kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2025-09-02 03:02:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update for 21.9.1

Browse Source
This commit is contained in:
Asterisk Development Team
2025-05-22 15:57:26 +00:00
parent 87a55ee3df
commit 5d8b6b4f8c
7 changed files with 147 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.version
View File

@@ -1 +1 @@
21.9.0
21.9.1

2
CHANGES.html
View File

@@ -1 +1 @@
ChangeLogs/ChangeLog-21.9.0.html
ChangeLogs/ChangeLog-21.9.1.html

2
CHANGES.md
View File

@@ -1 +1 @@
ChangeLogs/ChangeLog-21.9.0.md
ChangeLogs/ChangeLog-21.9.1.md

66
ChangeLogs/ChangeLog-21.9.1.html Normal file
View File

@@ -0,0 +1,66 @@
<html><head><title>ChangeLog for asterisk-21.9.1</title></head><body>
<h2>Change Log for Release asterisk-21.9.1</h2>
<h3>Links:</h3>
<ul>
<li><a href="https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-21.9.1.html">Full ChangeLog</a> </li>
<li><a href="https://github.com/asterisk/asterisk/compare/21.9.0...21.9.1">GitHub Diff</a> </li>
<li><a href="https://downloads.asterisk.org/pub/telephony/asterisk/asterisk-21.9.1.tar.gz">Tarball</a> </li>
<li><a href="https://downloads.asterisk.org/pub/telephony/asterisk">Downloads</a> </li>
</ul>
<h3>Summary:</h3>
<ul>
<li>Commits: 2</li>
<li>Commit Authors: 1</li>
<li>Issues Resolved: 0</li>
<li>Security Advisories Resolved: 2</li>
<li><a href="https://github.com/asterisk/asterisk/security/advisories/GHSA-2grh-7mhv-fcfw">GHSA-2grh-7mhv-fcfw</a>: Using malformed From header can forge identity with ";" or NULL in name portion</li>
<li><a href="https://github.com/asterisk/asterisk/security/advisories/GHSA-c7p6-7mvq-8jq2">GHSA-c7p6-7mvq-8jq2</a>: cli_permissions.conf: deny option does not work for disallowing shell commands</li>
</ul>
<h3>User Notes:</h3>
<ul>
<li>
<h4>asterisk.c: Add option to restrict shell access from remote consoles.</h4>
A new asterisk.conf option 'disable_remote_console_shell' has
been added that, when set, will prevent remote consoles from executing
shell commands using the '!' prefix.
Resolves: #GHSA-c7p6-7mvq-8jq2</li>
</ul>
<h3>Upgrade Notes:</h3>
<h3>Commit Authors:</h3>
<ul>
<li>George Joseph: (2)</li>
</ul>
<h2>Issue and Commit Detail:</h2>
<h3>Closed Issues:</h3>
<ul>
<li>!GHSA-2grh-7mhv-fcfw: Using malformed From header can forge identity with ";" or NULL in name portion</li>
<li>!GHSA-c7p6-7mvq-8jq2: cli_permissions.conf: deny option does not work for disallowing shell commands</li>
</ul>
<h3>Commits By Author:</h3>
<ul>
<li>
<h4>George Joseph (2):</h4>
</li>
<li>res_pjsip_messaging.c: Mask control characters in received From display name</li>
<li>asterisk.c: Add option to restrict shell access from remote consoles.</li>
</ul>
<h3>Commit List:</h3>
<ul>
<li>asterisk.c: Add option to restrict shell access from remote consoles.</li>
<li>res_pjsip_messaging.c: Mask control characters in received From display name</li>
</ul>
<h3>Commit Details:</h3>
<h4>asterisk.c: Add option to restrict shell access from remote consoles.</h4>
<p>Author: George Joseph
Date: 2025-05-19</p>
<p>UserNote: A new asterisk.conf option 'disable_remote_console_shell' has
been added that, when set, will prevent remote consoles from executing
shell commands using the '!' prefix.</p>
<p>Resolves: #GHSA-c7p6-7mvq-8jq2</p>
<h4>res_pjsip_messaging.c: Mask control characters in received From display name</h4>
<p>Author: George Joseph
Date: 2025-03-24</p>
<p>Incoming SIP MESSAGEs will now have their From header's display name
sanitized by replacing any characters &lt; 32 (space) with a space.</p>
<p>Resolves: #GHSA-2grh-7mhv-fcfw</p>
</body></html>

75
ChangeLogs/ChangeLog-21.9.1.md Normal file
View File

@@ -0,0 +1,75 @@
## Change Log for Release asterisk-21.9.1
### Links:
- [Full ChangeLog](https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-21.9.1.html)
- [GitHub Diff](https://github.com/asterisk/asterisk/compare/21.9.0...21.9.1)
- [Tarball](https://downloads.asterisk.org/pub/telephony/asterisk/asterisk-21.9.1.tar.gz)
- [Downloads](https://downloads.asterisk.org/pub/telephony/asterisk)
### Summary:
- Commits: 2
- Commit Authors: 1
- Issues Resolved: 0
- Security Advisories Resolved: 2
- [GHSA-2grh-7mhv-fcfw](https://github.com/asterisk/asterisk/security/advisories/GHSA-2grh-7mhv-fcfw): Using malformed From header can forge identity with ";" or NULL in name portion
- [GHSA-c7p6-7mvq-8jq2](https://github.com/asterisk/asterisk/security/advisories/GHSA-c7p6-7mvq-8jq2): cli_permissions.conf: deny option does not work for disallowing shell commands
### User Notes:
- #### asterisk.c: Add option to restrict shell access from remote consoles.
A new asterisk.conf option 'disable_remote_console_shell' has
been added that, when set, will prevent remote consoles from executing
shell commands using the '!' prefix.
Resolves: #GHSA-c7p6-7mvq-8jq2
### Upgrade Notes:
### Commit Authors:
- George Joseph: (2)
## Issue and Commit Detail:
### Closed Issues:
- !GHSA-2grh-7mhv-fcfw: Using malformed From header can forge identity with ";" or NULL in name portion
- !GHSA-c7p6-7mvq-8jq2: cli_permissions.conf: deny option does not work for disallowing shell commands
### Commits By Author:
- #### George Joseph (2):
- res_pjsip_messaging.c: Mask control characters in received From display name
- asterisk.c: Add option to restrict shell access from remote consoles.
### Commit List:
- asterisk.c: Add option to restrict shell access from remote consoles.
- res_pjsip_messaging.c: Mask control characters in received From display name
### Commit Details:
#### asterisk.c: Add option to restrict shell access from remote consoles.
Author: George Joseph
Date: 2025-05-19
UserNote: A new asterisk.conf option 'disable_remote_console_shell' has
been added that, when set, will prevent remote consoles from executing
shell commands using the '!' prefix.
Resolves: #GHSA-c7p6-7mvq-8jq2
#### res_pjsip_messaging.c: Mask control characters in received From display name
Author: George Joseph
Date: 2025-03-24
Incoming SIP MESSAGEs will now have their From header's display name
sanitized by replacing any characters < 32 (space) with a space.
Resolves: #GHSA-2grh-7mhv-fcfw

4
README.html
View File

@@ -1,4 +1,4 @@
<html><head><title>Readme for asterisk-21.9.0</title></head><body>
<html><head><title>Readme for asterisk-21.9.1</title></head><body>
<h1>The Asterisk(R) Open Source PBX</h1>
<pre><code>By Mark Spencer &lt;markster@digium.com&gt; and the Asterisk.org developer community.
Copyright (C) 2001-2025 Sangoma Technologies Corporation and other copyright holders.
@@ -37,7 +37,7 @@ hardware.</p>
<p>If you are updating from a previous version of Asterisk, make sure you
read the Change Logs.</p>
<!-- CHANGELOGS (the URL will change based on the location of this README) -->
<p><a href="ChangeLogs/ChangeLog-21.9.0.html">Change Logs</a></p>
<p><a href="ChangeLogs/ChangeLog-21.9.1.html">Change Logs</a></p>
<!-- END-CHANGELOGS -->
<h3>NEW INSTALLATIONS</h3>

2
README.md
View File

@@ -55,7 +55,7 @@ If you are updating from a previous version of Asterisk, make sure you
read the Change Logs.
<!-- CHANGELOGS (the URL will change based on the location of this README) -->
[Change Logs](ChangeLogs/ChangeLog-21.9.0.html)
[Change Logs](ChangeLogs/ChangeLog-21.9.1.html)
<!-- END-CHANGELOGS -->
### NEW INSTALLATIONS