 - Incorrect SDP in 200 OK when PJSIP_DTMF_MODE
is used
(Reported by Torrey Searle)
* ASTERISK-27168 - alembic: PJSIP scripts are missing column
dtls_fingerprint in ps_endpoints table
(Reported by Florian Floimair)
* ASTERISK-19103 - When using realtime queues, function
QUEUE_MEMBER_LIST() will return an error if no other
app/function has loaded the queues first. This problem does not
exist if queues.conf is used.
(Reported by Jim Van Meggelen)
* ASTERISK-21241 - When using voicemail as announce only
(maxmsg=0), the star dtmf to enter the voicemail is not honored
(Reported by Eelco Brolman)
* ASTERISK-27204 - [patch] app_queue: Wrong queue stat
calculation
(Reported by sungtae kim)
* ASTERISK-27207 - XMPP OAuth not working due to inverted
logic
(Reported by Michael Kuron)
* ASTERISK-27174 - res_calendar_icalendar: Recurring events not
being loaded from Google calendar using ical
(Reported by Mark Thompson)
* ASTERISK-27202 - If wget is not installed and "or" is not
available, external components (excluding pjsip) are not
installed
(Reported by Seán C. McCord)
* ASTERISK-27147 - Either asterisk or pjproject isn't re-using
tcp connections (again)
(Reported by George Joseph)
* ASTERISK-27193 - IPv6 receive address in message doesn't
include brackets
(Reported by Scott Griepentrog)
* ASTERISK-26745 - Asymmetric codecs when
asymmetric_rtp_codec=no
(Reported by Jesse Ross)
* ASTERISK-27158 - [patch] res_rtp_asterisk: RTCP statistics
are not available when native bridge is used
(Reported by Torrey Searle)
* ASTERISK-27110 - RTP session is not fully destroyed on
channel hangup
(Reported by Matt Jordan)
* ASTERISK-27171 - Asterisk 15.0.0-Beta1 does not compile
(Reported by Ira Emus)
* ASTERISK-26659 - res_pjsip: PJSIP presence - missing braces
around the status element in XML
(Reported by Abraham Liebsch)
* ASTERISK-27156 - Asterisk won't compile on Fedora 26 with
devmode enabled.
(Reported by Corey Farrell)
* ASTERISK-27130 - Applications ARI: Unsubscribe action for
deviceStates does not remove old subscriptions properly
(Reported by Sergej Kasumovic)
* ASTERISK-25810 - say.c calls for sounds in the subdir
"digits" that don't exist (in Core). SayUnixTime or other Say...
apps will fail out when they call these sounds.
(Reported by Nicolas Riendeau)
* ASTERISK-27142 - sounds: Conflict between files in
asterisk-sounds-core-1.6 and asterisk-sounds-extra-1.5
(Reported by Corey Farrell)
* ASTERISK-27133 - res_rtp_asterisk: RTCP does not use ICE when
RTCP-MUX in use
(Reported by Joshua Colp)
* ASTERISK-27123 - confbridge: Name recordings are left on
filesystem
(Reported by Sergej Kasumovic)
* ASTERISK-27122 - chan_iax2: On reload MWI taskprocessors keep
adding up
(Reported by Sergej Kasumovic)
* ASTERISK-26807 - sounds: New 3-D Binaural audio features
require new sound prompts
(Reported by Rusty Newton)
* ASTERISK-25816 - French conf-adminmenu, conf-usermenu prompts
differ in content from the English files
(Reported by Benoit Duverger)
* ASTERISK-26274 - Resolve open sounds issues and then create a
new sounds release (1.5.1? or 1.6?)
(Reported by Rusty Newton)
* ASTERISK-27128 - [patch]res_stasis_snoop: When recording a
snoop channel (using ARI) where no media is being received, no
recording happens when theres no media
(Reported by Dan Jenkins)
* ASTERISK-27124 - app_playback.c:say_date_generic use
timezonename parameter
(Reported by Holger Hans Peter Freyther)
* ASTERISK-27127 - configs: Erroneous load directive in sample
configuration results in "Error loading module
'res_pjsip_multihomed.so'"
(Reported by HZMI8gkCvPpom0tM)
* ASTERISK-27105 - [patch]core: when setting 'maxfiles' in
asterisk.conf, a message is printed, even in rasterisk -x
(Reported by Tzafrir Cohen)
* ASTERISK-27036 - res_pjsip: Asterisk crashes when an
extension tries to use PJSIP trunk with from_user containing '@'
(Reported by Maxim Vasilev)
* ASTERISK-27023 - res_rtp_asterisk: Deadlock when TURN session
in use
(Reported by Jatin Jain)
* ASTERISK-27093 - ODBC deadlocks when app_directory tries to
play back non-existent voicemail greeting
(Reported by James Terhune)
New Features made in this release:
-----------------------------------
* ASTERISK-27215 - [patch]AMI : Add CancelAtxfer Action
(Reported by Thomas Sevestre)
* ASTERISK-27117 - core: Add support for timelen parsing to
ast_parse_arg and ACO.
(Reported by Corey Farrell)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-14.7.0
Thank you for your continued support of Asterisk!
----- 14.6.0 -----
The Asterisk Development Team would like to announce the release
of Asterisk 14.6.0.
The release of Asterisk 14.6.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following issues are resolved in this release:
Bugs fixed in this release:
-----------------------------------
* ASTERISK-27108 - Crash using 'data get' CLI command
(Reported by Sean Bright)
* ASTERISK-27106 - [patch] autodomain (SIP Domain Support): Add
only really different domain with TLS.
(Reported by Alexander Traud)
* ASTERISK-27100 - channel: ast_waitfordigit_full fails to
clear flag in an error branch.
(Reported by Corey Farrell)
* ASTERISK-27090 - PJSIP: Deadlock using TCP transport
(Reported by Richard Mudgett)
* ASTERISK-25665 - Duplicate logging in queue log for EXITEMPTY events
(Reported by Ove Aursand)
* ASTERISK-27065 - call hangup after leaving app_queue
(Reported by Marek Cervenka)
* ASTERISK-26978 - rtp: Crash in ast_rtp_codecs_payload_code()
(Reported by Ross Beer)
* ASTERISK-24052 - app_voicemail reloads result in leaked IMAP sockets.
(Reported by Louis Jocelyn Paquet)
* ASTERISK-27074 - core_local: local channel data not being
properly unref'ed and unlocked
(Reported by Kevin Harwell)
* ASTERISK-27075 - bridge: stuck channel(s) after failed
attended transfer
(Reported by Kevin Harwell)
* ASTERISK-27060 - Comment typo format_g729.c
(Reported by Matthew Fredrickson)
* ASTERISK-27041 - Core/PBX: [patch] Deadlock between dialplan
execution and application unregistration
(Reported by Frederic LE FOLL)
* ASTERISK-27026 - res_ari: Crash when no ari.conf
configuration file exists
(Reported by Ronald Raikes)
* ASTERISK-27057 - Seg Fault in ast_sorcery_object_get_id at
sorcery.c
(Reported by Ryan Smith)
* ASTERISK-27024 - nat/external_media settings ignored in
14.4.1
(Reported by Christopher van de Sande)
* ASTERISK-27046 - res_pjsip_transport_websocket: segfault in
get_write_timeout
(Reported by Jørgen H)
* ASTERISK-27022 - res_rtp_asterisk: Incorrect SSRC change for
RTCP component
(Reported by Michael Walton)
* ASTERISK-26923 - bridging: T.38 request is lost when channels
are added to bridge
(Reported by Torrey Searle)
* ASTERISK-27053 - res_pjsip_refer/session: Calls dropped
during transfer
(Reported by Kevin Harwell)
* ASTERISK-27052 - Asterisk build process fails with flag
--with-pjproject-bundled with curl download command and slow
network
(Reported by alex)
* ASTERISK-27039 - chan_pjsip: Device state is idle when
channel from endpoint is in early media
(Reported by Joshua Colp)
* ASTERISK-26996 - chan_pjsip: Flipping between codecs
(Reported by Michael Maier)
* ASTERISK-26281 - chan_pjsip would send INVITE to
'Unreachable' endpoints
(Reported by Jacek Konieczny)
* ASTERISK-26973 - bridge: Crash when freeing frame and
snooping
(Reported by Michel R. Vaillancourt)
* ASTERISK-19291 - Background in realtime
(Reported by Andrew Nowrot)
* ASTERISK-27025 - channel / meetme: Fix missing parentheses
(Reported by Joshua Colp)
* ASTERISK-27021 - GET /recordings/stored returns 500 Internal
Server Error
(Reported by Tim Morgan)
* ASTERISK-24858 - [patch]Asterisk 13 PJSIP sends RTP packets
in wrong byte order on Intel platform when using slin codec
(Reported by Frankie Chin)
* ASTERISK-23951 - Asterisk attempts and fails to build
format_mp3 even if mp3lib was not downloaded
(Reported by Tzafrir Cohen)
* ASTERISK-25294 - srtp's crypto_get_random deprecated
(Reported by Tzafrir Cohen)
* ASTERISK-23839 - AGI - RECORD FILE - documentation doesn't
describe BEEP argument
(Reported by Rusty Newton)
* ASTERISK-22432 - Async AGI crashes Asterisk when issuing "set
variable" command without args
(Reported by Antoine Pitrou)
* ASTERISK-25662 - Malformed AGI 520 Usage response
(Reported by Tony Mountifield)
* ASTERISK-27008 - res_format_attr_h264: SDP parse fails if
fmtp optional parameters have a space
(Reported by John Harris)
* ASTERISK-26399 - app_queue: Agent not called when caller is
parked
(Reported by wushumasters)
* ASTERISK-26400 - app_queue: Queue member stops being called
after AMI "Redirect" action for queues with wrapuptime
(Reported by Etienne Lessard)
* ASTERISK-26715 - app_queue: Member will not receive any new
calls after doing a transfer if wrapuptime = greater than 0 and
using Local channel
(Reported by David Brillert)
* ASTERISK-26975 - app_queue: Non-zero wrapup time can cause
agents not to receive queue calls after transfer queue call
(Reported by Lorne Gaetz)
* ASTERISK-27012 - app_confbridge: ConfBridge sometimes does
not play user name recording while leaving
(Reported by Robert Mordec)
* ASTERISK-26979 - res_rtp_asterisk: SRTP unprotect failed with
authentication failure 10 or 110
(Reported by Javier Riveros)
* ASTERISK-26982 - chan_sip: rtcp_mux setting may cause ice
completion failure/delay if client offers rtcp-mux as
negotiable
(Reported by Stefan Engström)
* ASTERISK-26964 - res_pjsip_session: Wrong From on reinvite
when request and To URI differ
(Reported by Yasin CANER)
* ASTERISK-26789 - Audit manipulation of channel flags without
locks
(Reported by Joshua Colp)
* ASTERISK-26333 - Problems with Blind Transfer, PJSIP (Aastra
6869i)
(Reported by Matthias Binder)
Improvements made in this release:
-----------------------------------
* ASTERISK-26230 - [patch] res_pjsip_mwi: unsolicited mwi could
block PJSIP taskprocessor on startup
(Reported by Alexei Gradinari)
* ASTERISK-27043 - Core/BuildSystem: Add defines to fix build
with LibreSSL
(Reported by Guido Falsi)
* ASTERISK-27042 - Unpatched asterisk sources fail to build on
FreeBSD due to missing crypt.h file
(Reported by Guido Falsi)
* ASTERISK-26419 - audiohooks: Remove redundant codec
translations when using audiohooks
(Reported by Michael Walton)
* ASTERISK-26976 - libsrtp-2.x.x support
(Reported by Alex)
* ASTERISK-26124 - res_agi: Set audio format for EAGI audio
stream
(Reported by John Fawcett)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-14.6.0
Thank you for your continued support of Asterisk!
and general bug fixes, fixes AST-2017-005, AST-2017-006, AST-2017-007,
AST-2017-008, AST-2017-009, AST-2017-10, AST-2017-11, AST-2017-12,
AST-2017-13, and AST-2017-14 (note that a number of these only
pertain to PJSIP which isn't used in pkgsrc)
----- 13.19.0 -----
The Asterisk Development Team would like to announce the release
of Asterisk 13.19.0.
The release of Asterisk 13.19.0 resolves several issues reported
by the community and would have not been possible without your
participation.
Thank you!
The following issues are resolved in this release:
New Features made in this release:
-----------------------------------
* ASTERISK-27478 - PJSIP: Add CHANNEL(pjsip,request_uri) to get
incoming INVITE Request-URI.
(Reported by Richard Mudgett)
* ASTERISK-27413 - Add cache_media_frames debugging option.
(Reported by Richard Mudgett)
* ASTERISK-27206 - res_pjsip: No mechanism exists to limit
endpoint identification to IP only
(Reported by Ben Merrills)
Bugs fixed in this release:
-----------------------------------
* ASTERISK-27531 - Compiler optimizations can break module load
sequence.
(Reported by abelbeck)
* ASTERISK-27480 - Security: Authenticated SUBSCRIBE without
Contact crashes asterisk
(Reported by Ross Beer)
* ASTERISK-27299 - Asterisk Hangs with Bad file descriptor on
read()
(Reported by Abhay Gupta)
* ASTERISK-25079 - AMI bridge of channels results in MOH not
destroyed and robotic audio on one channel
(Reported by Zane Conkle)
* ASTERISK-27490 - chan_console: 'set active' fails to work
(Reported by Tzafrir Cohen)
* ASTERISK-24756 - ConfBridge sound_muted does not work from
CLI or AMI
(Reported by Thomas Frederiksen)
* ASTERISK-25649 - Transfer application does not work with
Local channels - documentation misleading
(Reported by Ivan Ullmann)
* ASTERISK-25869 - chan_sip: "rejected because extension not
found" should be logged as a security event
(Reported by Brian J. Murrell)
* ASTERISK-27440 - Strictrtp has issues to qualify video rtp
streams
(Reported by Wim De Vlaminck)
* ASTERISK-24329 - Music On Hold announcement cuts intro of
music the first time it is played
(Reported by Thomas Frederiksen)
* ASTERISK-19657 - Coverity Report: Fix issues for error type
CHAR_IO
(Reported by Matt Jordan)
* ASTERISK-27175 - iax.conf demo peer is invalid
(Reported by Tzafrir Cohen)
* ASTERISK-27430 - README refers to security documents that do
not exist.
(Reported by Corey Farrell)
* ASTERISK-20281 - "core set verbose" behaves strangely, can't
alias it, cli.conf example broken
(Reported by Tim Ringenbach at Asteria Solutions Group)
* ASTERISK-27382 - crash after an invalid rtcp packet from GT48
FXS gateway
(Reported by Tzafrir Cohen)
* ASTERISK-27429 - res_rtp_asterisk: Multiple reports in an
RTCP packet will write past where it should
(Reported by Vitezslav Novy)
* ASTERISK-27408 - Identify causes and fix
pjsip/resolver/srv/failover/in_dialog/transport_tcp
(Reported by Corey Farrell)
* ASTERISK-18411 - Queue members with hints for state_interface
get stuck in "In Use" state.
(Reported by Steven T. Wheeler)
* ASTERISK-26131 - chan_sip: Crash Asterisk (in
sip_request_call at chan_sip.c) by making a call to a single
character in a dot pattern match
(Reported by Dwayne Hubbard)
* ASTERISK-27475 - codec_opus requires libcurl
(Reported by Samuel For)
* ASTERISK-27467 - pjsip_options: qualify_frequency sometimes
not applied on reload
(Reported by John Bigelow)
* ASTERISK-27465 - CLI Completion Not Working
(Reported by Ross Beer)
* ASTERISK-27460 - CDR: Deadlock using AMI Originate with
Variable CDR(amaflags)=...
(Reported by Richard Mudgett)
* ASTERISK-27453 - RTP: Blind transfer direct media scenario
results in one way audio.
(Reported by Richard Mudgett)
* ASTERISK-20643 - SIP ICE support - remove hardcoded
limitation on SDP size, make ICE support disabled by default in
SIP, maybe provide a better warning message
(Reported by Roy)
* ASTERISK-26980 - pjsip: Clean up WebRTC disables
(Reported by abelbeck)
* ASTERISK-27452 - Security: chan_skinny: Memory exhaustion if
flooded with unauthenticated requests
(Reported by George Joseph)
* ASTERISK-27454 - res_http_post: Don't require
GMIME_MAJOR_VERSION
(Reported by Joshua Colp)
* ASTERISK-23735 - Transcoding makes bad choice in high-rate
translations
(Reported by Richard Kenner)
* ASTERISK-27445 - ARI: Updating a bridge gives wrong error
message.
(Reported by Frank Durden)
* ASTERISK-24662 - [patch] column and row headers for Signed
Linear format variants in output of 'core show translation' are
ambiguous
(Reported by Rusty Newton)
* ASTERISK-27353 - H323 audio starts with a delay of 2
seconds.
(Reported by Marco Giordani)
* ASTERISK-27442 - pjsip: 183 without To tag does not negotiate
media
(Reported by Kevin Harwell)
* ASTERISK-27437 - [patch] ICE: server-reflexive candidates
(srflx) with Dual-Stack.
(Reported by Alexander Traud)
* ASTERISK-27434 - [patch] chan_sip/ICE: Square brackets around
IPv6 addresses.
(Reported by Alexander Traud)
* ASTERISK-27435 - [patch] configure:
pjsip_evsub_set_uas_timeout not found.
(Reported by Alexander Traud)
* ASTERISK-27431 - Asterisk fails to build when openssl headers
are not installed.
(Reported by Corey Farrell)
* ASTERISK-27332 - Asterisk fails to configure on MacOS Sierra
(Reported by Ivan Larionov)
* ASTERISK-27421 - RTP source learning not working with devices
that have some clock issues
(Reported by nappsoft)
* ASTERISK-27361 - Attended transfer crashes in Asterisk
13.17.2
(Reported by Alessandro Pimenta)
* ASTERISK-27238 - Bridging: Crash freeing a frame that's
already been freed
(Reported by Richard Kenner)
* ASTERISK-27412 - core: Audiohook freeing interpolated frame
when it shouldn't.
(Reported by Mikhail)
* ASTERISK-27423 - app_record: We set the RECORD_STATUS
channel variable before closing the file
(Reported by George Joseph)
* ASTERISK-26758 - res_hep_pjsip: For WebRTC clients Asterisk
insert same ip address in "source ip address" and "destination
ip address" fields in HEP packets
(Reported by Max Norba)
* ASTERISK-27363 - res_http_websocket: Wrong LocalAddress (it
is equal to RemoteAddress)
(Reported by Vasilii Rogin)
* ASTERISK-27415 - asterisk.conf: Setting astctl without
setting astrundir is ineffective.
(Reported by Corey Farrell)
* ASTERISK-27411 - pjsip: TCP connections may not be destroyed
(Reported by Joshua Colp)
* ASTERISK-27345 - res_pjsip_session: RTP instances leak on 488
responses.
(Reported by Corey Farrell)
* ASTERISK-27337 - chan_sip: Security vulnerability with client
code header (revisited)
(Reported by Richard Mudgett)
* ASTERISK-27319 - (Security) Function in PJSIP 2.7
miscalculates the length of an unsigned long variable in 64bit
machines
(Reported by Kim youngsung)
* ASTERISK-27391 - Regression: Deadlock between AOR named lock
and pjproject grp lock
(Reported by shaurya jain)
* ASTERISK-27393 - res_pjsip: Crash occurs when an empty
contact read from astdb or database
(Reported by Aaron An)
* ASTERISK-27290 - res_pjsip: PIDF contact field has
malformed/invalid XML
(Reported by basildane)
* ASTERISK-27032 - res_pjsip: TLS options do not handle empty
values
(Reported by seanchann.zhou)
* ASTERISK-27394 - [patch] tcptls: Print notice when TLS is
enabled but not configured.
(Reported by Alexander Traud)
* ASTERISK-26426 - format_ogg_opus: remove from source
(Reported by Kevin Harwell)
* ASTERISK-27378 - Modules: Fix issues with CLI completion.
(Reported by Corey Farrell)
* ASTERISK-27387 - Regression: pjsip 13.18.0 - from_user - "+"
character isn't allowed any more
(Reported by Michael Maier)
* ASTERISK-27390 - Audit menuselect module dependencies
(Reported by Corey Farrell)
* ASTERISK-27389 - Optional API modules should not allow
unload.
(Reported by Corey Farrell)
* ASTERISK-27369 - Bridge() dialplan application fails without
setting BRIDGERESULT channel variable
(Reported by James Terhune)
* ASTERISK-27377 - Typo in CHANNEL(dtmf_features) usage
documentation
(Reported by Igor Goncharovsky)
* ASTERISK-27181 - GCC 7 warning: app_voicemail.c: In function
'imap_delete_old_greeting'
(Reported by Anthony Messina)
* ASTERISK-27194 - jitterbuffer: Does not handle case where
translator returns null frame.
(Reported by Joshua Elson)
* ASTERISK-26639 - core: Disabling xmldoc support does not
work. Also results in abort during Asterisk startup.
(Reported by Mr Dini)
* ASTERISK-27372 - ARI: Node ARI client broken in latest
versions of 13 and 14
(Reported by Benjamin Keith Ford)
* ASTERISK-18140 - Expires handling in SUBSCRIBE confuses the
absence of the Expires header field with an unsubscribe action.
(Reported by Jonathan Cloots)
* ASTERISK-25960 - The config_hook unit test causes Asterisk to
crash if run a second time
(Reported by George Joseph)
* ASTERISK-27198 - res_pjsip: SDP contains IP4 instead of IP6
when rtp_ipv6 set to yes
(Reported by Martin Cisárik)
* ASTERISK-27346 - res_xmpp: Crash if OAuth 2.0 is used before
curl is loaded
(Reported by Ronald Raikes)
* ASTERISK-27365 - [patch] chan_sip: Crypto attribute not last
but first on SDP media level.
(Reported by Alexander Traud)
* ASTERISK-24483 - res_pjsip_pubsub.so, res_pjsip_refer.so:
Assertion on un/re-load: mod.id == -1
(Reported by Tzafrir Cohen)
* ASTERISK-23462 - Cannot disable SIP debugging via CLI after
enabling with conf file option - also 'sip set debug off'
reports debugging disabled, when it really isn't
(Reported by Rusty Newton)
* ASTERISK-27328 - Missing openssl dependencies in
res_rtp_asterisk and tcptls
(Reported by Tzafrir Cohen)
* ASTERISK-27341 - [patch] res_pjsip_session: SIP/SDP origin
(o=) contains local address.
(Reported by Alexander Traud)
* ASTERISK-27343 - Fails to build in FreeBSD due to
sys/sysmacros.h not existing there
(Reported by Guido Falsi)
* ASTERISK-27340 - backtrace.c: Crash due to double-free.
(Reported by Corey Farrell)
* ASTERISK-27339 - [patch] Crash on ast_ssl_teardown when
stopping.
(Reported by Alexander Traud)
* ASTERISK-27333 - sip_to_pjsip not correctly handling
disallow=all directive
(Reported by Torrey Searle)
Improvements made in this release:
-----------------------------------
* ASTERISK-24297 - cdr.c: Minor code optimizations.
(Reported by Richard Mudgett)
* ASTERISK-27449 - [PATCH] When failing to acquire target
during attended transfer, display wanted extension
(Reported by Niklas Larsson)
* ASTERISK-27456 - app_voicemail: Add new object for
VoicemailUserEntry
(Reported by sungtae kim)
* ASTERISK-27380 - ast_coredumper: allow pointing out the
asterisk binary explicitly
(Reported by Tzafrir Cohen)
* ASTERISK-23556 - Compilation warning for invert.c (array
subscript is above array bounds)
(Reported by Marcello Ceschia)
* ASTERISK-27355 - Upgrade bundled PJPROJECT to 2.7
(Reported by Richard Mudgett)
* ASTERISK-27335 - CDR performance needs improvement.
(Reported by Richard Mudgett)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-13.19.0
Thank you for your continued support of Asterisk!
----- 13.18.5 -----
The Asterisk Development Team would like to announce security
releases for Asterisk 13, 14 and 15, and Certified Asterisk 13.18.
The available releases are released as versions 13.18.5, 14.7.5,
15.1.5 and 13.18-cert2.
The following security vulnerabilities were resolved in these versions:
* AST-2017-014: Crash in PJSIP resource when missing a contact header
A select set of SIP messages create a dialog in Asterisk. Those
SIP messages must contain a contact header. For those messages,
if the header was not present and using the PJSIP channel driver,
it would cause Asterisk to crash. The severity of this vulnerability
is somewhat mitigated if authentication is enabled. If authentication
is enabled a user would have to first be authorized before reaching
the crash point.
For a full list of changes in the current releases, please see the ChangeLogs:
https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.18.5
The security advisory is available at:
https://downloads.asterisk.org/pub/security/AST-2017-014.pdf
Thank you for your continued support of Asterisk!
----- 13.18.4 -----
The Asterisk Development Team has announced security releases for
Certified Asterisk 13.13 and Asterisk 13, 14 and 15. The available
security releases are released as versions 13.13-cert9, 13.18.4,
14.7.4 and 15.1.4.
The release of these versions resolves the following security
vulnerabilities:
* AST-2017-012: Remote Crash Vulnerability in RTCP Stack
If a compound RTCP packet is received containing more than
one report (for example a Receiver Report and a Sender
Report) the RTCP stack will incorrectly store report
information outside of allocated memory potentially causing
a crash.
For a full list of changes in the current releases, please see the
ChangeLogs:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.18.4
The security advisories are available at:
http://downloads.asterisk.org/pub/security/AST-2017-012.htmlhttp://downloads.asterisk.org/pub/security/AST-2017-012.pdf
Thank you for your continued support of Asterisk!
----- 13.18.3 -----
The Asterisk Development Team has announced security releases for
Certified Asterisk 13.13 and Asterisk 13, 14 and 15. The available
security releases are released as versions 13.13-cert8, 13.18.3,
14.7.3 and 15.1.3.
The release of these versions resolves the following security
vulnerabilities:
* AST-2017-013: DOS Vulnerability in Asterisk chan_skinny
If the chan_skinny (AKA SCCP protocol) channel driver is
flooded with certain requests it can cause the asterisk
process to use excessive amounts of virtual memory
eventually causing asterisk to stop processing requests of
any kind.
For a full list of changes in the current releases, please see the
ChangeLogs:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.18.3
The security advisories are available at:
http://downloads.asterisk.org/pub/security/AST-2017-013.pdf
Thank you for your continued support of Asterisk!
----- 13.18.2 -----
The Asterisk Development Team would like to announce the release
of Asterisk 13.18.2.
The release of Asterisk 13.18.2 resolves several issues reported
by the community and would have not been possible without your
participation.
Thank you!
The following issues are resolved in this release:
Bugs fixed in this release:
-----------------------------------
* ASTERISK-27387 - Regression: pjsip 13.18.0 - from_user - "+"
character isn't allowed any more
(Reported by Michael Maier)
* ASTERISK-27391 - Regression: Deadlock between AOR named lock
and pjproject grp lock
(Reported by shaurya jain)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-13.18.2
Thank you for your continued support of Asterisk!
----- 13.18.0 -----
The Asterisk Development Team would like to announce the release
of Asterisk 13.18.0.
The release of Asterisk 13.18.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following issues are resolved in this release:
Improvements made in this release:
-----------------------------------
* ASTERISK-27278 - [patch] chan_sip: Provide access to read the
full SIP Request-URI from INVITE
(Reported by David J. Pryke)
* ASTERISK-27255 - alembic: Add support for Microsoft SQL
server
(Reported by Florian Floimair)
* ASTERISK-27253 - [patch] libsrtp-2.1.x support
(Reported by Alexander Traud)
* ASTERISK-27220 - Enable CHANNEL function to get from and to
tag from SIP Headers
(Reported by Andre Nazario)
* ASTERISK-27169 - Google OAuth 2.0 support for XMPP / Motif
(Reported by Andrey)
* ASTERISK-27173 - Support for GMIME 3.0
(Reported by Tzafrir Cohen)
* ASTERISK-27092 - [patch] app_queue: Add Priority to AMI
QueueStatus
(Reported by Niklas Larsson)
* ASTERISK-27085 - [patch] chan_pjsip: Port SIPDtmfMode to
chan_pjsip
(Reported by Torrey Searle)
Bugs fixed in this release:
-----------------------------------
* ASTERISK-27346 - res_xmpp: Crash if OAuth 2.0 is used before
curl is loaded
(Reported by Ronald Raikes)
* ASTERISK-27372 - ARI: Node ARI client broken in latest
versions of 13 and 14
(Reported by Benjamin Keith Ford)
* ASTERISK-27047 - res_pjsip: user=phone added to Anonymous
caller-id when it shouldn't be.
(Reported by dtryba)
* ASTERISK-26988 - res_pjsip_session: user_eq_phone adds double
user=phone parameters to URIs
(Reported by dtryba)
* ASTERISK-27270 - cdr_mysql: various crashes at second module
reload if cdr_mysql.conf is configured
(Reported by Tzafrir Cohen)
* ASTERISK-27301 - [patch] app_queue: Music On Hold for
real-time queues is not reset to default
(Reported by Nathan Bruning)
* ASTERISK-25266 - Application Originate returns SUCCESS to
ORIGINATE_STATUS upon failure to originate
(Reported by Allen Ford)
* ASTERISK-27192 - res_pjsip: Loss of SIP registrations causing
unavailable endpoints
(Reported by Richard Mudgett)
* ASTERISK-27305 - res_ari: Memory leaks in ARI when using
Content-Type: application/json
(Reported by David Hajek)
* ASTERISK-26922 - chan_sip: tcpbind uses wrong source address
(Reported by Ksenia)
* ASTERISK-27324 - [patch] Dual-Stack server cannot be used as
IPv4 client via TCP/TLS
(Reported by Alexander Traud)
* ASTERISK-27317 - vector: multiple evaluation of elem in
AST_VECTOR_ADD_SORTED.
(Reported by Corey Farrell)
* ASTERISK-27318 - res_pjsip_mwi: uninitialized value from
ast_strings_match
(Reported by Corey Farrell)
* ASTERISK-27296 - [patch] False positive busy checks when
icalendar's recurrence-id mechanism is involved
(Reported by Benoît Dereck-Tricot)
* ASTERISK-27284 - Status of RFC 3323 and PJSIP
(Reported by dtryba)
* ASTERISK-27216 - app_queue: does its
check-makeannouncement-logic twice each head-caller-loop
(Reported by Stefan Engström)
* ASTERISK-27295 - Contact is improperly translated after
d178f497
(Reported by Sean Bright)
* ASTERISK-27292 - Multiple RTP Stream Created Breaking RFC2833
(SSRC Changes)
(Reported by Ross Beer)
* ASTERISK-27289 - A codeblock that maintains a bug,but maybe
the codeblock will never run
(Reported by Huangyx)
* ASTERISK-27283 - Realtime config fail with PostgreSQL version
before 9.1
(Reported by Rodrigo Ramirez Norambuena)
* ASTERISK-27257 - bridge_native_rtp: half-way direct media
when using early bridging
(Reported by Jean Aunis - Prescom)
* ASTERISK-27279 - Crash in pubsub_on_rx_request NULL pointer -
Possible PJSIP Vulnerability
(Reported by Ross Beer)
* ASTERISK-26606 - tcptls: Incorrect OpenSSL function call
leads to misleading error report
(Reported by Bob Ham)
* ASTERISK-16898 - SRTP unprotect: authentication failure when
RTP sequence number switches from 65535 -> 0
(Reported by Marcello Ceschia)
* ASTERISK-27274 - RTCP needs better packet validation to
resist port scans.
(Reported by Richard Mudgett)
* ASTERISK-27252 - RTP: One way audio with direct media and
strictrtp=yes.
(Reported by Richard Mudgett)
* ASTERISK-25524 - module reload res_calendar.so does not
reload everything in calendar.conf
(Reported by Jesper)
* ASTERISK-24588 - res_calendar does not process CalDAV from
Owncloud [fix included]
(Reported by Stefan Gofferje)
* ASTERISK-25523 - res_calendar: Warning about invalid channel
value (for notification) occurs even when event has no
notification configured.
(Reported by Jesper)
* ASTERISK-21399 - RTP Multicast of L16 (type 10): Asterisk and
wireshark disagree
(Reported by Tzafrir Cohen)
* ASTERISK-27248 - [patch]external_media_address and
external_signaling_address don't always honor localnet
(Reported by Walter Doekes)
* ASTERISK-27165 - CDR: CDR(start,u) function won't work in
cdr_custom config
(Reported by Jacek Konieczny)
* ASTERISK-27217 - chan_sip: Asterisk crashing when
subscription doesn't get set
(Reported by Bryan Walters)
* ASTERISK-24066 - res_smdi: convert to astobj2
(Reported by Corey Farrell)
* ASTERISK-17540 - SDP origin attribute modified when issuing
re-INVITE because of directmedia=yes
(Reported by saghul)
* ASTERISK-27254 - alembic: prune_on_boot fix erroneous
(Reported by Florian Floimair)
* ASTERISK-27232 - When in queue on g722 with interruptions,
music on hold can get stuck and no longer play
(Reported by Jens T.)
* ASTERISK-27024 - nat/external_media settings ignored in
14.4.1
(Reported by Christopher van de Sande)
* ASTERISK-26879 - PJSIP external_media_address ignored if no
local_net options are provided
(Reported by Matt Jordan)
* ASTERISK-27236 - Segfault ast_channel_name (chan=0x0) at
channel_internal_api.c:478 during T.38 Fax Receive
(Reported by Ross Beer)
* ASTERISK-27225 - Crash when freeing dtls_cfg->cafile
(Reported by Richard Kenner)
* ASTERISK-27177 - ooh323c: misleading indentation in
addons/ooh323c/src/ooSocket.c
(Reported by Tzafrir Cohen)
* ASTERISK-27241 - libc segfault upon entry into app_directory
(Reported by David Moore)
* ASTERISK-27152 - Sending a "tel" uri in a From or To header
in an unauthenticated message causes asterisk to crash
(Reported by Ross Beer)
* ASTERISK-27103 - core: ast_safe_system command injection
possible.
(Reported by Corey Farrell)
* ASTERISK-27013 - res_rtp_asterisk: Media can be hijacked even
with strict RTP enabled
(Reported by Joshua Colp)
* ASTERISK-26994 - Confbridge: CBAnn channels intermittently
become stuck when caller hangs up before recording name
(Reported by James Terhune)
* ASTERISK-20858 - app_minivm fails to clean up mkstemp files
(Reported by Walter Doekes)
* ASTERISK-16777 - several filename bugs in Record()
application
(Reported by klaus3000)
* ASTERISK-27168 - alembic: PJSIP scripts are missing column
dtls_fingerprint in ps_endpoints table
(Reported by Florian Floimair)
* ASTERISK-23608 - ControlPlayback fails to play files with
names containing certain non-alpha characters
(Reported by Jonathan White)
* ASTERISK-19103 - When using realtime queues, function
QUEUE_MEMBER_LIST() will return an error if no other
app/function has loaded the queues first. This problem does not
exist if queues.conf is used.
(Reported by Jim Van Meggelen)
* ASTERISK-21241 - When using voicemail as announce only
(maxmsg=0), the star dtmf to enter the voicemail is not honored
(Reported by Eelco Brolman)
* ASTERISK-27204 - [patch] app_queue: Wrong queue stat
calculation
(Reported by sungtae kim)
* ASTERISK-27209 - Incorrect SDP in 200 OK when PJSIP_DTMF_MODE
is used
(Reported by Torrey Searle)
* ASTERISK-27207 - XMPP OAuth not working due to inverted
logic
(Reported by Michael Kuron)
* ASTERISK-27174 - res_calendar_icalendar: Recurring events not
being loaded from Google calendar using ical
(Reported by Mark Thompson)
* ASTERISK-27202 - If wget is not installed and "or" is not
available, external components (excluding pjsip) are not
installed
(Reported by Seán C. McCord)
* ASTERISK-27147 - Either asterisk or pjproject isn't re-using
tcp connections (again)
(Reported by George Joseph)
* ASTERISK-27193 - IPv6 receive address in message doesn't
include brackets
(Reported by Scott Griepentrog)
* ASTERISK-27158 - [patch] res_rtp_asterisk: RTCP statistics
are not available when native bridge is used
(Reported by Torrey Searle)
* ASTERISK-27110 - RTP session is not fully destroyed on
channel hangup
(Reported by Matt Jordan)
* ASTERISK-26745 - Asymmetric codecs when
asymmetric_rtp_codec=no
(Reported by Jesse Ross)
* ASTERISK-27171 - Asterisk 15.0.0-Beta1 does not compile
(Reported by Ira Emus)
* ASTERISK-26659 - res_pjsip: PJSIP presence - missing braces
around the status element in XML
(Reported by Abraham Liebsch)
* ASTERISK-27156 - Asterisk won't compile on Fedora 26 with
devmode enabled.
(Reported by Corey Farrell)
* ASTERISK-27130 - Applications ARI: Unsubscribe action for
deviceStates does not remove old subscriptions properly
(Reported by Sergej Kasumovic)
* ASTERISK-25810 - say.c calls for sounds in the subdir
"digits" that don't exist (in Core). SayUnixTime or other Say...
apps will fail out when they call these sounds.
(Reported by Nicolas Riendeau)
* ASTERISK-27142 - sounds: Conflict between files in
asterisk-sounds-core-1.6 and asterisk-sounds-extra-1.5
(Reported by Corey Farrell)
* ASTERISK-27124 - app_playback.c:say_date_generic use
timezonename parameter
(Reported by Holger Hans Peter Freyther)
* ASTERISK-27133 - res_rtp_asterisk: RTCP does not use ICE when
RTCP-MUX in use
(Reported by Joshua Colp)
* ASTERISK-27128 - [patch]res_stasis_snoop: When recording a
snoop channel (using ARI) where no media is being received, no
recording happens when theres no media
(Reported by Dan Jenkins)
* ASTERISK-27123 - confbridge: Name recordings are left on
filesystem
(Reported by Sergej Kasumovic)
* ASTERISK-27122 - chan_iax2: On reload MWI taskprocessors keep
adding up
(Reported by Sergej Kasumovic)
* ASTERISK-26807 - sounds: New 3-D Binaural audio features
require new sound prompts
(Reported by Rusty Newton)
* ASTERISK-25816 - French conf-adminmenu, conf-usermenu prompts
differ in content from the English files
(Reported by Benoit Duverger)
* ASTERISK-26274 - Resolve open sounds issues and then create a
new sounds release (1.5.1? or 1.6?)
(Reported by Rusty Newton)
* ASTERISK-27127 - configs: Erroneous load directive in sample
configuration results in "Error loading module
'res_pjsip_multihomed.so'"
(Reported by HZMI8gkCvPpom0tM)
* ASTERISK-27105 - [patch]core: when setting 'maxfiles' in
asterisk.conf, a message is printed, even in rasterisk -x
(Reported by Tzafrir Cohen)
* ASTERISK-27036 - res_pjsip: Asterisk crashes when an
extension tries to use PJSIP trunk with from_user containing
'@'
(Reported by Maxim Vasilev)
* ASTERISK-27023 - res_rtp_asterisk: Deadlock when TURN session
in use
(Reported by Jatin Jain)
* ASTERISK-27093 - ODBC deadlocks when app_directory tries to
play back non-existent voicemail greeting
(Reported by James Terhune)
New Features made in this release:
-----------------------------------
* ASTERISK-27215 - [patch]AMI : Add CancelAtxfer Action
(Reported by Thomas Sevestre)
* ASTERISK-27117 - core: Add support for timelen parsing to
ast_parse_arg and ACO.
(Reported by Corey Farrell)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-13.18.0
Thank you for your continued support of Asterisk!
----- 13.17.0 ----
The Asterisk Development Team would like to announce the release
of Asterisk 13.17.0.
The release of Asterisk 13.17.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following issues are resolved in this release:
Bugs fixed in this release:
-----------------------------------
* ASTERISK-27108 - Crash using 'data get' CLI command
(Reported by Sean Bright)
* ASTERISK-27106 - [patch] autodomain (SIP Domain Support): Add
only really different domain with TLS.
(Reported by Alexander Traud)
* ASTERISK-27100 - channel: ast_waitfordigit_full fails to
clear flag in an error branch.
(Reported by Corey Farrell)
* ASTERISK-27090 - PJSIP: Deadlock using TCP transport
(Reported by Richard Mudgett)
* ASTERISK-25665 - Duplicate logging in queue log for EXITEMPTY
events
(Reported by Ove Aursand)
* ASTERISK-27065 - call hangup after leaving app_queue
(Reported by Marek Cervenka)
* ASTERISK-26978 - rtp: Crash in ast_rtp_codecs_payload_code()
(Reported by Ross Beer)
* ASTERISK-27074 - core_local: local channel data not being
properly unref'ed and unlocked
(Reported by Kevin Harwell)
* ASTERISK-27075 - bridge: stuck channel(s) after failed
attended transfer
(Reported by Kevin Harwell)
* ASTERISK-24052 - app_voicemail reloads result in leaked IMAP
sockets.
(Reported by Louis Jocelyn Paquet)
* ASTERISK-27060 - Comment typo format_g729.c
(Reported by Matthew Fredrickson)
* ASTERISK-27026 - res_ari: Crash when no ari.conf
configuration file exists
(Reported by Ronald Raikes)
* ASTERISK-27041 - Core/PBX: [patch] Deadlock between dialplan
execution and application unregistration
(Reported by Frederic LE FOLL)
* ASTERISK-27057 - Seg Fault in ast_sorcery_object_get_id at
sorcery.c
(Reported by Ryan Smith)
* ASTERISK-27024 - nat/external_media settings ignored in
14.4.1
(Reported by Christopher van de Sande)
* ASTERISK-27046 - res_pjsip_transport_websocket: segfault in
get_write_timeout
(Reported by Jørgen H)
* ASTERISK-27022 - res_rtp_asterisk: Incorrect SSRC change for
RTCP component
(Reported by Michael Walton)
* ASTERISK-26923 - bridging: T.38 request is lost when channels
are added to bridge
(Reported by Torrey Searle)
* ASTERISK-27053 - res_pjsip_refer/session: Calls dropped
during transfer
(Reported by Kevin Harwell)
* ASTERISK-27052 - Asterisk build process fails with flag
--with-pjproject-bundled with curl download command and slow
network
(Reported by alex)
* ASTERISK-27039 - chan_pjsip: Device state is idle when
channel from endpoint is in early media
(Reported by Joshua Colp)
* ASTERISK-26996 - chan_pjsip: Flipping between codecs
(Reported by Michael Maier)
* ASTERISK-26281 - chan_pjsip would send INVITE to
'Unreachable' endpoints
(Reported by Jacek Konieczny)
* ASTERISK-26973 - bridge: Crash when freeing frame and
snooping
(Reported by Michel R. Vaillancourt)
* ASTERISK-19291 - Background in realtime
(Reported by Andrew Nowrot)
* ASTERISK-27025 - channel / meetme: Fix missing parentheses
(Reported by Joshua Colp)
* ASTERISK-27021 - GET /recordings/stored returns 500 Internal
Server Error
(Reported by Tim Morgan)
* ASTERISK-24858 - [patch]Asterisk 13 PJSIP sends RTP packets
in wrong byte order on Intel platform when using slin codec
(Reported by Frankie Chin)
* ASTERISK-23951 - Asterisk attempts and fails to build
format_mp3 even if mp3lib was not downloaded
(Reported by Tzafrir Cohen)
* ASTERISK-25294 - srtp's crypto_get_random deprecated
(Reported by Tzafrir Cohen)
* ASTERISK-23839 - AGI - RECORD FILE - documentation doesn't
describe BEEP argument
(Reported by Rusty Newton)
* ASTERISK-22432 - Async AGI crashes Asterisk when issuing "set
variable" command without args
(Reported by Antoine Pitrou)
* ASTERISK-25662 - Malformed AGI 520 Usage response
(Reported by Tony Mountifield)
* ASTERISK-25101 - DTLS configuration can not be specified in
the general section - documentation
(Reported by Ben Langfeld)
* ASTERISK-27008 - res_format_attr_h264: SDP parse fails if
fmtp optional parameters have a space
(Reported by John Harris)
* ASTERISK-26399 - app_queue: Agent not called when caller is
parked
(Reported by wushumasters)
* ASTERISK-26400 - app_queue: Queue member stops being called
after AMI "Redirect" action for queues with wrapuptime
(Reported by Etienne Lessard)
* ASTERISK-26715 - app_queue: Member will not receive any new
calls after doing a transfer if wrapuptime = greater than 0 and
using Local channel
(Reported by David Brillert)
* ASTERISK-26975 - app_queue: Non-zero wrapup time can cause
agents not to receive queue calls after transfer queue call
(Reported by Lorne Gaetz)
* ASTERISK-27012 - app_confbridge: ConfBridge sometimes does
not play user name recording while leaving
(Reported by Robert Mordec)
* ASTERISK-26979 - res_rtp_asterisk: SRTP unprotect failed with
authentication failure 10 or 110
(Reported by Javier Riveros)
* ASTERISK-26982 - chan_sip: rtcp_mux setting may cause ice
completion failure/delay if client offers rtcp-mux as
negotiable
(Reported by Stefan Engström)
* ASTERISK-26964 - res_pjsip_session: Wrong From on reinvite
when request and To URI differ
(Reported by Yasin CANER)
* ASTERISK-26789 - Audit manipulation of channel flags without
locks
(Reported by Joshua Colp)
* ASTERISK-26333 - Problems with Blind Transfer, PJSIP (Aastra
6869i)
(Reported by Matthias Binder)
Improvements made in this release:
-----------------------------------
* ASTERISK-26230 - [patch] res_pjsip_mwi: unsolicited mwi could
block PJSIP taskprocessor on startup
(Reported by Alexei Gradinari)
* ASTERISK-27043 - Core/BuildSystem: Add defines to fix build
with LibreSSL
(Reported by Guido Falsi)
* ASTERISK-27042 - Unpatched asterisk sources fail to build on
FreeBSD due to missing crypt.h file
(Reported by Guido Falsi)
* ASTERISK-26419 - audiohooks: Remove redundant codec
translations when using audiohooks
(Reported by Michael Walton)
* ASTERISK-26976 - libsrtp-2.x.x support
(Reported by Alex)
* ASTERISK-26124 - res_agi: Set audio format for EAGI audio
stream
(Reported by John Fawcett)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-13.17.0
Thank you for your continued support of Asterisk!
The actual fix as been done by "pkglint -F */*/buildlink3.mk", and was
reviewed manually.
There are some .include lines that still are indented with zero spaces
although the surrounding .if is indented. This is existing practice.
Unsorted entries in PLIST files have generated a pkglint warning for at
least 12 years. Somewhat more recently, pkglint has learned to sort
PLIST files automatically. Since pkglint 5.4.23, the sorting is only
done in obvious, simple cases. These have been applied by running:
pkglint -Cnone,PLIST -Wnone,plist-sort -r -F
On some platforms (strictly speaking the ones that have libm
somewhere in a path with /lib64/) LIB_SUFFIX is set to `64' leading
to install phase/PLIST errors due libraries and pkg-config `.pc'
files are tried to be installed in `lib64/'.
Add a `cmakelists' SUBST_CLASS to avoid that.
This should fix problems noticed on Joyent CentOS 7.2/x86_64 bulk builds.
Changes:
20171018 - 1.38.5
[+] * Added SMS_1_REFERENCE to SMSD run on receive environment
[-] * Improved logging of run scripts in SMSD
[-] * Improved support for Huawei E1780 and E1552.
[-] * Allow 0 for setuid/setgid in SMSD.
[+] * Added RunOnIncomingCall to SMSD.
[-] * Fixed SQL error when retry of multipart message
[*] * Added status code column
[-] * Fixed some SQL queries for Access and Oracle databases.
[-] * Add option to prefer GSM charset for USSD.
[-] * Sanitize international numbers stored in the database to always start with +.
[-] * Improved support for Telit devices.
[+] * Added USSD support to SMSD.
[-] * Fixed call hangup in SMSD with some modems.
[-] * Fixed decoding USSD response with some modems.
1.08 Package asterisk::perl to resolve pause index upload.
1.07 Replace Config with Conf namespace to resolve conflict with Asterisk::config distro
1.06 New upload with original asterisk-perl distro name
More test script updates to increase code coverage.
1.05 Fix Asterisk::Manager undefined response RT#115789 ( Thanks Chris Hemmerly)
Fix MakeFile.PL and Asterisk::Perl for Pause Indexing (Thanks Jim Keenan)
minor updates on the test scripts
1.04 Asterisk-Perl distribution now on Github.
Added simple test scripts
Travis and CoverAll integration with new Github repository
Asterisk-Perl distribution now ready for Pull Request Challenge (http://cpan-prc.org/)
Set MANDIR in Makefile.inc to point to ${PKGMANDIR} so that
the BSD makefiles that include Makefile.inc will install manpages
into the correct location.
Improvements:
* miniterm: suspend function (temporarily release port, Ctrl-T s)
* context manager automatically opens port on __enter__
* list_ports: add interface number to location string
* protocol_socket: Retry if BlockingIOError occurs in reset_input_buffer.
Bugfixes:
* list_ports: option to include symlinked devices
* list_ports: workaround for special characters in port names
Bugfixes (posix):
* allow calling cancel functions w/o error if port is closed
* protocol_socket: sync error handling with posix version
* posix: ignore more blocking errors and EINTR, timeout only applies to blocking I/O
* fix: port_publisher typo
Changes:
2.9
===
* Fixed compilation under Windows.
2.8
===
* Make parameters to CancelCall and AnswerCall optional.
* Added support for UTF-16 Unicode chars (emojis).
Changes:
20170618 - 1.38.4
[-] * Improved support for Huawei E3531 and E1756.
[-] * Fixed several issues with using library on Windows.
20170523 - 1.38.3
[-] * Improved support for ZTE MF626.
[-] * Fixed USSD handling with longer codes.
[-] * Increased default value for StatusFrequency.
[-] * Improved SMSD response on signals.
[-] * Improved SMSD throughput on big queue.
[-] * Improved SMSD compatibility with Microsoft SQL Server.
* Revert fix for issue 103 which causes problems for dependent applications
0.3.8
* Fix issue 121: "invalid escape sequence" deprecation fixes on Python 3.6+
* Fix issue 110: fix "set console title" when working with unicode strings
* Fix issue 103: enable color when using "input" function on Python 3.5+
* Fix issue 95: enable color when stderr is a tty but stdout is not
The Asterisk Development Team would like to announce the release
of Asterisk 13.16.0.
The release of Asterisk 13.16.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following issues are resolved in this release:
Bugs fixed in this release:
-----------------------------------
* ASTERISK-26982 - chan_sip: rtcp_mux setting may cause ice
completion failure/delay if client offers rtcp-mux as
negotiable
(Reported by Stefan Engström)
* ASTERISK-26979 - res_rtp_asterisk: SRTP unprotect failed with
authentication failure 10 or 110
(Reported by Javier Riveros)
* ASTERISK-25665 - Duplicate logging in queue log for EXITEMPTY
events
(Reported by Ove Aursand)
* ASTERISK-26998 - res_pjsip_session: INVITE retransmissions
could still setup the same call again.
(Reported by Richard Mudgett)
* ASTERISK-26143 - res_rtp_asterisk: One way audio when
transcoding
(Reported by Henning Holtschneider)
* ASTERISK-26606 - tcptls: Incorrect OpenSSL function call
leads to misleading error report
(Reported by Bob Ham)
* ASTERISK-26983 - Crash in Manager Reload when TLS Config
Changes
(Reported by Joshua Elson)
* ASTERISK-25032 - [patch]cel_odbc sometimes inserts CEL with
wrong eventtime
(Reported by Etienne Lessard)
* ASTERISK-26173 - func_cdr: CDR function does not permit empty
values to be assigned
(Reported by gkloepfer)
* ASTERISK-25506 - [patch]CONFBRIDGE failure after an
app_confbrige.so module reload results in segfault or
error/warning messages.
(Reported by Frederic LE FOLL)
* ASTERISK-24529 - Using AMI Action Bridge to on an already
bridged channel causes the incorrect return priority to be used
(Reported by Corey Farrell)
* ASTERISK-26860 - Upon RTCP reception, netsock2.c:210
ast_sockaddr_split_hostport: Port missing in (null)
(Reported by Evers Lab)
* ASTERISK-26922 - chan_sip: tcpbind uses wrong source address
(Reported by Ksenia)
* ASTERISK-26974 - res_pjsip: Deadlock in T.38 framehook
(Reported by Richard Mudgett)
* ASTERISK-26908 - res_pjsip: The ChanIsAvail causes a
res_pjsip session to be leaked.
(Reported by Richard Mudgett)
* ASTERISK-25823 - SIGSEGV, Segmentation fault. -
../sysdeps/x86_64/strlen.S: No such file or directory.
(Reported by Andreas Krüger)
* ASTERISK-26951 - chan_sip: ACK with SDP does not update a
direct media bridge
(Reported by Jean Aunis - Prescom)
* ASTERISK-26930 - pjproject/Makefile.rules for pjsip 2.6 build
fails for non-SSE2 instrunction Linux
(Reported by abelbeck)
* ASTERISK-26926 - func_speex: Crash caused by frame with no
datalen
(Reported by Richard Kenner)
* ASTERISK-26929 - pjsip: Add database tables for RLS
(Reported by Joshua Colp)
* ASTERISK-26953 - Asterisk crash if hep.conf have some missing
parameters
(Reported by Joel Vandal)
* ASTERISK-26890 - STUN server with non-default-route transport
causes INVITE delay
(Reported by George Joseph)
* ASTERISK-26692 - res_rtp_asterisk: Crash in
dtls_srtp_handle_timeout at res_rtp_asterisk (using chan_sip)
(Reported by scgm11)
* ASTERISK-26835 - res_rtp_asterisk: Crash when freeing RTCP
address string
(Reported by Niklas Larsson)
* ASTERISK-26853 - res_rtp_asterisk: Crash in pjnath when
receiving packet
(Reported by Adagio)
* ASTERISK-26613 - format_wav: wav16 format read file only by
320 - half of frame
(Reported by Vitaly K)
* ASTERISK-26169 - format_ogg_vorbis: Memory leak using OGG in
MixMonitor
(Reported by Ivan Myalkin)
* ASTERISK-21856 - STUN never works when asterisk started
without internet access
(Reported by Jeremy Kister)
* ASTERISK-20984 - Audible clicks when playing sox encoded au
file with STREAM FILE AGI command
(Reported by Roman S.)
* ASTERISK-26851 - res_pjsip_sdp_rtp: RTP instance does not use
same IP as explicit transport
(Reported by Richard Begg)
* ASTERISK-26903 - Listening TCP/TLS sockets stop when
temporarily out of open files
(Reported by Walter Doekes)
* ASTERISK-26528 - [UBSAN] strings.h:signed integer overflow in
ast_str_case_hash
(Reported by Badalian Vyacheslav)
* ASTERISK-26928 - pjsip: Add database tables for PUBLISH
support
(Reported by Joshua Colp)
* ASTERISK-26927 - pjproject_bundled: Crash on
pj_ssl_get_info() while ioqueue_on_read_complete().
(Reported by Alexander Traud)
* ASTERISK-26905 - pjproject_bundled: Merge 3 upstream
deadlock patches into bundled
(Reported by Ross Beer)
* ASTERISK-26897 - chan_sip: Security vulnerability with client
code header
(Reported by Alex Villacís Lasso)
* ASTERISK-25974 - Unused realtime MOH classes not purged on
'moh reload'
(Reported by Sébastien Couture)
* ASTERISK-26916 - res_pjsip: Excessive refcount reached on
transport ao2 object
(Reported by Ross Beer)
* ASTERISK-21721 - SIP Failed to parse multiple Supported:
headers
(Reported by Olle Johansson)
* ASTERISK-26915 - chan_sip: Session Timers required but
refused wrongly.
(Reported by Alexander Traud)
* ASTERISK-26363 - res_pjsip: Bye sent to sip trunk is not
authenticated even after receiving a 407 error code
(Reported by Yaacov Akiba Slama)
* ASTERISK-26896 - Overflow of buffer to PQEscapeStringConn
with large app_args causes ABRT
(Reported by twisted)
* ASTERISK-26705 - libasteriskssl.so not found when asterisk is
installed for the 1st time
(Reported by George Joseph)
* ASTERISK-21009 - xmpp_pubsub_unsubscribe: Could not create IQ
when creating pubsub unsubscription on client
(Reported by
Marcello Ceschia)
* ASTERISK-25490 - [patch]SDP crypto tag is validated
incorrectly
(Reported by Joerg Sonnenberger)
* ASTERISK-24712 - xmpp: starttls problem causes connection
spew
(Reported by Matthias Urlichs)
* ASTERISK-26086 - res_musiconhold: format option is not
documented adequately
(Reported by Jens Bürger)
* ASTERISK-23996 - No core dumps because of res_musiconhold
chdir.
(Reported by Walter Doekes)
* ASTERISK-26814 - pjproject_bundled build fails to download
pjproject source when using cURL
(Reported by Gergely Dömsödi)
* ASTERISK-23510 - JABBER_STATUS fails with improper code 7 for
unavailable clients
(Reported by Anthony Critelli)
* ASTERISK-21855 - Asterisk crashes when XMPP message is sent
(JabberSend) and no internet connection is available
(Reported by Jeremy Kister)
* ASTERISK-25622 - WARNING for "JABBER: socket read error"
should be more specific
(Reported by Sean Darcy)
* ASTERISK-26818 - cdr: Problem setting variables in h exten
(Reported by scgm11)
* ASTERISK-26875 - app_mixmonitor: Recording out of sync when
183 but no RTP
(Reported by Aaron An)
Improvements made in this release:
-----------------------------------
* ASTERISK-26088 - Investigate heavy memory utilization by
res_pjsip_pubsub
(Reported by Richard Mudgett)
* ASTERISK-26427 - res_hep_rtcp: Asterisk Master will report
channel name with res_hep_rtcp when using chan_sip
(Reported by Nir Simionovich (GreenfieldTech - Israel))
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-13.16.0
Thank you for your continued support of Asterisk!
that the first two don't affect pkgsrc as we are using chan_sip
not PJSIP. The last only affects users of SCCP, which is Cisco's
proprietary protocol.
----- AST-2017-002
A remote crash can be triggered by sending a SIP packet to
Asterisk with a specially crafted CSeq header and a Via
header with no branch parameter. The issue is that the
PJSIP RFC 2543 transaction key generation algorithm does
not allocate a large enough buffer. By overrunning the
buffer, the memory allocation table becomes corrupted,
leading to an eventual crash.
This issue is in PJSIP, and so the issue can be fixed
without performing an upgrade of Asterisk at all. However,
we are releasing a new version of Asterisk with the bundled
PJProject updated to include the fix.
If you are running Asterisk with chan_sip, this issue does
not affect you.
----- AST-2017-003
The multi-part body parser in PJSIP contains a logical
error that can make certain multi-part body parts attempt
to read memory from outside the allowed boundaries. A
specially-crafted packet can trigger these invalid reads
and potentially induce a crash.
The issue is within the PJSIP project and not in Asterisk.
Therefore, the problem can be fixed without upgrading
Asterisk. However, we will be releasing a new version of
Asterisk where the bundled version of PJSIP has been
updated to have the bug patched.
If you are using Asterisk with chan_sip, this issue does
not affect you.
----- AST-2017-004
A remote memory exhaustion can be triggered by sending an
SCCP packet to Asterisk system with chan_skinny enabled
that is larger than the length of the SCCP header but
smaller than the packet length specified in the header. The
loop that reads the rest of the packet doesn't detect that
the call to read() returned end-of-file before the expected
number of bytes and continues infinitely. The partial
data message logging in that tight loop causes Asterisk to
exhaust all available memory.
minor enhancements. 13.14.1 was released to fix AST-2017-001.
----- 13.15.0
The Asterisk Development Team would like to announce the release of
Asterisk 13.15.0.
The release of Asterisk 13.15.0 resolves several issues reported by the
community and would have not been possible without your participation.
*Thank you!*
The following issues are resolved in this release:
*New Features made in this release:*
-----------------------------------
- [ASTERISK-26878 <https://issues.asterisk.org/jira/browse/ASTERISK-26878>]
- func_channel: Add ability to get the callid so dialplan has access to it.
(Reported by Richard Mudgett)
- [ASTERISK-26863 <https://issues.asterisk.org/jira/browse/ASTERISK-26863>]
- res_pjsip: Add endpoint identification scheme based on a configured SIP
header/value
(Reported by Matt Jordan)
- [ASTERISK-17428 <https://issues.asterisk.org/jira/browse/ASTERISK-17428>]
- [patch] Allow "Comedian Mail" branding to be removed
(Reported by John Covert)
*Bugs fixed in this release:*
-----------------------------------
- [ASTERISK-26851 <https://issues.asterisk.org/jira/browse/ASTERISK-26851>]
- res_pjsip_sdp_rtp: RTP instance does not use same IP as explicit transport
(Reported by Richard Begg)
- [ASTERISK-26897 <https://issues.asterisk.org/jira/browse/ASTERISK-26897>]
- chan_sip: Security vulnerability with client code header
(Reported by Alex Villacís Lasso)
- [ASTERISK-26916 <https://issues.asterisk.org/jira/browse/ASTERISK-26916>]
- res_pjsip: Excessive refcount reached on transport ao2 object
(Reported by Ross Beer)
- [ASTERISK-26705 <https://issues.asterisk.org/jira/browse/ASTERISK-26705>]
- libasteriskssl.so not found when asterisk is installed for the 1st time
(Reported by George Joseph)
- [ASTERISK-26850 <https://issues.asterisk.org/jira/browse/ASTERISK-26850>]
- res_hep_pjsip: Asterisk insert wrong protocol name in "Protocol ID" field
in HEP packets
(Reported by Max Norba)
- [ASTERISK-26484 <https://issues.asterisk.org/jira/browse/ASTERISK-26484>]
- res_pjsip_messaging: Crash when using invalid URI in MessageSend 'from'
argument.
(Reported by Vinod Dharashive)
- [ASTERISK-26776 <https://issues.asterisk.org/jira/browse/ASTERISK-26776>]
- res_pjsip_pubsub: Crash when generating xpidf content
(Reported by Andrew Green)
- [ASTERISK-26880 <https://issues.asterisk.org/jira/browse/ASTERISK-26880>]
- Asterisk crashes when multiple speex users join confbridge with pp_vad
and dtx enabled
(Reported by Kirsty Tyerman)
- [ASTERISK-26862 <https://issues.asterisk.org/jira/browse/ASTERISK-26862>]
- app_queue: Queue stops calling members with local interface after
forwarding in previous call
(Reported by Robert Mordec)
- [ASTERISK-26732 <https://issues.asterisk.org/jira/browse/ASTERISK-26732>]
- res_rtp_asterisk: Implement RTCP Multiplexing - breaking WebRTC in Chrome
(Reported by Dan Jenkins)
- [ASTERISK-26879 <https://issues.asterisk.org/jira/browse/ASTERISK-26879>]
- PJSIP external_media_address ignored if no local_net options are provided
(Reported by Matt Jordan)
- [ASTERISK-26867 <https://issues.asterisk.org/jira/browse/ASTERISK-26867>]
- autochan: Locking in a function ast_autochan_destroy() on destroyed
channel (after masquerade).
(Reported by Krzysztof Trempala)
- [ASTERISK-26869 <https://issues.asterisk.org/jira/browse/ASTERISK-26869>]
- res_pjsip_refer: blind call transfer w/o a user name doesn't go to the s
extension
(Reported by Torrey Searle)
- [ASTERISK-26668 <https://issues.asterisk.org/jira/browse/ASTERISK-26668>]
- core: Malformed pattern matching extension (various factors) results in
crash
(Reported by xrobau)
- [ASTERISK-26865 <https://issues.asterisk.org/jira/browse/ASTERISK-26865>]
- chan_iax2: Reload of iax peer results in loss of host address/port
(Reported by Richard Begg)
- [ASTERISK-26872 <https://issues.asterisk.org/jira/browse/ASTERISK-26872>]
- Bundled pjproject fails to build when tarball downloaded with curl due to
md5 verification failure in Docker containers (or when there is no terminal)
(Reported by Matt Jordan)
- [ASTERISK-26717 <https://issues.asterisk.org/jira/browse/ASTERISK-26717>]
- Document the fact that Asterisk HEP support only works with the PJSIP
channel driver
(Reported by Olivier Krief)
- [ASTERISK-26643 <https://issues.asterisk.org/jira/browse/ASTERISK-26643>]
- Extra new line in Device field of DeviceStateChange AMI Event after
restart of Asterisk
(Reported by Roman Bedros)
- [ASTERISK-25237 <https://issues.asterisk.org/jira/browse/ASTERISK-25237>]
- stasis_cache.c:845 caching_topic_exec: - misleading ERROR message
(Reported by Smirnov Aleksey)
- [ASTERISK-26857 <https://issues.asterisk.org/jira/browse/ASTERISK-26857>]
- chan_pjsip: Dialplan function race condition
(Reported by Joshua Colp)
- [ASTERISK-26841 <https://issues.asterisk.org/jira/browse/ASTERISK-26841>]
- chan_sip: Call not cancelled after receiving a 422 response
(Reported by Jean Aunis - Prescom)
- [ASTERISK-26822 <https://issues.asterisk.org/jira/browse/ASTERISK-26822>]
- pjsip/cli_commands: pjsip show channelstats shows wrong codec
(Reported by Kevin Harwell)
- [ASTERISK-26685 <https://issues.asterisk.org/jira/browse/ASTERISK-26685>]
- res_pjsip: Crash when using IPv6 and Transport ws,wss
(Reported by Michael Balen)
- [ASTERISK-24562 <https://issues.asterisk.org/jira/browse/ASTERISK-24562>]
- app_voicemail: Cannot set fromstring on a per-mailbox basis
(Reported by Mark Scholten)
- [ASTERISK-26598 <https://issues.asterisk.org/jira/browse/ASTERISK-26598>]
- Saynumber is trying to get "and" from "digits/" subfolder
(Reported by Jonathan Harris)
- [ASTERISK-17067 <https://issues.asterisk.org/jira/browse/ASTERISK-17067>]
- Long lines in call files cause spurious syntax error
(Reported by Dave Olszewski)
- [ASTERISK-26796 <https://issues.asterisk.org/jira/browse/ASTERISK-26796>]
- res_pjsip_transport_websocket: Via header is 'WS' when it should be 'WSS'
(Reported by Jørgen H)
- [ASTERISK-25628 <https://issues.asterisk.org/jira/browse/ASTERISK-25628>]
- res_config_pgsql: should match the behavior of other drivers so that
queue_log can disable adaptive logging
(Reported by Dmitry Wagin)
- [ASTERISK-26825 <https://issues.asterisk.org/jira/browse/ASTERISK-26825>]
- pjsip.conf.sample: user_agent: still refers to branch 12
(Reported by Tzafrir Cohen)
- [ASTERISK-26823 <https://issues.asterisk.org/jira/browse/ASTERISK-26823>]
- PJSIP: Persistent subscriptions can cause FRACKs if endpoint does not
exist
(Reported by Mark Michelson)
- [ASTERISK-26623 <https://issues.asterisk.org/jira/browse/ASTERISK-26623>]
- res_pjsip: Crash when calling PJSIPShowEndpoint
(Reported by Jørgen H)
- [ASTERISK-26808 <https://issues.asterisk.org/jira/browse/ASTERISK-26808>]
- res_pjsip_outbound_registration doesn't know about network change events
(Reported by George Joseph)
- [ASTERISK-26313 <https://issues.asterisk.org/jira/browse/ASTERISK-26313>]
- chan_sip : Asterisk restart seems to be required for changing encryption
option
(Reported by benasse)
- [ASTERISK-26781 <https://issues.asterisk.org/jira/browse/ASTERISK-26781>]
- bridge: Passing the 'p' (play tone) flag to Bridge() application results
in garbled audio
(Reported by Sean Bright)
- [ASTERISK-26782 <https://issues.asterisk.org/jira/browse/ASTERISK-26782>]
- res_pjsip: URI requirement for fields is not consistently documented and
error does not provide indication
(Reported by Peter Sokolov)
- [ASTERISK-26812 <https://issues.asterisk.org/jira/browse/ASTERISK-26812>]
- [patch] Fix download_externals To Allow The Use Of curl Or wget
(Reported by Michael L. Young)
- [ASTERISK-18271 <https://issues.asterisk.org/jira/browse/ASTERISK-18271>]
- Pattern matching with res_config_mysql extensions does not behave as
expected
(Reported by Charlie Smurthwaite)
- [ASTERISK-26669 <https://issues.asterisk.org/jira/browse/ASTERISK-26669>]
- PJSIP Segfault 13.13.1 (Bundled PJSIP)
(Reported by Nic Colledge)
- [ASTERISK-18731 <https://issues.asterisk.org/jira/browse/ASTERISK-18731>]
- [patch] DUNDi weight parameter not processed correctly
(Reported by Peter Racz)
- [ASTERISK-26580 <https://issues.asterisk.org/jira/browse/ASTERISK-26580>]
- [patch] Error during LDAP modify action when user unregisters
(Reported by Nicholas John Koch)
- [ASTERISK-26799 <https://issues.asterisk.org/jira/browse/ASTERISK-26799>]
- res_pjsip: Using an auth object for inbound and outbound authentication
fails.
(Reported by Richard Mudgett)
- [ASTERISK-26738 <https://issues.asterisk.org/jira/browse/ASTERISK-26738>]
- Frequent segfaults since activation of DNS SRV, in
pjsip_auth_clt_reinit_req at /pjsip/sip_auth_client.c, and
pj_atomic_inc_and_get at pj/os_core_unix.c
(Reported by Michael Maier)
- [ASTERISK-25893 <https://issues.asterisk.org/jira/browse/ASTERISK-25893>]
- Function vmauthenticate accesses uninitialized memory
(Reported by Filip Jenicek)
- [ASTERISK-26802 <https://issues.asterisk.org/jira/browse/ASTERISK-26802>]
- [patch] Integrity Check Of PJSIP Download Fails
(Reported by Michael L. Young)
- [ASTERISK-15858 <https://issues.asterisk.org/jira/browse/ASTERISK-15858>]
- [patch] Fix query with double backslash in string literals and stop log
warnings
(Reported by Humberto Figuera)
- [ASTERISK-26057 <https://issues.asterisk.org/jira/browse/ASTERISK-26057>]
- res_config_sqlite3 uses incorrect query - unnecessary escape
(Reported by Stepan)
- [ASTERISK-23457 <https://issues.asterisk.org/jira/browse/ASTERISK-23457>]
- SQlite3: Realtime queue loading fails after PRAGMA query result
(Reported by Scott Griepentrog)
- [ASTERISK-26794 <https://issues.asterisk.org/jira/browse/ASTERISK-26794>]
- http: Crash on Reload Only in ast_tcptls_server_start
(Reported by Joshua Elson)
- [ASTERISK-26714 <https://issues.asterisk.org/jira/browse/ASTERISK-26714>]
- Phone default have not ringing on ARM
(Reported by Igor Goncharovsky)
- [ASTERISK-26696 <https://issues.asterisk.org/jira/browse/ASTERISK-26696>]
- pjsip_pubsub: PJSIP Subscription Persistence in AstDB Does not update on
subscription refresh
(Reported by Zach R)
- [ASTERISK-26756 <https://issues.asterisk.org/jira/browse/ASTERISK-26756>]
- res_pjsip_mwi: Asterisk does not terminate MWI subscription
(Reported by Carl Fortin)
- [ASTERISK-26109 <https://issues.asterisk.org/jira/browse/ASTERISK-26109>]
- Asterisk fails building with OpenSSL 1.1.0
(Reported by Tzafrir Cohen)
- [ASTERISK-26723 <https://issues.asterisk.org/jira/browse/ASTERISK-26723>]
- VoiceMailPlayMsg not playing messages via realtime
(Reported by Ryan Rittgarn)
- [ASTERISK-18286 <https://issues.asterisk.org/jira/browse/ASTERISK-18286>]
- [patch] 'Silence' is truncated in Record()
(Reported by var)
- [ASTERISK-26248 <https://issues.asterisk.org/jira/browse/ASTERISK-26248>]
- chan_pjsip: Error when calling PJSIP client with domain specified
(Reported by Norbert Varga)
- [ASTERISK-26788 <https://issues.asterisk.org/jira/browse/ASTERISK-26788>]
- core: Protect flags during ast_waitfor
(Reported by Joshua Colp)
- [ASTERISK-26115 <https://issues.asterisk.org/jira/browse/ASTERISK-26115>]
- pbx: AMI Originate ignore "failed" extension on call failure
(Reported by Nasir Iqbal)
- [ASTERISK-26785 <https://issues.asterisk.org/jira/browse/ASTERISK-26785>]
- configs/samples: The 'identify' entry is in the wrong section in
sorcery.conf.sample
(Reported by Torrey Searle)
- [ASTERISK-26772 <https://issues.asterisk.org/jira/browse/ASTERISK-26772>]
- Crash in srv.c on startup with pjsip
(Reported by nappsoft)
- [ASTERISK-26770 <https://issues.asterisk.org/jira/browse/ASTERISK-26770>]
- res_stasis_device_state: Duplicate subscriptions when multiple received
at same time
(Reported by Joshua Colp)
*Improvements made in this release:*
-----------------------------------
- [ASTERISK-26864 <https://issues.asterisk.org/jira/browse/ASTERISK-26864>]
- res_pjsip_session: Add support for overlap dialling
(Reported by Richard Begg)
- [ASTERISK-26846 <https://issues.asterisk.org/jira/browse/ASTERISK-26846>]
- chan_sip: Add rtcp-mux support
(Reported by Sean Bright)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-13.15.0
*Thank you for your continued support of Asterisk!*
----- 13.14.0
The Asterisk Development Team has announced the release of Asterisk 13.14.0.
The release of Asterisk 13.14.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following are the issues resolved in this release:
New Features made in this release:
-----------------------------------
* ASTERISK-26630 - Make logging PJPROJECT messages a bit easier
(Reported by Richard Mudgett)
Bugs fixed in this release:
-----------------------------------
* ASTERISK-26772 - Crash in srv.c on startup with pjsip (Reported
by nappsoft)
* ASTERISK-26704 - res_odbc.conf contains deprecated
configuration: 'pooling', 'shared_connections', 'limit', and
'idlecheck' options were replaced by 'max_connections'.
(Reported by Anthony Messina)
* ASTERISK-21094 - MixMonitorMute mutes through stream if already
slinear (e.g. Originate) (Reported by David Woolley)
* ASTERISK-26716 - ari: Channels with pre-dial handlers cannot be
hung up via ARI (Reported by Tom Pawelek)
* ASTERISK-26632 - core: Possibility of a frame "imbalance"
leading to stuck channels. (Reported by Mark Michelson)
* ASTERISK-25951 - res_agi: run_agi eats frames it shouldn't
(Reported by George Joseph)
* ASTERISK-26343 - ASTERISK-25951 causes issues for callerid
manipulation through agi (Reported by Morten Tryfoss)
* ASTERISK-26679 - Crash on invalid contact domain (pjsip aor)
(Reported by Dmitriy)
* ASTERISK-26699 - res_pjsip: Assertion when sending OPTIONS
request to endpoint (Reported by Ross Beer)
* ASTERISK-24858 - [patch]Asterisk 13 PJSIP sends RTP packets in
wrong byte order on Intel platform when using slin codec
(Reported by Frankie Chin)
* ASTERISK-26754 - build_tools: make_build_h does not handle \ in
user name (Reported by Kirill Katsnelson)
* ASTERISK-26753 - AMI disconnect causes "ast_careful_fwrite:
fwrite() returned error: Broken pipe" (Reported by Kirill
Katsnelson)
* ASTERISK-26755 - app_queue: Random queues disappear on "core
reload queue all" (Reported by Kirill Katsnelson)
* ASTERISK-26735 - res_pjsip_endpoint_identifier_ip: "srv_lookups"
after match in .conf has no effect (Reported by Michael Maier)
* ASTERISK-26693 - res_pjsip_endpoint_identifier_ip: Add support
for SRV (Reported by Joshua Colp)
* ASTERISK-26743 - PJPROJECT: Detecting compiled max log level
does not work. (Reported by Richard Mudgett)
* ASTERISK-26740 - voicemail API test: uses varlibdir instead of
datadir for a sound file (Reported by Tzafrir Cohen)
* ASTERISK-26739 - voicemail API test: confuses expected and
actual values (Reported by Tzafrir Cohen)
* ASTERISK-26731 - res_sorcery_memory_cache: memory leak on every
sorcery memory cache populate (Reported by Ustinov Artem)
* ASTERISK-26710 - [patch] res_rtp_asterisk: CHANNEL arguments,
(rtcp,all_rtt),(rtcp,all_loss),(rtcp,all_jitter) always return 0
(Reported by Aaron An)
* ASTERISK-26672 - Crash when setting remote address on RTP
instance (Reported by Richard Mudgett)
* ASTERISK-26670 - [patch] Outgoing SIP-URI Dialing via PJSIP
(Reported by Alexander Traud)
* ASTERISK-26691 - Remember SDP negotiation on SIP_CODEC_INBOUND.
(Reported by Alexander Traud)
* ASTERISK-26673 - chan_pjsip: Crash when using CHANNEL dialplan
function around masquerade (Reported by Joshua Colp)
* ASTERISK-26684 - res_pjsip: Various issues with compact SIP
headers (Reported by Joshua Elson)
* ASTERISK-26655 - [patch]pjsip: Transfers Broken with Compact
Headers Enabled (Reported by JoshE)
* ASTERISK-26621 - app_queue: Queue application does not ring
members with Local interface (Reported by Jonas Kellens)
* ASTERISK-26586 - chan_sip: Segfaults upon reload if client with
MWI wasn't registered (Reported by Michael Kuron)
* ASTERISK-25494 - build: GCC 5.1.x catches some new const, array
bounds and missing paren issues (Reported by George Joseph)
* ASTERISK-24499 - Need more explicit debug when PJSIP dialstring
is invalid (Reported by Rusty Newton)
* ASTERISK-25083 - Message.c: Message channel becomes saturated
with frames leading to spammy log messages (Reported by Jonathan
Rose)
* ASTERISK-26653 - pjproject_bundled doesn't verify already
downloaded tarballs (Reported by George Joseph)
* ASTERISK-26433 - chan_sip: Allows To-tag checks to be bypassed,
setting up new calls (Reported by Walter Doekes)
* ASTERISK-26579 - codec_opus: Recursiveness when parsing fmtp
line (Reported by Jørgen H)
* ASTERISK-26644 - PJSIPShowRegistrationsInbound just dumps all
aors (Reported by George Joseph)
* ASTERISK-26490 - res_pjsip: sends 481 Call/Transaction Does Not
Exist when transaction branch parameter contains "_" (Reported
by Juris Breicis)
* ASTERISK-26617 - res_rtp_asterisk: Can't bind on systems without
IPv6 (Reported by Guido Falsi)
* ASTERISK-24330 - Requirement for 'wss' value in Contact header
transport parameter on inbound traffic violates RFC7118
(Reported by Marek Cervenka)
* ASTERISK-26546 - mips64el and x32 - undefined reference to
symbol 'dlopen@@GLIBC_2.2' (Reported by Tzafrir Cohen)
* ASTERISK-26566 - res_rtp_asterisk: RTT miscalculation in RTCP
(Reported by Hector Royo Concepcion)
* ASTERISK-26604 - chan_sip: sip reload doesn't apply changes to
tlscertfile, tlsciphers, etc. (Reported by Michael Kuron)
* ASTERISK-26603 - [patch] chan_pjsip: not switching sending codec
to receiving codec when asymmetric_rtp_codec=no (Reported by
Alexei Gradinari)
* ASTERISK-26523 - chan_sip: Asterisk 13.12.1 disconnects incoming
calls after 2 minutes - rtptimeout behaving badly - regression
(Reported by Michael Keuter)
* ASTERISK-26503 - app_voicemail: Asterisk crashes when
MailboxExists is used (Reported by Doug Lytle)
Improvements made in this release:
-----------------------------------
* ASTERISK-23828 - pjsip - Need a command to list active SIP
subscriptions (Reported by Rusty Newton)
* ASTERISK-26527 - Testsuite: increase timeout to check "core
fullybooted wait" up to 30 sec (Reported by Badalian Vyacheslav)
* ASTERISK-26624 - res_calendar_caldav: Add support for gmail
(Reported by Eduardo Scudeller Libardi)
* ASTERISK-26562 - app_controlplayback: Transmit Silence on
ControlPlayback pause (Reported by Mikheili Dautashvili)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-13.14.0
Thank you for your continued support of Asterisk!
-----
Changes:
20170328 - 1.38.2
[-] * Improved support for Huawei K3765, E150 and E372.
[-] * Fixed decoding of unicode surrogates at message boundary.
[+] * Environment variable PHONE_ID for external program.
[-] * SMS compatibility with devices following old version of GSM 03.38.
[-] * Unicode is now preferred when handling USSD.
[+] * Improved decoding of MMS indication SMS.
20170105 - 1.38.1
[-] * Fixed sending SMS to numbers starting with 000.
[-] * Fixed parsing of vcalendar files with VALUE=DATE-TIME.
[-] * Fixed compatibility with D-Link dwm-157.
[-] * Updated list of GSM countries and networks.
20161212 - 1.38.0
[-] * MySQL script for SMSD is compatible with strict mode.
[-] * Fixed USSD responses for some AT modems.
[-] * Fixed parsing network status for some modems (eg. Quectel UC15).
[-] * Fixed handling of emojis and other Unicode chars from supplementary plan.
[-] * Fixed compilation with C90 compiler.
New for version 2.7.1:
- CVE-2017-7467: Fix an out of bounds data access that
can lead to remote code execution. This issue was found
by Solar Designer of Openwall during a security audit of
the Virtuozzo 7 product, which contains derived downstream
code in its prl-vzvncserver component. The corresponding
Virtuozzo 7 fix is: 6d95404e75
Openwall would like to thank the Virtuozzo company for
funding the effort.
0.3.7
* Fix issue #84: check if stream has 'closed' attribute before testing it
* Fix issue #74: objects might become None at exit
0.3.6
* Fix issue #81: fix ValueError when a closed stream was used
0.3.5
* Bumping version to re-upload a wheel distribution
0.3.4
* Fix issue #47 and #80 - stream redirection now strips ANSI codes on Linux
* Fix issue #53 - strip readline markers
* Fix issue #32 - assign orig_stdout and orig_stderr when initialising
* Fix issue #57 - Fore.RESET did not reset style of LIGHT_EX colors.
Fixed by Andy Neff
* Fix issue #51 - add context manager syntax. Thanks to Matt Olsen.
* Fix issue #48 - colorama didn't work on Windows when environment
variable 'TERM' was set.
* Fix issue #54 - fix pylint errors in client code.
* Changes to readme and other improvements by Marc Abramowitz and Zearin
0.3.3
* Fix Google Code issue #13 - support changing the console title with OSC
escape sequence
* Fix Google Code issue #16 - Add support for Windows xterm emulators
* Fix Google Code issue #30 - implement \033[nK (clear line)
* Fix Google Code issue #49 - no need to adjust for scroll when new position
is already relative (CSI n A\B\C\D)
* Fix Google Code issue #55 - erase_data fails on Python 3.x
* Fix Google Code issue #46 - win32.COORD definition missing
* Implement \033[0J and \033[1J (clear screen options)
* Fix default ANSI parameters
* Fix position after \033[2J (clear screen)
* Add command shortcuts: colorama.Cursor, colorama.ansi.set_title,
colorama.ansi.clear_line, colorama.ansi.clear_screen
* Fix issue #22 - Importing fails for python3 on Windows
* Thanks to John Szakmeister for adding support for light colors
* Thanks to Charles Merriam for adding documentation to demos
The current only user of this buildlink file is asterisk-chan-dongle
(which is yet to be committed).
With further users, comms/asterisk may need to find a version specific
directory as newer versions are imported.
MASTER_SITES= site1 \
site2
style continuation lines to be simple repeated
MASTER_SITES+= site1
MASTER_SITES+= site2
lines. As previewed on tech-pkg. With thanks to rillig for fixing pkglint
accordingly.
