Release Summary certified-asterisk-11.6-cert5 Date: 2014-09-05 ---------------------------------------------------------------------- Table of Contents 1. Summary 2. Contributors 3. Closed Issues 4. Other Changes 5. Diffstat ---------------------------------------------------------------------- Summary [Back to Top] This release includes only bug fixes. The changes included were made only to address problems that have been identified in this release series. Users should be able to safely upgrade to this version if this release series is already in use. Users considering upgrading from a previous release series are strongly encouraged to review the UPGRADE.txt document as well as the CHANGES document for information about upgrading to this release series. The data in this summary reflects changes that have been made since the previous release, certified-asterisk-11.6.0. ---------------------------------------------------------------------- Contributors [Back to Top] This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were closed by commits that went into this release. Coders Testers Reporters 5 mjordan 2 rsw686 2 coreyfarrell 5 Nitesh Bansal 2 Tommy Thomspon 2 mjordan 5 xytis 1 Jan Juergens 2 rmudgett 4 sgriepentrog 1 j_juergens 3 rmudgett 1 jbigelow 1 bebuild 1 jideliov 1 Corey Farrell 1 kenner 1 dlee 1 nbansal 1 Elazar Broad 1 rnewton 1 jrose 1 rsw686 1 kharwell 1 shaunc869 1 kmoore 1 stephane.chazelas 1 tthompson 1 tzafrir 1 wimpy 1 xytis ---------------------------------------------------------------------- Closed Issues [Back to Top] This is a list of all issues from the issue tracker that were closed by changes that went into this release. Category: Applications/app_mixmonitor ASTERISK-23609: Security: AMI action MixMonitor allows arbitrary programs to be run Revision: 415842 Reporter: coreyfarrell Coders: jrose Category: Applications/app_sms ASTERISK-22590: BufferOverflow in unpacksms16() when receiving 16 bit multipart SMS with app_sms Revision: 403860 Reporter: j_juergens Testers: Jan Juergens Coders: sgriepentrog Category: Channels/chan_pjsip ASTERISK-22667: crash: directmedia with both phones placing each other on hold Revision: 402382 Reporter: jbigelow Coders: mjordan Category: Channels/chan_sip/General ASTERISK-22667: crash: directmedia with both phones placing each other on hold Revision: 402382 Reporter: jbigelow Coders: mjordan ASTERISK-23047: Orphaned (stuck) channel occurs during a failed SIP transfer to parking space Revision: 405536 Reporter: tthompson Testers: rsw686, Tommy Thomspon Coders: mjordan ASTERISK-23373: [patch]Security: Open FD exhaustion with chan_sip Session-Timers Revision: 410359 Reporter: coreyfarrell Coders: Corey Farrell Category: Channels/chan_sip/SRTP ASTERISK-22961: [patch] DTLS-SRTP not working with SHA-256 Revision: 417724 Reporter: jideliov Coders: xytis, Nitesh Bansal Category: Channels/chan_sip/TCP-TLS ASTERISK-18345: [patch] sips connection dropped by asterisk with a large INVITE Revision: 420559 Reporter: stephane.chazelas Coders: Elazar Broad Category: Channels/chan_sip/WebSocket ASTERISK-22961: [patch] DTLS-SRTP not working with SHA-256 Revision: 417724 Reporter: jideliov Coders: xytis, Nitesh Bansal Category: Core/AstDB ASTERISK-22350: DUNDI - core dump on shutdown - segfault in sqlite3_reset from /usr/lib/libsqlite3.so.0 Revision: 404349 Reporter: wimpy Coders: sgriepentrog Category: Core/General ASTERISK-22905: Prevent Asterisk functions that are 'dangerous' from being executed from external interfaces Revision: 403956 Reporter: mjordan Coders: dlee ASTERISK-23084: [patch]rasterisk needlessly prints the AST-2013-007 warning Revision: 412212 Reporter: tzafrir Coders: kharwell Category: Core/HTTP ASTERISK-23340: Security Vulnerability: stack allocation of cookie headers in loop allows for unauthenticated remote denial of service attack Revision: 410429 Reporter: mjordan Coders: rmudgett ASTERISK-23673: Security: DOS by consuming the number of allowed HTTP connections. Revision: 415977 Reporter: rmudgett Coders: rmudgett ASTERISK-23673: Security: DOS by consuming the number of allowed HTTP connections. Revision: 416106 Reporter: rmudgett Coders: rmudgett Category: Core/ManagerInterface ASTERISK-22905: Prevent Asterisk functions that are 'dangerous' from being executed from external interfaces Revision: 403956 Reporter: mjordan Coders: dlee Category: Features/Parking ASTERISK-22834: Parking by blind transfer when lot full orphans channels Revision: 405536 Reporter: rsw686 Testers: rsw686, Tommy Thomspon Coders: mjordan Category: Functions/General ASTERISK-22905: Prevent Asterisk functions that are 'dangerous' from being executed from external interfaces Revision: 403956 Reporter: mjordan Coders: dlee Category: PBX/pbx_dundi ASTERISK-22350: DUNDI - core dump on shutdown - segfault in sqlite3_reset from /usr/lib/libsqlite3.so.0 Revision: 404349 Reporter: wimpy Coders: sgriepentrog Category: Resources/res_agi ASTERISK-22905: Prevent Asterisk functions that are 'dangerous' from being executed from external interfaces Revision: 403956 Reporter: mjordan Coders: dlee Category: Resources/res_ari ASTERISK-22905: Prevent Asterisk functions that are 'dangerous' from being executed from external interfaces Revision: 403956 Reporter: mjordan Coders: dlee Category: Resources/res_http_websocket ASTERISK-21383: STUN Binding Requests Not Being Sent Back from Asterisk to Chrome Revision: 417724 Reporter: shaunc869 Coders: xytis, Nitesh Bansal Category: Resources/res_pjsip ASTERISK-22911: [patch]Asterisk fails to resume WebRTC call from hold Revision: 417724 Reporter: xytis Coders: xytis, Nitesh Bansal Category: Resources/res_rtp_asterisk ASTERISK-22667: crash: directmedia with both phones placing each other on hold Revision: 402382 Reporter: jbigelow Coders: mjordan ASTERISK-22911: [patch]Asterisk fails to resume WebRTC call from hold Revision: 417724 Reporter: xytis Coders: xytis, Nitesh Bansal ASTERISK-23649: [patch]Support for DTLS retransmission Revision: 417724 Reporter: nbansal Coders: xytis, Nitesh Bansal ASTERISK-23834: res_rtp_asterisk debug message gives wrong length if ICE Revision: 417724 Reporter: kenner Coders: xytis, Nitesh Bansal ---------------------------------------------------------------------- Commits Not Associated with an Issue [Back to Top] This is a list of all changes that went into this release that did not directly close an issue from the issue tracker. The commits may have been marked as being related to an issue. If that is the case, the issue numbers are listed here, as well. +------------------------------------------------------------------------+ | Revision | Author | Summary | Issues | | | | | Referenced | |----------+--------------+---------------------------------+------------| | 401416 | bebuild | Create branch for Certified | | | | | Asterisk 11.6. | | |----------+--------------+---------------------------------+------------| | 402377 | mjordan | SVN properties: Add svnmerge | | | | | properties for 11 | | |----------+--------------+---------------------------------+------------| | 402383 | mjordan | Remove old summaries | | |----------+--------------+---------------------------------+------------| | 418368 | sgriepentrog | config: inform config hook of | | | | | change when writing file | | |----------+--------------+---------------------------------+------------| | 419308 | sgriepentrog | app_voicemail: use a consistent | | | | | generator string | | +------------------------------------------------------------------------+ ---------------------------------------------------------------------- Diffstat Results [Back to Top] This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility. .version | 2 ChangeLog | 4 README-SERIOUSLY.bestpractices.txt | 24 UPGRADE.txt | 64 ++ apps/app_adsiprog.c | 1 apps/app_alarmreceiver.c | 1 apps/app_amd.c | 1 apps/app_chanisavail.c | 1 apps/app_confbridge.c | 6 apps/app_dahdiras.c | 1 apps/app_dictate.c | 1 apps/app_dumpchan.c | 20 apps/app_externalivr.c | 1 apps/app_festival.c | 1 apps/app_getcpeid.c | 1 apps/app_ices.c | 1 apps/app_image.c | 1 apps/app_jack.c | 1 apps/app_minivm.c | 1 apps/app_mixmonitor.c | 6 apps/app_morsecode.c | 1 apps/app_mp3.c | 1 apps/app_nbscat.c | 1 apps/app_osplookup.c | 1 apps/app_queue.c | 16 apps/app_sms.c | 4 apps/app_talkdetect.c | 1 apps/app_test.c | 1 apps/app_url.c | 1 apps/app_verbose.c | 4 apps/app_voicemail.c | 4 apps/app_waitforring.c | 1 apps/app_waitforsilence.c | 1 apps/app_zapateller.c | 1 apps/confbridge/conf_state_multi_marked.c | 25 asterisk-11.6.0-rc2-summary.html | 62 -- asterisk-11.6.0-rc2-summary.txt | 91 --- build_tools/cflags-devmode.xml | 10 build_tools/cflags.xml | 7 build_tools/embed_modules.xml | 11 cdr/cdr_csv.c | 1 cdr/cdr_odbc.c | 1 cdr/cdr_pgsql.c | 1 cdr/cdr_radius.c | 1 cdr/cdr_sqlite3_custom.c | 1 cdr/cdr_tds.c | 1 cel/cel_pgsql.c | 1 cel/cel_radius.c | 1 cel/cel_sqlite3_custom.c | 1 cel/cel_tds.c | 1 channels/chan_alsa.c | 1 channels/chan_console.c | 1 channels/chan_gtalk.c | 1 channels/chan_iax2.c | 148 ++++- channels/chan_jingle.c | 1 channels/chan_mgcp.c | 1 channels/chan_misdn.c | 1 channels/chan_nbs.c | 3 channels/chan_oss.c | 1 channels/chan_phone.c | 1 channels/chan_sip.c | 631 ++++++++++------------ channels/chan_skinny.c | 1 channels/chan_unistim.c | 1 channels/console_board.c | 1 channels/console_gui.c | 1 channels/console_video.c | 1 channels/sig_pri.c | 87 ++- channels/sip/include/sip.h | 3 configs/asterisk.conf.sample | 6 configs/http.conf.sample | 6 configs/iax.conf.sample | 20 configs/logger.conf.sample | 19 configs/sip.conf.sample | 10 configure.ac | 7 formats/format_jpeg.c | 1 formats/format_vox.c | 1 funcs/func_db.c | 20 funcs/func_env.c | 28 - funcs/func_frame_trace.c | 1 funcs/func_lock.c | 21 funcs/func_pitchshift.c | 1 funcs/func_realtime.c | 60 +- funcs/func_shell.c | 18 funcs/func_timeout.c | 16 include/asterisk/autoconfig.h.in | 9 include/asterisk/frame.h | 26 include/asterisk/logger.h | 101 +++ include/asterisk/pbx.h | 64 ++ include/asterisk/rtp_engine.h | 35 + include/asterisk/tcptls.h | 63 ++ include/asterisk/utils.h | 1 main/asterisk.c | 197 ++++--- main/cel.c | 273 +++++++-- main/cli.c | 359 ++++++++----- main/config.c | 92 ++- main/db.c | 24 main/features.c | 8 main/http.c | 97 ++- main/logger.c | 211 ++++++- main/manager.c | 205 +++++-- main/pbx.c | 355 ++++++++++-- main/rtp_engine.c | 19 main/tcptls.c | 558 +++++++++++++++++--- main/utils.c | 19 pbx/pbx_ael.c | 1 pbx/pbx_dundi.c | 1 pbx/pbx_lua.c | 1 pbx/pbx_realtime.c | 1 res/res_ael_share.c | 1 res/res_config_ldap.c | 1 res/res_config_pgsql.c | 1 res/res_config_sqlite.c | 1 res/res_corosync.c | 1 res/res_fax_spandsp.c | 1 res/res_http_websocket.c | 8 res/res_phoneprov.c | 1 res/res_pktccops.c | 1 res/res_rtp_asterisk.c | 824 +++++++++++++++++++++--------- res/res_snmp.c | 1 res/res_timing_kqueue.c | 1 res/res_timing_pthread.c | 1 utils/ael_main.c | 1 utils/astman.c | 1 utils/check_expr.c | 1 utils/conf2ael.c | 1 utils/extconf.c | 1 utils/muted.c | 1 utils/refcounter.c | 1 utils/smsq.c | 1 utils/stereorize.c | 1 utils/streamplayer.c | 1 131 files changed, 3679 insertions(+), 1407 deletions(-) ----------------------------------------------------------------------