Changelog:
CVE-2018-5091: Use-after-free with DTMF timers
CVE-2018-5095: Integer overflow in Skia library during edge builder allocation
CVE-2018-5096: Use-after-free while editing form elements
CVE-2018-5097: Use-after-free when source document is manipulated during XSLT
CVE-2018-5098: Use-after-free while manipulating form input elements
CVE-2018-5099: Use-after-free with widget listener
CVE-2018-5102: Use-after-free in HTML media elements
CVE-2018-5103: Use-after-free during mouse event handling
CVE-2018-5104: Use-after-free during font face manipulation
CVE-2018-5117: URL spoofing with right-to-left text aligned left-to-right
CVE-2018-5089: Memory safety bugs fixed in Firefox 58 and Firefox ESR 52.6
Fix for Speculative execution side-channel attack ("Spectre")
Changelog:
The NSS team has released Network Security Services (NSS) 3.35,
which is a minor release.
Summary of the major changes included in this release:
- The default database storage format has been changed to SQL,
using filenames cert9.db, key4.db, pkcs11.txt.
- TLS 1.3 support has been updated to draft -23, along with
additional significant changes.
- Support for TLS compression was removed.
- Added formally verified implementations of non-vectorized Chacha20
and non-vectorized Poly1305 64-bit.
- When creating encrypted PKCS#7 or PKCS#12 data, NSS uses a
higher iteration count for stronger security.
- The CA trust list was updated to version 2.22.
Changelog:
NSPR 4.18 contains the following changes:
- removed HP-UX DCE threads support
- improvements for the Windows implementation of PR_SetCurrentThreadName
- fixes for the Windows implementation of TCP Fast Open
0.8:
* **BACKWARD INCOMPATIBLE** binary_prefix option is added and off
by default because of compatibility with mysqlclient.
When you need PyMySQL 0.7 behavior, you have to pass binary_prefix=True.
* **BACKWARD INCOMPATIBLE** MULTI_STATEMENTS client flag is no longer
set by default, while it was on PyMySQL 0.7. You need to pass
client_flag=CLIENT.MULTI_STATEMENTS when you connect to explicitly
enable multi-statement mode.
* Fixed AuthSwitch packet handling.
* Raise OperationalError for MariaDB's constraint error.
* executemany() accepts query without space between VALUES and (.
* Support config file containing option without value.
* Fixed Connection.ping() returned unintended value.
Contao 4.5.3 is available 2018/1/23 16:06 by Leo Feyer
Contao version 4.5.3 is available. The bugfix release fixes several minor
issues including a problem with accessing the PHP session.
Contao 4.4.13 is available 2018/1/23 10:59 by Leo Feyer
Contao version 4.4.13 is available. The bugfix release fixes issues with PHP
7.2 as well as with MariaDB 10.2.4+ and MySQL 8.
Release 3.22.0:
The output of sqlite3_trace_v2() now shows each individual SQL statement run within a trigger.
Add the ability to read from WAL mode databases even if the application lacks write permission on the database and its containing directory, as long as the -shm and -wal files exist in that directory.
Added the rtreecheck() scalar SQL function to the R-Tree extension.
Added the sqlite3_vtab_nochange() and sqlite3_value_nochange() interfaces to help virtual table implementations optimize UPDATE operations.
Added the sqlite3_vtab_collation() interface.
Added support for the "^" initial token syntax in FTS5.
New extensions:
The Zipfile virtual table can read and write a ZIP Archive.
Added the fsdir(PATH) table-valued function to the fileio.c extension, for listing the files in a directory.
The sqlite_btreeinfo eponymous virtual table for introspecting and estimating the sizes of the btrees in a database.
The Append VFS is a VFS shim that allows an SQLite database to be appended to some other file. This allows (for example) a database to be appended to an executable that then opens and reads the database.
Query planner enhancements:
The optimization that uses an index to quickly compute an aggregate min() or max() is extended to work with indexes on expressions.
The decision of whether to implement a FROM-clause subquery as a co-routine or using query flattening now considers whether the result set of the outer query is "complex" (if it contains functions or expression subqueries). A complex result set biases the decision toward the use of co-routines.
The planner avoids query plans that use indexes with unknown collating functions.
The planner omits unused LEFT JOINs even if they are not the right-most joins of a query.
Other performance optimizations:
A smaller and faster implementation of text to floating-point conversion subroutine: sqlite3AtoF().
The Lemon parser generator creates a faster parser.
Use the strcspn() C-library routine to speed up the LIKE and GLOB operators.
Improvements to the command-line shell:
The ".schema" command shows the structure of virtual tables.
Added support for reading and writing SQL Archive files using the .archive command.
Added the experimental .expert command
Added the ".eqp trigger" variant of the ".eqp" command
Enhance the ".lint fkey-indexes" command so that it works with WITHOUT ROWID tables.
If the filename argument to the shell is a ZIP archive rather than an SQLite database, then the shell automatically opens that ZIP archive using the Zipfile virtual table.
Added the edit() SQL function.
Added the .excel command to simplify exporting database content to a spreadsheet.
Databases are opened using Append VFS when the --append flag is used on the command line or with the .open command.
Enhance the SQLITE_ENABLE_UPDATE_DELETE_LIMIT compile-time option so that it works for WITHOUT ROWID tables.
Provide the sqlite_offset(X) SQL function that returns the byte offset into the database file to the beginning of the record holding value X, when compiling with -DSQLITE_ENABLE_OFFSET_SQL_FUNC.
Bug fixes
2.4.1:
- tested against pyasn1 from version 0.1.8 up to version 0.4.2, Python 2.6.6, Python 2.7.14, Python 3.6.4
- auto_encode parameter is honored when binding
- fixed organizationalName definition in oid
- automatic byte to int conversion working again
- mock connection searchs correctly escape filters
- fixed bind with not unicode characters in Python 2
- extended filter attributes should work again with pyasn1 0.4.1
- fixed error when reading incomplete server info
- NOT keyword properly handled in dit_content_rules
- operational attributes are prorerly returned in Cursor whit get_operational_attributes = True
- start_tls() is properly executed with AD when raise_exceptions=True
- reopening a Connection honours auto_bind setting
- an attribute returned with no value from a flaky server doesn't raise exception anymore
- pwdLastSet in AD is valid only for -1
- fixed docs for ldifProducer
- fixed monkeypatching of pyasn1 for Boolean Value in BER encoding
- check_names was not honoured while validating attribute values
- locks refactored in Connection and in Async strategy
- socket properly closed when checking availability of an invalid server
Yarn is a package manager for your code. It allows you to use and share
code with other developers from around the world. Yarn does this quickly,
securely, and reliably so you don't ever have to worry.
Yarn allows you to use other developers' solutions to different problems,
making it easier for you to develop your software. If you have problems,
you can report issues or contribute back, and when the problem is fixed,
you can use Yarn to keep it all up to date.
Code is shared through something called a package (sometimes referred to
as a module). A package contains all the code being shared as well as a
package.json file which describes the package.
1.4.0:
Changed:
format(), diff_for_humans(), in_words() and to_xxx_string() methods now return unicode strings for Python 2.7.
Improved performance of now() and utcnow().
Fixed
Fixed from_format() raising an error with the alternative formatter.
What's New in Pylint 1.8.2?
* Fixed a crash which occurred when Uninferable wasn't properly handled in stop-iteration-return
* Use the proper node to get the name for redefined functions
* Don't crash when encountering bare raises while checking inconsistent returns
* Fix a false positive inconsistent-return-statements message when if
statement is inside try/except.
* Fix a false positive inconsistent-return-statements message when
while loop are used.
* Fix unused-argument false positives with overshadowed variable in
dictionary comprehension.
* Fix false positive inconsistent-return-statements message when never
returning functions are used (i.e sys.exit for example).
* Fix error when checking if function is exception, as in bad-exception-context.
This release includes the following changes:
o new libssh-powered SSH SCP/SFTP back-end
o curl-config: add --ssl-backends [10]
This release includes the following bugfixes:
o http2: fix incorrect trailer buffer size [40]
o http: prevent custom Authorization headers in redirects [55]
o travis: add boringssl build [1]
o examples/xmlstream.c: don't switch off CURL_GLOBAL_SSL [2]
o SSL: Avoid magic allocation of SSL backend specific data [3]
o lib: don't export all symbols, just everything curl_* [4]
o libssh2: send the correct CURLE error code on scp file not found
o libssh2: return CURLE_UPLOAD_FAILED on failure to upload
o openssl: enable pkcs12 in boringssl builds [5]
o libssh2: remove dead code from SSH_SFTP_QUOTE [6]
o sasl_getmesssage: make sure we have a long enough string to pass [7]
o conncache: fix several lock issues [8]
o threaded-shared-conn.c: new example
o conncache: only allow multiplexing within same multi handle [9]
o configure: check for netinet/in6.h [11]
o URL: tolerate backslash after drive letter for FILE: [12]
o openldap: add commented out debug possibilities [13]
o include: get netinet/in.h before linux/tcp.h [14]
o CONNECT: keep close connection flag in http_connect_state struct [15]
o BINDINGS: another PostgreSQL client
o curl: limit -# update frequency for unknown total size [16]
o configure: add AX_CODE_COVERAGE only if using gcc [17]
o curl.h: remove incorrect comment about ERRORBUFFER
o openssl: improve data-pending check for https proxy [18]
o curl: remove __EMX__ #ifdefs [19]
o CURLOPT_PRIVATE.3: fix grammar [20]
o sftp: allow quoted commands to use relative paths [21]
o CURLOPT_DNS_CACHE_TIMEOUT.3: see also CURLOPT_RESOLVE
o RESOLVE: output verbose text when trying to set a duplicate name
o openssl: Disable file buffering for Win32 SSLKEYLOGFILE [22]
o multi_done: prune DNS cache [23]
o tests: update .gitignore for libtests
o tests: mark data files as non-executable in git
o CURLOPT_DNS_LOCAL_IP4.3: fixed the "SEE ALSO" to not self-reference
o curl.1: documented two missing valid exit codes
o curl.1: mention http:// and https:// as valid proxy prefixes
o vtls: replaced getenv() with curl_getenv() [24]
o setopt: less *or equal* than INT_MAX/1000 should be fine [25]
o examples/smtp-mail.c: use separate defines for options and mail
o curl: support >256 bytes warning messsages [26]
o conncache: fix a return code
o krb5: fix a potential access of uninitialized memory
o rand: add a clang-analyzer work-around
o CURLOPT_READFUNCTION.3: refer to argument with correct name [27]
o brotli: allow compiling with version 0.6.0
o content_encoding: rework zlib_inflate [28]
o curl_easy_reset: release mime-related data [29]
o examples/rtsp: fix error handling macros [30]
o build-openssl.bat: Added support for VC15
o build-wolfssl.bat: Added support for VC15
o build: Added Visual Studio 2017 project files
o winbuild: Added support for VC15
o curl: Support size modifiers for --max-filesize [32]
o examples/cacertinmem: ignore cert-already-exists error [33]
o brotli: data at the end of content can be lost [34]
o curl_version_info.3: call the argument 'age' [35]
o openssl: fix memory leak of SSLKEYLOGFILE filename
o build: remove HAVE_LIMITS_H check [36]
o --mail-rcpt: fix short-text description
o scripts: allow all perl scripts to be run directly [37]
o progress: calculate transfer speed on milliseconds if possible [38]
o system.h: check __LONG_MAX__ for defining curl_off_t [31]
o easy: fix connection ownership in curl_easy_pause [39]
o setopt: reintroduce non-static Curl_vsetopt() for OS400 support [41]
o setopt: fix SSLVERSION to allow CURL_SSLVERSION_MAX_ values [42]
o configure.ac: append extra linker flags instead of prepending them [43]
o HTTP: bail out on negative Content-Length: values [44]
o docs: comment about CURLE_READ_ERROR returned by curl_mime_filedata
o mime: clone mime tree upon easy handle duplication [45]
o openssl: enable SSLKEYLOGFILE support by default [46]
o smtp/pop3/imap_get_message: decrease the data length too... [47]
o CURLOPT_TCP_NODELAY.3: fix typo [48]
o SMB: fix numeric constant suffix and variable types [49]
o ftp-wildcard: fix matching an empty string with "*[^a]" [50]
o curl_fnmatch: only allow 5 '*' sections in a single pattern
o openssl: fix potential memory leak in SSLKEYLOGFILE logic
o SSH: Fix state machine for ssh-agent authentication [51]
o examples/url2file.c: add missing curl_global_cleanup() call [52]
o http2: don't close connection when single transfer is stopped [53]
o libcurl-env.3: first version
o curl: progress bar refresh, get width using ioctl() [54]
o CONNECT_TO: fail attempt to set an IPv6 numerical without IPv6 support [56]
it fixes AST-2017-005, AST-2017-006, AST-2017-006, AST-2017-008,
AST-2017-009, AST-2017-010, AST-2017-011, AST-2017-012, AST-2017-013,
and AST-2017-014. Note that several of these are related to PJSIP
which pkgsrc doesn't use.
----- 14.7.5 -----
The Asterisk Development Team would like to announce security
releases for Asterisk 13, 14 and 15, and Certified Asterisk 13.18.
The available releases are released as versions 13.18.5, 14.7.5,
15.1.5 and 13.18-cert2.
The following security vulnerabilities were resolved in these versions:
* AST-2017-014: Crash in PJSIP resource when missing a contact header
A select set of SIP messages create a dialog in Asterisk. Those SIP messages
must contain a contact header. For those messages, if the header was not
present and using the PJSIP channel driver, it would cause Asterisk to crash.
The severity of this vulnerability is somewhat mitigated if authentication is
enabled. If authentication is enabled a user would have to first be authorized
before reaching the crash point.
For a full list of changes in the current releases, please see the ChangeLogs:
https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-14.7.5
The security advisory is available at:
https://downloads.asterisk.org/pub/security/AST-2017-014.pdf
Thank you for your continued support of Asterisk!
----- 14.7.4 -----
The Asterisk Development Team has announced security releases for
Certified Asterisk 13.13 and Asterisk 13, 14 and 15. The available
security releases are released as versions 13.13-cert9, 13.18.4,
14.7.4 and 15.1.4.
The release of these versions resolves the following security
vulnerabilities:
* AST-2017-012: Remote Crash Vulnerability in RTCP Stack
If a compound RTCP packet is received containing more than
one report (for example a Receiver Report and a Sender
Report) the RTCP stack will incorrectly store report
information outside of allocated memory potentially causing
a crash.
For a full list of changes in the current releases, please see the
ChangeLogs:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-14.7.4
The security advisories are available at:
http://downloads.asterisk.org/pub/security/AST-2017-012.htmlhttp://downloads.asterisk.org/pub/security/AST-2017-012.pdf
Thank you for your continued support of Asterisk!
----- 14.7.3 -----
The Asterisk Development Team has announced security releases for
Certified Asterisk 13.13 and Asterisk 13, 14 and 15. The available
security releases are released as versions 13.13-cert8, 13.18.3,
14.7.3 and 15.1.3.
The release of these versions resolves the following security
vulnerabilities:
* AST-2017-013: DOS Vulnerability in Asterisk chan_skinny
If the chan_skinny (AKA SCCP protocol) channel driver is
flooded with certain requests it can cause the asterisk
process to use excessive amounts of virtual memory
eventually causing asterisk to stop processing requests of
any kind.
For a full list of changes in the current releases, please see the
ChangeLogs:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog=14.7.3
The security advisories are available at:
http://downloads.asterisk.org/pub/security/AST-2017-013.pdf
Thank you for your continued support of Asterisk!
----- 14.7.2 -----
The Asterisk Development Team would like to announce the release
of Asterisk 14.7.2.
The release of Asterisk 14.7.2 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following issues are resolved in this release:
Bugs fixed in this release:
-----------------------------------
* ASTERISK-27387 - Regression: pjsip 13.18.0 - from_user - "+"
character isn't allowed any more
(Reported by Michael Maier)
* ASTERISK-27391 - Regression: Deadlock between AOR named lock
and pjproject grp lock
(Reported by shaurya jain)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-14.7.2
Thank you for your continued support of Asterisk!
----- 14.7.0 -----
The Asterisk Development Team would like to announce the release
of Asterisk 14.7.0.
The release of Asterisk 14.7.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following issues are resolved in this release:
Improvements made in this release:
-----------------------------------
* ASTERISK-27278 - [patch] chan_sip: Provide access to read the
full SIP Request-URI from INVITE
(Reported by David J. Pryke)
* ASTERISK-27255 - alembic: Add support for Microsoft SQL
server
(Reported by Florian Floimair)
* ASTERISK-27253 - [patch] libsrtp-2.1.x support
(Reported by Alexander Traud)
* ASTERISK-27220 - Enable CHANNEL function to get from and to
tag from SIP Headers
(Reported by Andre Nazario)
* ASTERISK-27169 - Google OAuth 2.0 support for XMPP / Motif
(Reported by Andrey)
* ASTERISK-27173 - Support for GMIME 3.0
(Reported by Tzafrir Cohen)
* ASTERISK-27092 - [patch] app_queue: Add Priority to AMI
QueueStatus
(Reported by Niklas Larsson)
* ASTERISK-27085 - [patch] chan_pjsip: Port SIPDtmfMode to
chan_pjsip
(Reported by Torrey Searle)
Bugs fixed in this release:
-----------------------------------
* ASTERISK-27346 - res_xmpp: Crash if OAuth 2.0 is used before
curl is loaded
(Reported by Ronald Raikes)
* ASTERISK-27372 - ARI: Node ARI client broken in latest
versions of 13 and 14
(Reported by Benjamin Keith Ford)
* ASTERISK-27047 - res_pjsip: user=phone added to Anonymous
caller-id when it shouldn't be.
(Reported by dtryba)
* ASTERISK-27270 - cdr_mysql: various crashes at second module
reload if cdr_mysql.conf is configured
(Reported by Tzafrir Cohen)
* ASTERISK-25266 - Application Originate returns SUCCESS to
ORIGINATE_STATUS upon failure to originate
(Reported by Allen Ford)
* ASTERISK-27192 - res_pjsip: Loss of SIP registrations causing
unavailable endpoints
(Reported by Richard Mudgett)
* ASTERISK-27305 - res_ari: Memory leaks in ARI when using
Content-Type: application/json
(Reported by David Hajek)
* ASTERISK-26922 - chan_sip: tcpbind uses wrong source address
(Reported by Ksenia)
* ASTERISK-27324 - [patch] Dual-Stack server cannot be used as
IPv4 client via TCP/TLS
(Reported by Alexander Traud)
* ASTERISK-27317 - vector: multiple evaluation of elem in
AST_VECTOR_ADD_SORTED.
(Reported by Corey Farrell)
* ASTERISK-27318 - res_pjsip_mwi: uninitialized value from
ast_strings_match
(Reported by Corey Farrell)
* ASTERISK-27284 - Status of RFC 3323 and PJSIP
(Reported by dtryba)
* ASTERISK-27296 - [patch] False positive busy checks when
icalendar's recurrence-id mechanism is involved
(Reported by Benoît Dereck-Tricot)
* ASTERISK-27216 - app_queue: does its
check-makeannouncement-logic twice each head-caller-loop
(Reported by Stefan Engström)
* ASTERISK-27298 - Problem with expires on pjsip /
outbound-publish
(Reported by Cyrille Demaret)
* ASTERISK-27295 - Contact is improperly translated after
d178f497
(Reported by Sean Bright)
* ASTERISK-27292 - Multiple RTP Stream Created Breaking RFC2833
(SSRC Changes)
(Reported by Ross Beer)
* ASTERISK-27289 - A codeblock that maintains a bug,but maybe
the codeblock will never run
(Reported by Huangyx)
* ASTERISK-27283 - Realtime config fail with PostgreSQL version
before 9.1
(Reported by Rodrigo Ramirez Norambuena)
* ASTERISK-27257 - bridge_native_rtp: half-way direct media
when using early bridging
(Reported by Jean Aunis - Prescom)
* ASTERISK-27279 - Crash in pubsub_on_rx_request NULL pointer -
Possible PJSIP Vulnerability
(Reported by Ross Beer)
* ASTERISK-26606 - tcptls: Incorrect OpenSSL function call
leads to misleading error report
(Reported by Bob Ham)
* ASTERISK-16898 - SRTP unprotect: authentication failure when
RTP sequence number switches from 65535 -> 0
(Reported by Marcello Ceschia)
* ASTERISK-27274 - RTCP needs better packet validation to
resist port scans.
(Reported by Richard Mudgett)
* ASTERISK-27252 - RTP: One way audio with direct media and
strictrtp=yes.
(Reported by Richard Mudgett)
* ASTERISK-25524 - module reload res_calendar.so does not
reload everything in calendar.conf
(Reported by Jesper)
* ASTERISK-24588 - res_calendar does not process CalDAV from
Owncloud [fix included]
(Reported by Stefan Gofferje)
* ASTERISK-25523 - res_calendar: Warning about invalid channel
value (for notification) occurs even when event has no
notification configured.
(Reported by Jesper)
* ASTERISK-21399 - RTP Multicast of L16 (type 10): Asterisk and
wireshark disagree
(Reported by Tzafrir Cohen)
* ASTERISK-27248 - [patch]external_media_address and
external_signaling_address don't always honor localnet
(Reported by Walter Doekes)
* ASTERISK-27217 - chan_sip: Asterisk crashing when
subscription doesn't get set
(Reported by Bryan Walters)
* ASTERISK-24066 - res_smdi: convert to astobj2
(Reported by Corey Farrell)
* ASTERISK-17540 - SDP origin attribute modified when issuing
re-INVITE because of directmedia=yes
(Reported by saghul)
* ASTERISK-27254 - alembic: prune_on_boot fix erroneous
(Reported by Florian Floimair)
* ASTERISK-27232 - When in queue on g722 with interruptions,
music on hold can get stuck and no longer play
(Reported by Jens T.)
* ASTERISK-27024 - nat/external_media settings ignored in 14.4.1
(Reported by Christopher van de Sande)
* ASTERISK-26879 - PJSIP external_media_address ignored if no
local_net options are provided
(Reported by Matt Jordan)
* ASTERISK-27165 - CDR: CDR(start,u) function won't work in
cdr_custom config
(Reported by Jacek Konieczny)
* ASTERISK-27236 - Segfault ast_channel_name (chan=0x0) at
channel_internal_api.c:478 during T.38 Fax Receive
(Reported by Ross Beer)
* ASTERISK-27225 - Crash when freeing dtls_cfg->cafile
(Reported by Richard Kenner)
* ASTERISK-27177 - ooh323c: misleading indentation in
addons/ooh323c/src/ooSocket.c
(Reported by Tzafrir Cohen)
* ASTERISK-27241 - libc segfault upon entry into app_directory
(Reported by David Moore)
* ASTERISK-27152 - Sending a "tel" uri in a From or To header
in an unauthenticated message causes asterisk to crash
(Reported by Ross Beer)
* ASTERISK-27103 - core: ast_safe_system command injection
possible.
(Reported by Corey Farrell)
* ASTERISK-27013 - res_rtp_asterisk: Media can be hijacked even
with strict RTP enabled
(Reported by Joshua Colp)
* ASTERISK-26994 - Confbridge: CBAnn channels intermittently
become stuck when caller hangs up before recording name
(Reported by James Terhune)
* ASTERISK-20858 - app_minivm fails to clean up mkstemp files
(Reported by Walter Doekes)
* ASTERISK-16777 - several filename bugs in Record()
application
(Reported by klaus3000)
* ASTERISK-27209 - Incorrect SDP in 200 OK when PJSIP_DTMF_MODE
is used
(Reported by Torrey Searle)
* ASTERISK-27168 - alembic: PJSIP scripts are missing column
dtls_fingerprint in ps_endpoints table
(Reported by Florian Floimair)
* ASTERISK-19103 - When using realtime queues, function
QUEUE_MEMBER_LIST() will return an error if no other
app/function has loaded the queues first. This problem does not
exist if queues.conf is used.
(Reported by Jim Van Meggelen)
* ASTERISK-21241 - When using voicemail as announce only
(maxmsg=0), the star dtmf to enter the voicemail is not honored
(Reported by Eelco Brolman)
* ASTERISK-27204 - [patch] app_queue: Wrong queue stat
calculation
(Reported by sungtae kim)
* ASTERISK-27207 - XMPP OAuth not working due to inverted
logic
(Reported by Michael Kuron)
* ASTERISK-27174 - res_calendar_icalendar: Recurring events not
being loaded from Google calendar using ical
(Reported by Mark Thompson)
* ASTERISK-27202 - If wget is not installed and "or" is not
available, external components (excluding pjsip) are not
installed
(Reported by Seán C. McCord)
* ASTERISK-27147 - Either asterisk or pjproject isn't re-using
tcp connections (again)
(Reported by George Joseph)
* ASTERISK-27193 - IPv6 receive address in message doesn't
include brackets
(Reported by Scott Griepentrog)
* ASTERISK-26745 - Asymmetric codecs when
asymmetric_rtp_codec=no
(Reported by Jesse Ross)
* ASTERISK-27158 - [patch] res_rtp_asterisk: RTCP statistics
are not available when native bridge is used
(Reported by Torrey Searle)
* ASTERISK-27110 - RTP session is not fully destroyed on
channel hangup
(Reported by Matt Jordan)
* ASTERISK-27171 - Asterisk 15.0.0-Beta1 does not compile
(Reported by Ira Emus)
* ASTERISK-26659 - res_pjsip: PJSIP presence - missing braces
around the status element in XML
(Reported by Abraham Liebsch)
* ASTERISK-27156 - Asterisk won't compile on Fedora 26 with
devmode enabled.
(Reported by Corey Farrell)
* ASTERISK-27130 - Applications ARI: Unsubscribe action for
deviceStates does not remove old subscriptions properly
(Reported by Sergej Kasumovic)
* ASTERISK-25810 - say.c calls for sounds in the subdir
"digits" that don't exist (in Core). SayUnixTime or other Say...
apps will fail out when they call these sounds.
(Reported by Nicolas Riendeau)
* ASTERISK-27142 - sounds: Conflict between files in
asterisk-sounds-core-1.6 and asterisk-sounds-extra-1.5
(Reported by Corey Farrell)
* ASTERISK-27133 - res_rtp_asterisk: RTCP does not use ICE when
RTCP-MUX in use
(Reported by Joshua Colp)
* ASTERISK-27123 - confbridge: Name recordings are left on
filesystem
(Reported by Sergej Kasumovic)
* ASTERISK-27122 - chan_iax2: On reload MWI taskprocessors keep
adding up
(Reported by Sergej Kasumovic)
* ASTERISK-26807 - sounds: New 3-D Binaural audio features
require new sound prompts
(Reported by Rusty Newton)
* ASTERISK-25816 - French conf-adminmenu, conf-usermenu prompts
differ in content from the English files
(Reported by Benoit Duverger)
* ASTERISK-26274 - Resolve open sounds issues and then create a
new sounds release (1.5.1? or 1.6?)
(Reported by Rusty Newton)
* ASTERISK-27128 - [patch]res_stasis_snoop: When recording a
snoop channel (using ARI) where no media is being received, no
recording happens when theres no media
(Reported by Dan Jenkins)
* ASTERISK-27124 - app_playback.c:say_date_generic use
timezonename parameter
(Reported by Holger Hans Peter Freyther)
* ASTERISK-27127 - configs: Erroneous load directive in sample
configuration results in "Error loading module
'res_pjsip_multihomed.so'"
(Reported by HZMI8gkCvPpom0tM)
* ASTERISK-27105 - [patch]core: when setting 'maxfiles' in
asterisk.conf, a message is printed, even in rasterisk -x
(Reported by Tzafrir Cohen)
* ASTERISK-27036 - res_pjsip: Asterisk crashes when an
extension tries to use PJSIP trunk with from_user containing '@'
(Reported by Maxim Vasilev)
* ASTERISK-27023 - res_rtp_asterisk: Deadlock when TURN session
in use
(Reported by Jatin Jain)
* ASTERISK-27093 - ODBC deadlocks when app_directory tries to
play back non-existent voicemail greeting
(Reported by James Terhune)
New Features made in this release:
-----------------------------------
* ASTERISK-27215 - [patch]AMI : Add CancelAtxfer Action
(Reported by Thomas Sevestre)
* ASTERISK-27117 - core: Add support for timelen parsing to
ast_parse_arg and ACO.
(Reported by Corey Farrell)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-14.7.0
Thank you for your continued support of Asterisk!
----- 14.6.0 -----
The Asterisk Development Team would like to announce the release
of Asterisk 14.6.0.
The release of Asterisk 14.6.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following issues are resolved in this release:
Bugs fixed in this release:
-----------------------------------
* ASTERISK-27108 - Crash using 'data get' CLI command
(Reported by Sean Bright)
* ASTERISK-27106 - [patch] autodomain (SIP Domain Support): Add
only really different domain with TLS.
(Reported by Alexander Traud)
* ASTERISK-27100 - channel: ast_waitfordigit_full fails to
clear flag in an error branch.
(Reported by Corey Farrell)
* ASTERISK-27090 - PJSIP: Deadlock using TCP transport
(Reported by Richard Mudgett)
* ASTERISK-25665 - Duplicate logging in queue log for EXITEMPTY events
(Reported by Ove Aursand)
* ASTERISK-27065 - call hangup after leaving app_queue
(Reported by Marek Cervenka)
* ASTERISK-26978 - rtp: Crash in ast_rtp_codecs_payload_code()
(Reported by Ross Beer)
* ASTERISK-24052 - app_voicemail reloads result in leaked IMAP sockets.
(Reported by Louis Jocelyn Paquet)
* ASTERISK-27074 - core_local: local channel data not being
properly unref'ed and unlocked
(Reported by Kevin Harwell)
* ASTERISK-27075 - bridge: stuck channel(s) after failed
attended transfer
(Reported by Kevin Harwell)
* ASTERISK-27060 - Comment typo format_g729.c
(Reported by Matthew Fredrickson)
* ASTERISK-27041 - Core/PBX: [patch] Deadlock between dialplan
execution and application unregistration
(Reported by Frederic LE FOLL)
* ASTERISK-27026 - res_ari: Crash when no ari.conf
configuration file exists
(Reported by Ronald Raikes)
* ASTERISK-27057 - Seg Fault in ast_sorcery_object_get_id at
sorcery.c
(Reported by Ryan Smith)
* ASTERISK-27024 - nat/external_media settings ignored in
14.4.1
(Reported by Christopher van de Sande)
* ASTERISK-27046 - res_pjsip_transport_websocket: segfault in
get_write_timeout
(Reported by Jørgen H)
* ASTERISK-27022 - res_rtp_asterisk: Incorrect SSRC change for
RTCP component
(Reported by Michael Walton)
* ASTERISK-26923 - bridging: T.38 request is lost when channels
are added to bridge
(Reported by Torrey Searle)
* ASTERISK-27053 - res_pjsip_refer/session: Calls dropped
during transfer
(Reported by Kevin Harwell)
* ASTERISK-27052 - Asterisk build process fails with flag
--with-pjproject-bundled with curl download command and slow
network
(Reported by alex)
* ASTERISK-27039 - chan_pjsip: Device state is idle when
channel from endpoint is in early media
(Reported by Joshua Colp)
* ASTERISK-26996 - chan_pjsip: Flipping between codecs
(Reported by Michael Maier)
* ASTERISK-26281 - chan_pjsip would send INVITE to
'Unreachable' endpoints
(Reported by Jacek Konieczny)
* ASTERISK-26973 - bridge: Crash when freeing frame and
snooping
(Reported by Michel R. Vaillancourt)
* ASTERISK-19291 - Background in realtime
(Reported by Andrew Nowrot)
* ASTERISK-27025 - channel / meetme: Fix missing parentheses
(Reported by Joshua Colp)
* ASTERISK-27021 - GET /recordings/stored returns 500 Internal
Server Error
(Reported by Tim Morgan)
* ASTERISK-24858 - [patch]Asterisk 13 PJSIP sends RTP packets
in wrong byte order on Intel platform when using slin codec
(Reported by Frankie Chin)
* ASTERISK-23951 - Asterisk attempts and fails to build
format_mp3 even if mp3lib was not downloaded
(Reported by Tzafrir Cohen)
* ASTERISK-25294 - srtp's crypto_get_random deprecated
(Reported by Tzafrir Cohen)
* ASTERISK-23839 - AGI - RECORD FILE - documentation doesn't
describe BEEP argument
(Reported by Rusty Newton)
* ASTERISK-22432 - Async AGI crashes Asterisk when issuing "set
variable" command without args
(Reported by Antoine Pitrou)
* ASTERISK-25662 - Malformed AGI 520 Usage response
(Reported by Tony Mountifield)
* ASTERISK-27008 - res_format_attr_h264: SDP parse fails if
fmtp optional parameters have a space
(Reported by John Harris)
* ASTERISK-26399 - app_queue: Agent not called when caller is
parked
(Reported by wushumasters)
* ASTERISK-26400 - app_queue: Queue member stops being called
after AMI "Redirect" action for queues with wrapuptime
(Reported by Etienne Lessard)
* ASTERISK-26715 - app_queue: Member will not receive any new
calls after doing a transfer if wrapuptime = greater than 0 and
using Local channel
(Reported by David Brillert)
* ASTERISK-26975 - app_queue: Non-zero wrapup time can cause
agents not to receive queue calls after transfer queue call
(Reported by Lorne Gaetz)
* ASTERISK-27012 - app_confbridge: ConfBridge sometimes does
not play user name recording while leaving
(Reported by Robert Mordec)
* ASTERISK-26979 - res_rtp_asterisk: SRTP unprotect failed with
authentication failure 10 or 110
(Reported by Javier Riveros)
* ASTERISK-26982 - chan_sip: rtcp_mux setting may cause ice
completion failure/delay if client offers rtcp-mux as
negotiable
(Reported by Stefan Engström)
* ASTERISK-26964 - res_pjsip_session: Wrong From on reinvite
when request and To URI differ
(Reported by Yasin CANER)
* ASTERISK-26789 - Audit manipulation of channel flags without
locks
(Reported by Joshua Colp)
* ASTERISK-26333 - Problems with Blind Transfer, PJSIP (Aastra
6869i)
(Reported by Matthias Binder)
Improvements made in this release:
-----------------------------------
* ASTERISK-26230 - [patch] res_pjsip_mwi: unsolicited mwi could
block PJSIP taskprocessor on startup
(Reported by Alexei Gradinari)
* ASTERISK-27043 - Core/BuildSystem: Add defines to fix build
with LibreSSL
(Reported by Guido Falsi)
* ASTERISK-27042 - Unpatched asterisk sources fail to build on
FreeBSD due to missing crypt.h file
(Reported by Guido Falsi)
* ASTERISK-26419 - audiohooks: Remove redundant codec
translations when using audiohooks
(Reported by Michael Walton)
* ASTERISK-26976 - libsrtp-2.x.x support
(Reported by Alex)
* ASTERISK-26124 - res_agi: Set audio format for EAGI audio
stream
(Reported by John Fawcett)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-14.6.0
Thank you for your continued support of Asterisk!
libusb-compat is an API wrapper, emulating devel/libusb through the newer
code from devel/libusb1. On NetBSD, this has multiple advantages, such as
not requiring root privileges when accessing ugen(4) USB devices. We should
therefore consider to default to devel/libusb-compat instead of
devel/libusb on NetBSD at the very least.
Tested with devel/libftdi on NetBSD/amd64.
