kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2025-09-04 11:58:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update for certified/16.8-cert6

Browse Source
This commit is contained in:
Asterisk Development Team
2021-02-18 11:51:33 -05:00
parent bb5b336f78
commit 5d0a019e13
6 changed files with 261 additions and 130 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.version
View File

@@ -1 +1 @@
certified/16.8-cert5
certified/16.8-cert6

87
ChangeLog
View File

@@ -1,3 +1,90 @@
2021-02-18 16:51 +0000 Asterisk Development Team <asteriskteam@digium.com>
* asterisk certified/16.8-cert6 Released.
2021-02-01 15:24 +0000 [bb5b336f78] Kevin Harwell <kharwell@sangoma.com>
* AST-2021-002: Remote crash possible when negotiating T.38
When an endpoint requests to re-negotiate for fax and the incoming
re-invite is received prior to Asterisk sending out the 200 OK for
the initial invite the re-invite gets delayed. When Asterisk does
finally send the re-inivite the SDP includes streams for both audio
and T.38.
This happens because when the pending topology and active topologies
differ (pending stream is not in the active) in the delayed scenario
the pending stream is appended to the active topology. However, in
the fax case the pending stream should replace the active.
This patch makes it so when a delay occurs during fax negotiation,
to or from, the audio stream is replaced by the T.38 stream, or vice
versa instead of being appended.
Further when Asterisk sent the re-invite with both audio and T.38,
and the endpoint responded with a declined T.38 stream then Asterisk
would crash when attempting to change the T.38 state.
This patch also puts in a check that ensures the media state has a
valid fax session (associated udptl object) before changing the
T.38 state internally.
ASTERISK-29203 #close
Change-Id: I407f4fa58651255b6a9030d34fd6578cf65ccf09
2021-01-26 11:09 +0000 [93468c531a] Alexander Traud <pabstraud@compuserve.com>
* rtp: Enable srtp replay protection
Add option "srtpreplayprotection" rtp.conf to enable srtp
replay protection.
ASTERISK-29260
Reported by: Alexander Traud
Change-Id: I5cd346e3c6b6812039d1901aa4b7be688173b458
2020-12-11 14:49 +0000 [07eddbd56a] Sean Bright <sean.bright@gmail.com>
* res_rtp_asterisk.c: Fix signed mismatch that leads to overflow
ASTERISK-29205 #close
Change-Id: Ib7aa65644e8df76e2378d7613ee7cf751b9d0bea
2021-02-05 05:26 +0000 [23e96e6e17] Joshua C. Colp <jcolp@sangoma.com>
* pjsip: Make modify_local_offer2 tolerate previous failed SDP.
If a remote side is broken and sends an SDP that can not be
negotiated the call will be torn down but there is a window
where a second 183 Session Progress or 200 OK that is forked
can be received that also attempts to negotiate SDP. Since
the code marked the SDP negotiation as being done and complete
prior to this it assumes that there is an active local and remote
SDP which it can modify, while in fact there is not as the SDP
did not successfully negotiate. Since there is no local or remote
SDP a crash occurs.
This patch changes the pjmedia_sdp_neg_modify_local_offer2
function to no longer assume that a previous SDP negotiation
was successful.
ASTERISK-29196
Change-Id: I22de45916d3b05fdc2a67da92b3a38271ee5949e
2020-12-16 06:17 +0000 [6b5306ecc5] Joshua C. Colp <jcolp@sangoma.com>
* res_pjsip_pidf_digium_body_supplement: Support Sangoma user agent.
This adds support for both Digium and Sangoma user agent strings
for the Sangoma specific body supplement.
Change-Id: Ib99362b24b91d3cbe888d8b2fce3fad5515d9482
(cherry picked from commit 7e4bb4ed11b2741ff6cd47a95fb6e815a5e1d901)
2020-11-05 21:06 +0000 Asterisk Development Team <asteriskteam@digium.com>
* asterisk certified/16.8-cert5 Released.

22
asterisk-certified-16.8-cert5-summary.html
View File

@@ -1,22 +0,0 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><title>Release Summary - asterisk-certified/16.8-cert5</title><h1 align="center"><a name="top">Release Summary</a></h1><h3 align="center">asterisk-certified/16.8-cert5</h3><h3 align="center">Date: 2020-11-05</h3><h3 align="center">&lt;asteriskteam@digium.com&gt;</h3><hr><h2 align="center">Table of Contents</h2><ol>
<li><a href="#summary">Summary</a></li>
<li><a href="#contributors">Contributors</a></li>
<li><a href="#closed_issues">Closed Issues</a></li>
<li><a href="#diffstat">Diffstat</a></li>
</ol><hr><a name="summary"><h2 align="center">Summary</h2></a><center><a href="#top">[Back to Top]</a></center><p>This release has been made to address one or more security vulnerabilities that have been identified. A security advisory document has been published for each vulnerability that includes additional information. Users of versions of Asterisk that are affected are strongly encouraged to review the advisories and determine what action they should take to protect their systems from these issues.</p><p>Security Advisories:</p><ul>
<li><a href="http://downloads.asterisk.org/pub/security/AST-2020-001,AST-2020-002.html">AST-2020-001,AST-2020-002</a></li>
</ul><p>The data in this summary reflects changes that have been made since the previous release, asterisk-certified/16.8-cert4.</p><hr><a name="contributors"><h2 align="center">Contributors</h2></a><center><a href="#top">[Back to Top]</a></center><p>This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.</p><table width="100%" border="0">
<tr><th width="33%">Coders</th><th width="33%">Testers</th><th width="33%">Reporters</th></tr>
<tr valign="top"><td width="33%">1 Kevin Harwell <kharwell@digium.com><br/>1 Ben Ford <bford@digium.com><br/></td><td width="33%"><td width="33%">1 Sandro Gauci <sandro@enablesecurity.com><br/>1 Sebastian Damm <damm@sipgate.de><br/></td></tr>
</table><hr><a name="closed_issues"><h2 align="center">Closed Issues</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all issues from the issue tracker that were closed by changes that went into this release.</p><h3>Security</h3><h4>Category: pjproject/pjsip</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29057">ASTERISK-29057</a>: pjsip: Crash on call rejection during high load<br/>Reported by: Sandro Gauci<ul>
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=81b48f2d104506bc9e77ef36942d70056b4f8138">[81b48f2d10]</a> Kevin Harwell -- AST-2020-001 - res_pjsip: Return dialog locked and referenced</li>
</ul><br><h3>Bug</h3><h4>Category: Resources/res_pjsip</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29013">ASTERISK-29013</a>: res_pjsip: Asterisk doesn't stop sending invites (with auth) on 407 replies<br/>Reported by: Sebastian Damm<ul>
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=6057050899a97913e7bb638cfc320822d2a7eb92">[6057050899]</a> Ben Ford -- AST-2020-002 - res_pjsip: Stop sending INVITEs after challenge limit.</li>
</ul><br><h4>Category: Resources/res_pjsip_authenticator_digest</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29013">ASTERISK-29013</a>: res_pjsip: Asterisk doesn't stop sending invites (with auth) on 407 replies<br/>Reported by: Sebastian Damm<ul>
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=6057050899a97913e7bb638cfc320822d2a7eb92">[6057050899]</a> Ben Ford -- AST-2020-002 - res_pjsip: Stop sending INVITEs after challenge limit.</li>
</ul><br><hr><a name="diffstat"><h2 align="center">Diffstat Results</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.</p><pre>include/asterisk/res_pjsip.h | 46 ++++++++++++
include/asterisk/res_pjsip_session.h | 4 -
res/res_pjsip.c | 51 +++++++++++---
res/res_pjsip_pubsub.c | 10 ++
res/res_pjsip_session.c | 125 +++++++++++++++++++++++++++++++++--
5 files changed, 218 insertions(+), 18 deletions(-)</pre><br></html>

107
asterisk-certified-16.8-cert5-summary.txt
View File

@@ -1,107 +0,0 @@
Release Summary
asterisk-certified/16.8-cert5
Date: 2020-11-05
<asteriskteam@digium.com>
----------------------------------------------------------------------
Table of Contents
1. Summary
2. Contributors
3. Closed Issues
4. Diffstat
----------------------------------------------------------------------
Summary
[Back to Top]
This release has been made to address one or more security vulnerabilities
that have been identified. A security advisory document has been published
for each vulnerability that includes additional information. Users of
versions of Asterisk that are affected are strongly encouraged to review
the advisories and determine what action they should take to protect their
systems from these issues.
Security Advisories:
* AST-2020-001,AST-2020-002
The data in this summary reflects changes that have been made since the
previous release, asterisk-certified/16.8-cert4.
----------------------------------------------------------------------
Contributors
[Back to Top]
This table lists the people who have submitted code, those that have
tested patches, as well as those that reported issues on the issue tracker
that were resolved in this release. For coders, the number is how many of
their patches (of any size) were committed into this release. For testers,
the number is the number of times their name was listed as assisting with
testing a patch. Finally, for reporters, the number is the number of
issues that they reported that were affected by commits that went into
this release.
Coders Testers Reporters
1 Kevin Harwell 1 Sandro Gauci
1 Ben Ford 1 Sebastian Damm
----------------------------------------------------------------------
Closed Issues
[Back to Top]
This is a list of all issues from the issue tracker that were closed by
changes that went into this release.
Security
Category: pjproject/pjsip
ASTERISK-29057: pjsip: Crash on call rejection during high load
Reported by: Sandro Gauci
* [81b48f2d10] Kevin Harwell -- AST-2020-001 - res_pjsip: Return dialog
locked and referenced
Bug
Category: Resources/res_pjsip
ASTERISK-29013: res_pjsip: Asterisk doesn't stop sending invites (with
auth) on 407 replies
Reported by: Sebastian Damm
* [6057050899] Ben Ford -- AST-2020-002 - res_pjsip: Stop sending
INVITEs after challenge limit.
Category: Resources/res_pjsip_authenticator_digest
ASTERISK-29013: res_pjsip: Asterisk doesn't stop sending invites (with
auth) on 407 replies
Reported by: Sebastian Damm
* [6057050899] Ben Ford -- AST-2020-002 - res_pjsip: Stop sending
INVITEs after challenge limit.
----------------------------------------------------------------------
Diffstat Results
[Back to Top]
This is a summary of the changes to the source code that went into this
release that was generated using the diffstat utility.
include/asterisk/res_pjsip.h | 46 ++++++++++++
include/asterisk/res_pjsip_session.h | 4 -
res/res_pjsip.c | 51 +++++++++++---
res/res_pjsip_pubsub.c | 10 ++
res/res_pjsip_session.c | 125 +++++++++++++++++++++++++++++++++--
5 files changed, 218 insertions(+), 18 deletions(-)

32
asterisk-certified-16.8-cert6-summary.html Normal file
View File

@@ -0,0 +1,32 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><title>Release Summary - asterisk-certified/16.8-cert6</title><h1 align="center"><a name="top">Release Summary</a></h1><h3 align="center">asterisk-certified/16.8-cert6</h3><h3 align="center">Date: 2021-02-18</h3><h3 align="center">&lt;asteriskteam@digium.com&gt;</h3><hr><h2 align="center">Table of Contents</h2><ol>
<li><a href="#summary">Summary</a></li>
<li><a href="#contributors">Contributors</a></li>
<li><a href="#closed_issues">Closed Issues</a></li>
<li><a href="#commits">Other Changes</a></li>
<li><a href="#diffstat">Diffstat</a></li>
</ol><hr><a name="summary"><h2 align="center">Summary</h2></a><center><a href="#top">[Back to Top]</a></center><p>This release has been made to address one or more security vulnerabilities that have been identified. A security advisory document has been published for each vulnerability that includes additional information. Users of versions of Asterisk that are affected are strongly encouraged to review the advisories and determine what action they should take to protect their systems from these issues.</p><p>Security Advisories:</p><ul>
<li><a href="http://downloads.asterisk.org/pub/security/AST-2021-002,AST-2021-003,AST-2021-004,AST-2021-005.html">AST-2021-002,AST-2021-003,AST-2021-004,AST-2021-005</a></li>
</ul><p>The data in this summary reflects changes that have been made since the previous release, asterisk-certified/16.8-cert5.</p><hr><a name="contributors"><h2 align="center">Contributors</h2></a><center><a href="#top">[Back to Top]</a></center><p>This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.</p><table width="100%" border="0">
<tr><th width="33%">Coders</th><th width="33%">Testers</th><th width="33%">Reporters</th></tr>
<tr valign="top"><td width="33%">2 Joshua C. Colp <jcolp@sangoma.com><br/>1 Sean Bright <sean.bright@gmail.com><br/>1 Kevin Harwell <kharwell@sangoma.com><br/>1 Alexander Traud <pabstraud@compuserve.com><br/></td><td width="33%"><td width="33%">1 Mauri de Souza Meneguzzo (3CPlus) <mauri.nunes@fluxoti.com><br/>1 Gregory Massel <greg@csurf.co.za><br/>1 Alexander Traud<br/>1 Edvin Vidmar <edvinvidmar@hotmail.com><br/>1 Alexander Traud <pabstraud@compuserve.com><br/></td></tr>
</table><hr><a name="closed_issues"><h2 align="center">Closed Issues</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all issues from the issue tracker that were closed by changes that went into this release.</p><h3>Security</h3><h4>Category: Resources/res_srtp</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29260">ASTERISK-29260</a>: sRTP Replay Protection ignored; even tears down long calls<br/>Reported by: Alexander Traud<ul>
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=93468c531a20f598874d09c3a23eba8cda30589b">[93468c531a]</a> Alexander Traud -- rtp: Enable srtp replay protection</li>
</ul><br><h3>Bug</h3><h4>Category: Resources/res_pjsip</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29196">ASTERISK-29196</a>: res_pjsip: Segmentation fault<br/>Reported by: Mauri de Souza Meneguzzo (3CPlus)<ul>
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=23e96e6e1743d9c1e330aaf3ba9c7f76f39efd38">[23e96e6e17]</a> Joshua C. Colp -- pjsip: Make modify_local_offer2 tolerate previous failed SDP.</li>
</ul><br><h4>Category: Resources/res_pjsip_session</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29203">ASTERISK-29203</a>: res_pjsip_t38: Crash when changing state<br/>Reported by: Gregory Massel<ul>
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=bb5b336f78ac6b718f282b60b84dd98585ac230a">[bb5b336f78]</a> Kevin Harwell -- AST-2021-002: Remote crash possible when negotiating T.38</li>
</ul><br><h4>Category: Resources/res_pjsip_t38</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29203">ASTERISK-29203</a>: res_pjsip_t38: Crash when changing state<br/>Reported by: Gregory Massel<ul>
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=bb5b336f78ac6b718f282b60b84dd98585ac230a">[bb5b336f78]</a> Kevin Harwell -- AST-2021-002: Remote crash possible when negotiating T.38</li>
</ul><br><h4>Category: Resources/res_rtp_asterisk</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29205">ASTERISK-29205</a>: res_rtp_asterisk: Asterisk crashes when making hold/unhold from webrtc client<br/>Reported by: Edvin Vidmar<ul>
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=07eddbd56abac891d5b81f0a68ae75d4c36359c7">[07eddbd56a]</a> Sean Bright -- res_rtp_asterisk.c: Fix signed mismatch that leads to overflow</li>
</ul><br><hr><a name="commits"><h2 align="center">Commits Not Associated with an Issue</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all changes that went into this release that did not reference a JIRA issue.</p><table width="100%" border="1">
<tr><th>Revision</th><th>Author</th><th>Summary</th></tr>
<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=6b5306ecc55c84ca451f191a4ab3fc3c8653e189">6b5306ecc5</a></td><td>Joshua C. Colp</td><td>res_pjsip_pidf_digium_body_supplement: Support Sangoma user agent.</td></tr>
</table><hr><a name="diffstat"><h2 align="center">Diffstat Results</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.</p><pre>configs/samples/rtp.conf.sample | 12 ++++++++++++
doc/CHANGES-staging/srtp_replay_protection.txt | 9 +++++++++
doc/UPGRADE-staging/srtp_replay_protection.txt | 9 +++++++++
res/res_pjsip_pidf_digium_body_supplement.c | 8 +++++---
res/res_pjsip_session.c | 9 ++++++++-
res/res_pjsip_t38.c | 9 +++++++++
res/res_rtp_asterisk.c | 11 +++++++----
7 files changed, 59 insertions(+), 8 deletions(-)</pre><br></html>

141
asterisk-certified-16.8-cert6-summary.txt Normal file
View File

@@ -0,0 +1,141 @@
Release Summary
asterisk-certified/16.8-cert6
Date: 2021-02-18
<asteriskteam@digium.com>
----------------------------------------------------------------------
Table of Contents
1. Summary
2. Contributors
3. Closed Issues
4. Other Changes
5. Diffstat
----------------------------------------------------------------------
Summary
[Back to Top]
This release has been made to address one or more security vulnerabilities
that have been identified. A security advisory document has been published
for each vulnerability that includes additional information. Users of
versions of Asterisk that are affected are strongly encouraged to review
the advisories and determine what action they should take to protect their
systems from these issues.
Security Advisories:
* AST-2021-002,AST-2021-003,AST-2021-004,AST-2021-005
The data in this summary reflects changes that have been made since the
previous release, asterisk-certified/16.8-cert5.
----------------------------------------------------------------------
Contributors
[Back to Top]
This table lists the people who have submitted code, those that have
tested patches, as well as those that reported issues on the issue tracker
that were resolved in this release. For coders, the number is how many of
their patches (of any size) were committed into this release. For testers,
the number is the number of times their name was listed as assisting with
testing a patch. Finally, for reporters, the number is the number of
issues that they reported that were affected by commits that went into
this release.
Coders Testers Reporters
2 Joshua C. Colp 1 Mauri de Souza Meneguzzo (3CPlus)
1 Sean Bright 1 Gregory Massel
1 Kevin Harwell 1 Alexander Traud
1 Alexander Traud 1 Edvin Vidmar
1 Alexander Traud
----------------------------------------------------------------------
Closed Issues
[Back to Top]
This is a list of all issues from the issue tracker that were closed by
changes that went into this release.
Security
Category: Resources/res_srtp
ASTERISK-29260: sRTP Replay Protection ignored; even tears down long calls
Reported by: Alexander Traud
* [93468c531a] Alexander Traud -- rtp: Enable srtp replay protection
Bug
Category: Resources/res_pjsip
ASTERISK-29196: res_pjsip: Segmentation fault
Reported by: Mauri de Souza Meneguzzo (3CPlus)
* [23e96e6e17] Joshua C. Colp -- pjsip: Make modify_local_offer2
tolerate previous failed SDP.
Category: Resources/res_pjsip_session
ASTERISK-29203: res_pjsip_t38: Crash when changing state
Reported by: Gregory Massel
* [bb5b336f78] Kevin Harwell -- AST-2021-002: Remote crash possible when
negotiating T.38
Category: Resources/res_pjsip_t38
ASTERISK-29203: res_pjsip_t38: Crash when changing state
Reported by: Gregory Massel
* [bb5b336f78] Kevin Harwell -- AST-2021-002: Remote crash possible when
negotiating T.38
Category: Resources/res_rtp_asterisk
ASTERISK-29205: res_rtp_asterisk: Asterisk crashes when making hold/unhold
from webrtc client
Reported by: Edvin Vidmar
* [07eddbd56a] Sean Bright -- res_rtp_asterisk.c: Fix signed mismatch
that leads to overflow
----------------------------------------------------------------------
Commits Not Associated with an Issue
[Back to Top]
This is a list of all changes that went into this release that did not
reference a JIRA issue.
+------------------------------------------------------------------------+
| Revision | Author | Summary |
|------------+-----------+-----------------------------------------------|
| 6b5306ecc5 | Joshua C. | res_pjsip_pidf_digium_body_supplement: |
| | Colp | Support Sangoma user agent. |
+------------------------------------------------------------------------+
----------------------------------------------------------------------
Diffstat Results
[Back to Top]
This is a summary of the changes to the source code that went into this
release that was generated using the diffstat utility.
configs/samples/rtp.conf.sample | 12 ++++++++++++
doc/CHANGES-staging/srtp_replay_protection.txt | 9 +++++++++
doc/UPGRADE-staging/srtp_replay_protection.txt | 9 +++++++++
res/res_pjsip_pidf_digium_body_supplement.c | 8 +++++---
res/res_pjsip_session.c | 9 ++++++++-
res/res_pjsip_t38.c | 9 +++++++++
res/res_rtp_asterisk.c | 11 +++++++----
7 files changed, 59 insertions(+), 8 deletions(-)