Almost all uses, if not all of them, are wrong, according to the
semantics of BUILD_DEPENDS (packages built for target available for
use _by_ tools at build-time) and TOOL_DEPEPNDS (packages built for
host available for use _as_ tools at build-time).
No change to BUILD_DEPENDS as used correctly inside buildlink3.
As proposed on tech-pkg:
https://mail-index.netbsd.org/tech-pkg/2023/06/03/msg027632.html
[13.4.1] - 2023-06-31 - Hot fix for typing extension issue Latest
Fixed typing extensions import in markdown #2979
[13.4.0] - 2023-06-31 - Added tables to Markdown
Added support for tables in Markdown #2977
Changelog (taken from https://github.com/libusb/hidapi/releases/tag/hidapi-0.14.0):
hidapi-0.14.0
d3013f0
general: add hid_get_report_descriptor API function (#451)
macOS: fix retrieving USB Interface number on macOS 13.3 (#534)
macOS: Properly handle the close of run loop on macOS (#522)
libusb: fix crash in hid_enumerate() caused by a stale device handle (#526)
windows: alternative way to get USB Serial Number if not provided by HidD_GetSerialNumberString (#464)
windows: don't mark with dllexport in static build (#507/#515)
windows: Get Bluetooth device Model Number String instead of Device Name into product string (#500)
general: fixes (mostly error handling) of issues found by Coverity Scan (#552/#554/#555/#559/#560/#561)
general: variouse fixes and improvements
Released hidapi-win.zip includes pre-compiled:
hidapi.dll
hidapi.lib
For x86 and x64 Windows platforms.
And header file(s) for it.
Change build-system to cmake, autotools is deprecated upstream.
Changelog (taken from https://github.com/libusb/hidapi/releases):
hidapi-0.13.1
hidraw: fix invalid read past the UDEV buffer;
hidapi-0.13.0
general: add hid_get_device_info (#432);
general: Meson build script (as a wrapper over CMake) (#410);
general: add HID Bus Type in hid_device_info (#308);
libusb: primary usage_page/usage is now available with hid_get_device_info regardless of the compilation flags;
hidraw: Open files with O_CLOEXEC to not leak fds to child processes (#446);
hidraw: add support for HID over SPI (#486);
macOS: implement hid_error (#314);
cmake: libusb: Ensure Iconv is found when provided via CFLAGS/LDFLAGS (#430);
Other various improvements.
hidapi-0.12.0
Windows: migrate from SetupApi to CfgMgr32 (#362) - as per recommendation from Microsoft;
Windows: add hid_winapi_get_container_id WinAPI-specific function (#379);
Windows: improved error messages (#388);
Windows: fixed out-of-boundary memory access for some of the function (#418);
windows: Add .rc (#415);
macOS: add hid_darwin_get_location_id macOS-specific function (#378);
macOS: add macOS-specific function(s) to open device(s) in non-exclusive mode (#397);
libusb: improved CMake dependency on Iconv (#405) - as a result, better support for NetBSD;
general: documentation improvements;
general: small code cleanups/improvements;
hidapi-0.11.2
hidraw: hid_get_input_report implementation for kernels that supports it (#351);
windows: several improvements and bugfixes (#348, #360, #361);
libusb: fix potential crash when libusb_detach_kernel_driver fails (#363)
general: documentation improvements;
2.0.1 - 2022-11-23
Relax poetry-core requirement for PEP 517 builds
2.0.0 - 2022-11-21
No source code changes.
This is a version-only release to replace 1.0.0, which was yanked on the grounds that it was incompatible with real dependents (i.e. Poetry) based on their version specifiers, which explicitly included 1.0.0 pre-releases.
1.0.0 - 2022-11-21
Key points
Supported Python versions are now 3.7 up to 3.11.
cleo is now fully type-checked.
cleo no longer depends on clikit.
Changed
Replaced Terminal class with shutil.get_terminal_size() from standard library
Exceptions are now Errors
pylev was dropped in favor of much faster rapidfuzz
Default error verbosity was reduced
Removed
Removed doc comment-based command configuration notation
Fixed
--no-interaction is now automatically set when running in non-TTY terminals
Generated completions will no longer cause shell errors for namespaced commands
Using ^C while autocompleting Question answer will no longer break terminal
Namespaced commands no longer reset interactive state
Fixed underlying regex that caused CVE-2022-42966
13.3.2
Fixed
Reversed pre and code tags in base HTML format
Fix syntax error when building with nuitka
Fixed pretty printing of empty dataclass
Use Console(stderr=True) in rich.traceback.install to support io redirection.
Fixes superfluous spaces in html output
Fixed duplicate output in Jupyter https://github.com/Textualize/rich/pulls/2804
Filter ANSI character-encoding-change codes in Text.from_ansi parser
Fixes traceback failing when a frame filename is unreadable
Fix for live update rendering console markup
Added
Added Polish README
Changed
rich.progress.track() will now show the elapsed time after finishing the task
13.3.1 - 2023-01-28
Fixed
Fixed truecolor to eight bit color conversion
13.3.0 - 2023-01-27
Fixed
Fixed failing tests due to Pygments dependency
Relaxed ipywidgets
Added
Added encoding parameter in Theme.read
13.2.0 - 2023-01-19
Changed
Switch Markdown parsing from commonmark to markdown-it-py
13.1.0 - 2023-01-14
Fixed
Fixed wrong filenames in Jupyter tracebacks
Added
Added locals_hide_dunder and locals_hide_sunder to Tracebacks, to hide double underscore and single underscore locals.
Changed
Tracebacks will now hide double underscore names from locals by default. Set locals_hide_dunder=False to restore previous behaviour.
13.0.1 - 2023-01-06
Fixed
Fixed issue with Segment.split_cells for mixed single and double cell widths
13.0.0 - 2022-12-30
Fixed
Reversed pre and code tags in base HTML format
Improved detection of attrs library, that isn't confused by the presence of the attr library.
Fixed issue with locals_max_length parameter not being respected in Traceback
Handling of broken fileno made more robust. Fixes
Fixed missing fileno on FileProxy
Changed
Bumped minimum Python version to 3.7
Pretty-printing of "tagged" __repr__ results is now greedy when matching tags
progress.track now supports deriving total from __length_hint__
Added
Add type annotation for key_separator of pretty.Node
2.5.0
- Make mbedtls hmac less restrictive in line with RFC and library capabilities
- Allow overriding stream list implementation
- update min openssl version to 1.1.0
- Openssl 3 support for EVP MAC
- Add android build to CI
- add CIFuzz Github action to workflows
- Add policy_set_aes_cm_192_xxx symbols to def file
- Use current directions in stream update test
- Call `set_aad` and `get_tag` in AEAD performance tests
- Create alias for srtp2 as libSRTP::srtp2
- Remove compatibility code for legacy OpenSSL to fix LibreSSL build
- Export CMake Targets
- Avoid initializing local char table when converting nibble to hex
- EVP_CIPHER_CTX_cleanup() is deprecated in OpenSSL 1.1.0
- Correct null cipher key sizes and be more defensive
- Include directory should point to 'include' not to 'include/srtp2'
- Count blocks instead of bytes in AES-ICM limit computation
- Rtp decoder support ssrc and roc
- Use a full-length key even with null ciphers
- Fix set ROC functionality with gcm
2.4.0
Major changes
- Remove EKT files, this was never completed and the draft has since changed.
- Adds support for Mbedtls as a crypto backend.
- Support apple silicon build.
- Adds support for the Meson build system. This is an alternative to Cmake and auto tools.
Other changes
- Improve OpenSSL KDF check.
- Add void to function declarations for EVP_EncryptInit check.
- Remove dead code.
- Support running against nss >= 3.52.
- Remove references to dtls from libsrtp.
- Use nss based hmac when nss enabled.
- Move selftest vectors form backends to common files.
- Extend cmake support.
- Fix gcc11 warning by defining output length.
- Remove visual studio build files.
- cmake: Set the VERSION property of the srtp2 library.
- Fixed issue 499 with buffer overflow.
- Feature/additional error checks.
- Rework check for OPENSSL_cleanse().
- Avoid non-existing compiler flag -O4.
- Fix two-byte RTP header extension encryption.
- Modify cmake to install crypto_types.h instead of cipher_types.h
* Use bash for configure script. It uses bash-specific syntax.
* Use menuselect command to adjust options instead of manually
crafted makeopts file. Manually crafted file does not work
properly for me and 16.29.1 now.
* I have no idea about x11 option's status. It seems that
gtk2 config UI is not available in this release at least,
if I understand correctly.
Changelog:
16.29.1
Bugs fixed in this release:
[ASTERISK-30103] chan_ooh323 vulnerability in calling/called party IE (Reported By: Michael Bradeen)
[ASTERISK-30176] GetConfig can read files outside of Asterisk (Reported By: shawty)
[ASTERISK-30244] Occasional crash when TCP/TLS connection terminated and subscription persistence is removed (Reported By: nappsoft)
[ASTERISK-30338] Backport 2.13 security fixes from pjproject
16.29.0
New Features made in this release:
* [ASTERISK-30037] Add test support to calling external processes
(Reported by Philip Prindeville)
* [ASTERISK-30161] locks: add AMI event for deadlock
(Reported by N A)
* [ASTERISK-30211] app_confbridge: Add end_marked_any option
(Reported by N A)
* [ASTERISK-30186] res_pjsip: Add support for reloading TLS
certificate and key information
(Reported by Joshua C. Colp)
* [ASTERISK-29899] features: Add advanced transfer initiation options
(Reported by N A)
Bugs fixed in this release:
* [ASTERISK-30235] res_crypto and tests: Memory issues and and
uninitialized variable error
(Reported by George Joseph)
* [ASTERISK-30234] res_geolocation: may be used uninitialized error
in geoloc_config.c
(Reported by George Joseph)
* [ASTERISK-30215] Inbound SIP INVITE with Geo Location causing a
Segmentation Fault
(Reported by Dan Cropp)
* [ASTERISK-30135] [res_musiconhold] Allows the moh only for the
answered call
(Reported by sungtae kim)
* [ASTERISK-26894] pjsip should support tel uri scheme
(Reported by Gergely D?ms?di)
* [ASTERISK-30210] func_frame_trace: Channel masquerade triggers
assertion
(Reported by N A)
* [ASTERISK-30190] res_geolocation: GEOLOC_PROFILE isn t returning
correct values on incoming channel
(Reported by George Joseph)
* [ASTERISK-29185] chan_pjsip: Endpoint: allow = all is broken.
(Reported by Alexander Traud)
* [ASTERISK-30192] res_tonedetect: fix typo for frametype
(Reported by N A)
* [ASTERISK-29453] alembic: incoming_call_offer_pref and
outgoing_call_offer_pref missing in ps_endpoints
table
(Reported by Daniel Th men)
* [ASTERISK-26826] testsuite: Add support for Python 3
(Reported by Joshua C. Colp)
* [ASTERISK-30167] res_geolocation: Refactor for issues found by
users
(Reported by George Joseph)
* [ASTERISK-28422] Memory Leak in Confbridge menu
(Reported by Ted G)
* [ASTERISK-29917] ami: FilterList action doesn t exist
(Reported by N A)
* [ASTERISK-30020] ConfbridgeListRooms Event Not Documented
(Reported by Michael Cargile)
* [ASTERISK-30018] app_meetme: MeetmeList AMI event not documented
(Reported by Michael Cargile)
* [ASTERISK-30151] Documentation doesn t include info about field
, a 3rd required parameter.
(Reported by Chris Young)
Improvements made in this release:
* [ASTERISK-30241] res_pjsip_gelocation: Downgrade some NOTICE scope
trace debugs to DEBUG level
(Reported by N A)
* [ASTERISK-30178] extend user_eq_phone behavior to local uri s
(Reported by Michael Bradeen)
* [ASTERISK-30046] Reimplement res/res_crypto.c internals with
EVP_PKEY interface to Openssl API s
(Reported by Philip Prindeville)
* [ASTERISK-30045] Add test coverage to res/res_crypto.c
functionality
(Reported by Philip Prindeville)
* [ASTERISK-30185] res_geolocation: Allow location parameters to be
specified in profiles
(Reported by George Joseph)
* [ASTERISK-30177] res_geolocation: Add option to suppress empty
elements
(Reported by George Joseph)
* [ASTERISK-30182] res_geolocation: Add built-in profiles to use in
fully dynamic configurations
(Reported by George Joseph)
* [ASTERISK-29906] update RLS to reflect the changes to the lists
(Reported by Alexei Gradinari)
* [ASTERISK-30163] general: fix minor formatting issues
(Reported by N A)
* [ASTERISK-30164] chan_iax2: Add missing option documentation
(Reported by N A)
* [ASTERISK-30160] cdr.conf: Remove obsolete app_mysql reference
(Reported by N A)
* [ASTERISK-30159] general: Remove obsolete SVN references
(Reported by N A)
* [ASTERISK-30153] logger: Improve log levels
(Reported by N A)
16.28.0
The following issues are resolved in this release:
Improvements made in this release:
* [ASTERISK-30128] Create PJSIP interface module for
Geolocation
(Reported by George Joseph)
* [ASTERISK-30127] Create core Geolocation capability for
Asterisk
(Reported by George Joseph)
* [ASTERISK-30089] general: fix typos
(Reported by N A)
* [ASTERISK-30050] Upgrade Asterisk to bundled pjproject
2.12.1
(Reported by Stanislav Abramenkov)
Bugs fixed in this release:
* [ASTERISK-30167] res_geolocation: Refactor for issues found by
users
(Reported by George Joseph)
* [ASTERISK-29966] pbx_variables: ast_str_strlen can be wrong
(Reported by N A)
* [ASTERISK-29905] OSX: bininstall launchd issue on cross-platfrom
build
(Reported by Sergey V. Lobanov)
* [ASTERISK-30137] manager: Global disabled event filtered is
incomplete
(Reported by N A)
* [ASTERISK-30109] res_pjsip: no contact-status AMI event on register
of prune-on-boot contact that uses the same URI as
before Asterisk restart
(Reported by Michael Neuhauser)
* [ASTERISK-30126] Spelling mistake in configs/samples/queues.conf.
sample
(Reported by Sam Banks)
* [ASTERISK-29991] chan_dahdi, callerid: Caller ID does not honor
presentation
(Reported by N A)
* [ASTERISK-29907] res_pjsip, app_confbridge: Video call through
ConfBridge with normal endpoints causes infinite
loop/crash
(Reported by N A)
* [ASTERISK-30029] build: Git security vulnerability fix is sad with
our accessing git as root during make install
(Reported by Joshua C. Colp)
* [ASTERISK-30138] Compile failure in res_geolocation/geoloc_
eprofile.c when optimization is enabled
(Reported by George Joseph)
* [ASTERISK-30096] cel_odbc: Column type 9 (field cdr:cel:eventtime
) is unsupported at this time
(Reported by Morvai Szabolcs)
* [ASTERISK-30083] chan_iax2: Optional dependency on openssl/
res_crypto is now mandatory
(Reported by Dmitry Melekhov)
* [ASTERISK-30123] features: Update automixmon documentation to
reflect reality
(Reported by Trevor Peirce)
* [ASTERISK-30117] pbx_lua: Remove compiler warnings
(Reported by Boris P. Korzun)
* [ASTERISK-30001] db: Removing nonexistent entries shows Database
entry removed
(Reported by N A)
* [ASTERISK-29822] cli: Typing \? freezes the CLI permanently with
remote console
(Reported by N A)
* [ASTERISK-30106] res_calendar_icalendar: Microsoft online ICS
calendars no longer work
(Reported by N A)
* [ASTERISK-30115] app_dial: Allow hook flashes to propogate on
outbound dials
(Reported by N A)
* [ASTERISK-29989] app_dial, chan_dahdi: DIALSTATUS is inconsistent
for busy
(Reported by N A)
* [ASTERISK-30072] res_pjsip: allow TLS verification of wildcard
cert-bearing servers
(Reported by Kevin Harwell)
* [ASTERISK-30075] say: Abort if channel hangs up during playback
(Reported by N A)
New Features made in this release:
* [ASTERISK-30136] db: Add AMI action to retrieve all keys beginning
with a prefix
(Reported by N A)
* [ASTERISK-30000] chan_dahdi: Add POLARITY function
(Reported by N A)
* [ASTERISK-30062] cli: Add CLI command to execute a dialplan app
(Reported by N A)
* [ASTERISK-29999] pjsip: Get information from 200 OK INVITE reply
headers
(Reported by Jos Lopes)
* [ASTERISK-30061] pbx: Add pbx helper application
(Reported by N A)
16.27.0
Improvements made in this release:
* [ASTERISK-30090] xmldocs: Use example tags for examples
(Reported by N A)
* [ASTERISK-29906] update RLS to reflect the changes to the lists
(Reported by Alexei Gradinari)
* [ASTERISK-29891] provide a display name for RLS subscriptions
(Reported by Alexei Gradinari)
* [ASTERISK-30086] res_parking: Warn when invalid parking space
requested
(Reported by N A)
* [ASTERISK-30058] Evaluate dialplan functions and variables in agi
exec
(Reported by Shloime Rosenblum)
* [ASTERISK-30027] ari: expose channel driver s unique id (i.e.
Call-ID for chan_sip/chan_pjsip) in ARI channel
resource
(Reported by Moritz Fain)
* [ASTERISK-29845] res_pjsip_outbound_registration: Show time
remaining until registration lapses
(Reported by N A)
Bugs fixed in this release:
* [ASTERISK-30097] console: Recent documentation changes for
connecting to remote console are inconsistent
(Reported by Matthias Hensler)
* [ASTERISK-30043] Wrong party is disconnected when hook-flashing on
3-way bridge
(Reported by Josh Alberts)
* [ASTERISK-29603] res_pjsip: UPDATE/re-INVITE not sent when timers
=always is specified in pjsip.conf
(Reported by Ray Crumrine)
* [ASTERISK-30092] DateTime application: wrong inflection for one o
clock in German
(Reported by Christof Efkemann)
* [ASTERISK-30064] pbx: iax2 switch causes crash due to deadlock and
assertion
(Reported by N A)
* [ASTERISK-29981] res_calendar: Asterisk crashes when starting, and
will not run
(Reported by N A)
* [ASTERISK-30039] cli: Targeted debug on startup deadlocks and
creates unstable system
(Reported by N A)
* [ASTERISK-30051] res_pjsip: No video after un-hold with
moh_passthrough=yes
(Reported by Maximilian Fridrich)
* [ASTERISK-24601] Missing RFC4235 tags and attributes in PJSIP
NOTIFY event: dialog XML body
(Reported by Marco Paland)
* [ASTERISK-30060] loader: format warnings in dev mode
(Reported by N A)
* [ASTERISK-30059] menuselect: libxml include fails under Gentoo
(Reported by waltermoeller)
* [ASTERISK-30065] pjsip: Open Websocket connection is not reused for
outgoing requests
(Reported by LA)
* [ASTERISK-30042] res_pjsip_transport_websocket: Registration over
websocket returns a rewritten contact
(Reported by Thomas Guebels)
* [ASTERISK-29993] chan_dahdi: Operator control option borks both
lines involved on callee disconnect
(Reported by N A)
* [ASTERISK-30044] GCC 12 issues
(Reported by George Joseph)
New Features made in this release:
* [ASTERISK-30063] app_voicemail: Add option to prevent deletion of
messages
(Reported by N A)
* [ASTERISK-30087] res_parking: Add music on hold override option
(Reported by N A)
* [ASTERISK-29965] res_pjsip_outbound_registration: Make max
registration delay configurable
(Reported by N A)
* [ASTERISK-30036] app_confbridge: Add CONFBRIDGE_CHANNELS function
(Reported by N A)
16.26.1
Bugs fixed in this release:
* [ASTERISK-30065] pjsip: Open Websocket connection is not reused for
outgoing requests
(Reported by LA)
16.26.0
Security bugs fixed in this release:
* [ASTERISK-29476] res_stir_shaken: Blind SSRF vulnerabilities
(Reported by Clint Ruoho)
* [ASTERISK-29838] ${SQL_ESC()} not correctly escaping a terminating
\
(Reported by Leandro Dardini)
* [ASTERISK-29872] res_stir_shaken: Resource exhaustion with large
files
(Reported by Benjamin Keith Ford)
New Features made in this release:
* [ASTERISK-29931] Option to allow a user to not hear the join sound
on enter but everyone else can
(Reported by Michael Cargile)
* [ASTERISK-29968] func_db: Add a function to return cardinality of
keys at prefix
(Reported by N A)
* [ASTERISK-29486] Hint-like extension value lookup function without
device state
(Reported by N A)
* [ASTERISK-29941] chan_pjsip: Add ability to send flash events
(Reported by N A)
* [ASTERISK-29820] cli: Add command to evaluate a function
(Reported by N A)
* [ASTERISK-29876] app_queue: Add music on hold option
(Reported by N A)
Bugs fixed in this release:
* [ASTERISK-28518] chan_dahdi: Caller ID FSK Erroneously Sent when
Picking Up Dahdi Call On Hold
(Reported by Josh Alberts)
* [ASTERISK-29990] chan_dahdi: adding ring cadences is not idempotent
on dahdi restart
(Reported by N A)
* [ASTERISK-30007] chan_iax2: Prevent crashes due to attempted
encryption with missing secrets
(Reported by N A)
* [ASTERISK-29728] menuselect: Disabled by default modules that are
enabled are always recompiled
(Reported by N A)
* [ASTERISK-30002] app_meetme: Don t erroneously set global
variables when channel is NULL
(Reported by N A)
* [ASTERISK-29994] chan_dahdi: Round robin array size is too small
for max number of groups
(Reported by N A)
* [ASTERISK-22246] Asterisk s T flag is ignored when used with
r or R flags. (documentation bug)
(Reported by Rusty Newton)
* [ASTERISK-26582] Asterisk seems to ignore the n parameter for
disable console colorization
(Reported by Sebastian Gutierrez)
* [ASTERISK-29843] Session timers get removed on UPDATE
(Reported by Mark Petersen)
* [ASTERISK-29943] file.c: seeking to negative file offset is not
prevented
(Reported by N A)
* [ASTERISK-29955] chan_sip: SIP route header is missing on UPDATE
(Reported by Mark Petersen)
* [ASTERISK-29842] Do not change 180 Ringing to 183 Progress even if
early_media already enabled
(Reported by Mark Petersen)
* [ASTERISK-29948] iostream: Infinite TCP timeout writing data
(Reported by N A)
* [ASTERISK-29253] Incorrect bridging on transfer
(Reported by Yury Kirsanov)
* [ASTERISK-30024] Failed to sign STIR/SHAKEN payload with
functionality not enabled
(Reported by Claude Diderich)
* [ASTERISK-30006] res_pjsip: UDP transport does not work when
async_operations is greater than 1
(Reported by Ross Beer)
* [ASTERISK-29655] res_pjsip_session: No video to caller if no camera
available
(Reported by Michael Auracher)
* [ASTERISK-29638] res_pjsip_session: No video after early media
(Reported by Michael Auracher)
* [ASTERISK-30015] pjsip / WebRTC: Chrome creating large number of
SDP attributes
(Reported by Josh Hogan)
* [ASTERISK-30021] ast_variable_list_replace_variable uses variable
with new keyword
(Reported by Jasper Hafkenscheid)
* [ASTERISK-30023] cdr_adaptive_odbc: does not support DATETIME
database columns
(Reported by Gregory Massel)
* [ASTERISK-29411] Crash in pjsip_msg_find_hdr_by_name
(Reported by LA)
* [ASTERISK-29535] Segmentation fault in libasteriskpj.so.2
(Reported by Daniel Bonazzi)
* [ASTERISK-26719] pbx: Only up to 127 includes in a dialplan context
(AST_PBX_MAX_STACK 1)
(Reported by Tzafrir Cohen)
* [ASTERISK-29988] REGRESSION: The build process is requiring xmllint
or xmlstarlet ro be installed when it shouldn t
(Reported by George Joseph)
* [ASTERISK-29986] build: Asterisk 18.11.0 doesn t compile when wget
isn t available
(Reported by Stefan Ruijsenaars)
* [ASTERISK-29895] chan_iax2: Fix misaligned spacing in iax2 show
netstats printout
(Reported by N A)
* [ASTERISK-29939] agi: Fix xmldoc bug with set music
(Reported by N A)
* [ASTERISK-28891] documentation: AGICommand_set+music documentation
arguments displayed incorreclty
(Reported by Jonathan Harris)
* [ASTERISK-29048] chan_iax2: iax2 show registry shows host for
perceived
(Reported by David Herselman)
* [ASTERISK-26689] res_pjsip_sdp_rtp: 183 Session in Progress.
Disconnecting channel for lack of RTP activity
(Reported by Dmitriy Serov)
* [ASTERISK-29929] res_pjsip_sdp_rtp: Disconnecting channel for lack
of RTP activity in one way sessions
(Reported by Boris P. Korzun)
* [ASTERISK-29674] Adjust for 64bit time_t
(Reported by Andre Heider)
* [ASTERISK-29961] RLS: domain part of uri list attribute
mismatch with SUBSCRIBE request
(Reported by Alexei Gradinari)
* [ASTERISK-29950] SayNumber can handle 01 to 07 , but not
08 or 09
(Reported by Jim Van Meggelen)
* [ASTERISK-29928] logging messages truncated when using MUSL runtime
(Reported by Philip Prindeville)
* [ASTERISK-29960] ari: Retrieving stored recording can returns wrong
file
(Reported by Arix)
Improvements made in this release:
* [ASTERISK-24827] Missing documentation for chan_dahdi dial string
ring cadences
(Reported by Scott Griepentrog)
* [ASTERISK-29940] general: Add since tags to xmldocs
(Reported by N A)
* [ASTERISK-29951] app_mf, app_sf: Return -1 on hangup
(Reported by N A)
* [ASTERISK-29954] app_meetme: Emit warning if conference not found
(Reported by N A)
* [ASTERISK-29351] Qualify pjproject 2.12 for Asterisk
(Reported by George Joseph)
* [ASTERISK-29877] app_mf: Allow reading a maximum number of digits
(Reported by N A)
* [ASTERISK-29976] Should Readme include information about
install_prereq script?
(Reported by Marcel Wagner)
* [ASTERISK-29970] Use pkg-config to find libxml2 headers and
libraries
(Reported by Hugh McMaster)
* [ASTERISK-25716] Documentation: Document explanations and examples
for possible values of DIALSTATUS
(Reported by Rusty Newton)
* [ASTERISK-29980] build: External binary modules don t use https
(Reported by INVADE International Ltd.)
* [ASTERISK-29967] pbx_builtins: Add missing documentation
(Reported by N A)
16.25.3
Bugs fixed in this release:
* [ASTERISK-30024] Failed to sign STIR/SHAKEN payload with
functionality not enabled
(Reported by Claude Diderich)
16.25.2
The following security vulnerabilities were resolved in 16.25.2:
* AST-2022-001: res_stir_shaken: resource exhaustion with large files
When using STIR/SHAKEN, it's possible to download files that are not
certificates. These files could be much larger than what you would expect
to
download.
* AST-2022-002: res_stir_shaken: SSRF vulnerability with Identity header
When using STIR/SHAKEN, it's possible to send arbitrary requests like GET
to
interfaces such as localhost using the Identity header.
* AST-2022-003: func_odbc: Possible SQL Injection
Some databases can use backslashes to escape certain characters, such as
backticks. If input is provided to func_odbc which includes backslashes it
is
possible for func_odbc to construct a broken SQL query and the SQL query to
fail.
16.25.1
Bugs fixed in this release:
* [ASTERISK-29988] REGRESSION: The build process is requiring xmllint
or xmlstarlet ro be installed when it shouldn??t
(Reported by George Joseph)
* [ASTERISK-29986] build: Asterisk 18.11.0 doesn??t compile when wget
isn??t available
(Reported by Stefan Ruijsenaars)
15.25.0
Security bugs fixed in this release:
* [ASTERISK-29945] pjproject: Security fixes for
things
(Reported by Kevin Harwell)
New Features made in this release:
* [ASTERISK-29853] ami: Allow events to be globally disabled
(Reported by N A)
* [ASTERISK-29840] func_channel: Add LASTCONTEXT and LASTEXTEN
fields
(Reported by N A)
Bugs fixed in this release:
* [ASTERISK-29924] res_config_pgsql: omit unsupported column type
text' error
(Reported by Boris P. Korzun)
* [ASTERISK-29923] docs, LICENSE: pbx.digium.com no longer exists
(Reported by N A)
* [ASTERISK-29904] RLS: Batched Notifications stop working
(Reported by Alexei Gradinari)
* [ASTERISK-29365] taskprocessor: Can cause assert at shutdown
(Reported by Joshua C. Colp)
* [ASTERISK-29873] Queue Realtime load
(Reported by Alexei Gradinari)
* [ASTERISK-18416] Realtime queue agents unavailable via AMI before a
call event.
(Reported by kwk)
* [ASTERISK-27597] AMI Queuestatus not working (with realtime queue)
(Reported by cagdas kopuz)
* [ASTERISK-29886] Asterisk AMI sends not-valid XML
(Reported by Napadailo Yaroslav)
Improvements made in this release:
* [ASTERISK-29906] update RLS to reflect the changes to the lists
(Reported by Alexei Gradinari)
* [ASTERISK-29909] app_queue: Add support for withdrawing a call
(Reported by Kfir Itzhak)
* [ASTERISK-29353] Qualify jansson 2.14 for asterisk
(Reported by George Joseph)
* [ASTERISK-29897] channels: Increase core debug levels for chatty
debugs
(Reported by N A)
* [ASTERISK-29896] xmldocs: Add since tag
(Reported by N A)
* [ASTERISK-29861] asterisk.h: add macro for curl user agent
(Reported by N A)
* [ASTERISK-29920] app_voicemail: Warn if trying to manage
nonexistent mailbox
(Reported by N A)
* [ASTERISK-29925] func_db: Warn about malformed key names
(Reported by N A)
* [ASTERISK-29809] curl, stir_shaken: refactor curl code
(Reported by N A)
* [ASTERISK-29891] provide a display name for RLS subscriptions
(Reported by Alexei Gradinari)
* [ASTERISK-29866] cli: add core dump information to core show
settings
(Reported by N A)
* [ASTERISK-29898] documentation: Add default attributes to
documentation
(Reported by N A)
* [ASTERISK-29900] app_mp3: Document and warn about https
incompatibility
(Reported by N A)
16.24.1
The following security vulnerabilities were resolved in 16.24.1:
* AST-2022-004: pjproject: integer underflow on STUN message
The header length on incoming STUN messages that contain an ERROR-CODE
attribute is not properly checked. This can result in an integer underflow.
Note, this requires ICE or WebRTC support to be in use with a malicious
remote
party.
* AST-2022-005: pjproject: undefined behavior after freeing a dialog set
When acting as a UAC, and when placing an outgoing call to a target that
then
forks Asterisk may experience undefined behavior (crashes, hangs, etc??)
after a dialog set is prematurely freed.
* AST-2022-006: pjproject: unconstrained malformed multipart SIP message
If an incoming SIP message contains a malformed multi-part body an out of
bounds read access may occur, which can result in undefined behavior. Note,
it??s currently uncertain if there is any externally exploitable vector
within Asterisk for this issue, but providing this as a security issue out
of
caution.[cleardot]
Version 4.4
New Features
flasher_stub: Increased read/write speeds over USB-JTAG/Serial or USB-OTG modes, making some operations nearly twice as fast.
Added detection for guru meditation errors induced by the flasher stub or ROM bootloader.
Added a readable error message for serial-related failures, giving more information about possible HW issues.
espsecure.py: Improved AES-XTS encryption speed.
Bug Fixes
ESP32-S3 v0.0: Fixed chip revision detection.
bitstring: Added a workaround for breaking changes of bitstring==4
get_default_connected_device: Fixed to close unused serial ports.
flash_freq: Fall back to a chip-specific default flash frequency when no flash_freq arg is specified.
ESP32-C6: Fixed chip type detection and SPI flash communication.
0.4.6 Current release
* https://github.com/tartley/colorama/pull/139 Add alternative to 'init()',
called 'just_fix_windows_console'. This fixes many longstanding problems
with 'init', such as working incorrectly on modern Windows terminals, and
wonkiness when init gets called multiple times. The intention is that it
just makes all Windows terminals treat ANSI the same way as other terminals
do. Many thanks the njsmith for fixing our messes.
* https://github.com/tartley/colorama/pull/352 Support Windows 10's ANSI/VT
console. This didn't exist when Colorama was created, and avoiding us
causing havok there is long overdue. Thanks to segeviner for the initial
approach, and to njsmith for getting it merged.
* https://github.com/tartley/colorama/pull/338 Internal overhaul of package
metadata declaration, which abolishes our use of the now heavily
discouraged setuptools (and hence setup.py, setup.cfg and MANIFEST.in), in
favor of hatchling (and hence pyproject.toml), generously contributed by
ofek (author of hatchling). This includes dropping support Python3.5 and
3.6, which are EOL, and were already dropped from setuptools, so this
should not affect our users.
* https://github.com/tartley/colorama/pull/353 Attention to detail award to
LqdBcnAtWork for a spelling fix in demo06
