Log message:
Pullup ticket 2887 - requested by jnemeth
asterisk16: security update
---
Apply patch to update comms/asterisk16 to version 1.6.0.15:
- 1.6.0.11 was never released
- 1.6.0.12 fixes AST-2009-005 which is a remote DOS issue in SIP
- 1.6.0.13 fixes a bug in 1.6.0.12 security fix
- 1.6.0.14 has additional updates for AST-2009-001 and AST-2009-005 plus
SIP Changes
-----------
* Added a new 'ignoresdpversion' option to sip.conf. When this is enabled
(either globally or for a specific peer), chan_sip will treat any SDP data
it receives as new data and update the media stream accordingly. By
default, Asterisk will only modify the media stream if the SDP session
version received is different from the current SDP session version. This
option is required to interoperate with devices that have non-standard SDP
session version implementations (observed with Microsoft OCS). This option
is disabled by default. In addition, this behavior is automatic when the SDP
received
is in response to a T.38 re-INVITE that Asterisk initiated. In this situation
,
since the call will fail if Asterisk does not process the incoming SDP, Aster
isk
will accept the SDP even if the SDP version number is not properly incremente
d,
but will generate a warning in the log indicating that the SIP peer that sent
the SDP should have the 'ignoresdpversion' option set.
Closed Issues
This is a list of all issues from the issue tracker that were closed by
changes that went into this release.
Category: Addons/General
#15269: [patch] memory leak in asterisk some bug fixing and removing
Redundant condition
Category: Applications/General
#15022: [patch] Language handling for numbers, dates, etc is misbehaving
when utilizing sub-regional languages
Category: Applications/app_chanspy
#15660: ChanSpy "whisper" is broken in 1.4.26
Category: Applications/app_fax
#15355: app_fax does not compile with iaxmodem 1.2.0
#15480: [patch] Not all fixes from #14849 are committed
#15606: app_fax.c is not compiling under OpenBSD
#15610: T.38 re-INVITE received after T.38 already negotiated fails
Category: Applications/app_meetme
#15493: [patch] contrib/scripts/meetme.sql doesn't contain all fields
Category: Applications/app_milliwatt
#15386: [patch] Milliwatt() is off by -11dbm
Category: Applications/app_mixmonitor
#15259: MixMonitor is not releasing the file handle on the recorded file
#15699: [patch] using ast_free instead of mixmonitor_free
Category: Applications/app_queue
#14536: [patch] After a caller is processed by app_queue the queue_log
logs the hangup as TRANSFER
#14631: [patch] Ghost calls with queues and spa942 and 922
#15664: [patch] QUEUE_MEMBER_LIST() returns member names instead of
interfaces
Category: Applications/app_stack
#15557: [patch] Gosub() dequotes once more than Macro()
#15617: [patch] crash in LOCAL() if Gosub stack is allocated but empty
Category: Applications/app_voicemail
#14554: [patch] # for fastforward goes beyond end of message
#14932: [patch] asterisk-1.6.0.9-x86_64 segfaults when leaving a voicemail
internally to another extension
#15331: [patch] Log message does not match conditional check
#15333: [patch] add FILE_STORAGE to Voicemail Build Options
#15720: opendir() return code is not checked in last_message_index()
Category: Applications/app_voicemail/IMAP
#14496: [patch] IMAP crash multiple callers / callers hangup at beep
#14597: greetings can not be retrieved from IMAP
#14950: [patch] Greetings are stored as IMAP messages even when
imapgreetings=no
Category: CDR/General
#15751: [patch] Core dump in ast_bridge_call features.c line 2772
Category: Channels/General
#15330: [patch] Using CHANNEL function from ZOMBIE channel stops Asterisk
#15416: No voice on PRI calls with asterisk 1.4.25 & 26
Category: Channels/chan_dahdi
#13917: [patch] fxo modules incorrectly believes channel is answered, if
telco reverses line polarity at off hook.
#14383: priexclusive parameter ignored if pri = pri_cpe ?
#14434: [patch] Dahdi does not wait for wink on outbound calls before
dialing DTMF with Signalling type = em_w
#14434: [patch] Dahdi does not wait for wink on outbound calls before
dialing DTMF with Signalling type = em_w
#14477: pseudo channel disappears after dahdi restart
#14696: reload in console overwrites priindication=outofband setting
#14726: Conditional compilation of a diagnostic message needs an L
modifier to %d for a 64 bit integer
#15248: [patch] Multiple Groups Not working
#15389: [patch] no audio with SIP call to ISDN PRI, if neither Progress or
Proceeding are received.
#15655: [patch] Dialplan starts execution before call is accepted
Category: Channels/chan_iax2
#15361: [patch] AST-2009-001 breaks IAX2 RFC5456 compliance - Timestamps
in POKE/PONG zero in 2 of 4 Bytes
#15404: [patch] Unrequired Debug Message
Category: Channels/chan_misdn
#11974: external lines connected with message !! Got Busy in Connected
State !?!
#12113: [patch] asterisk crash at reload chan_misdn.so
#14355: [patch] Segfault if you transfer a call into a meetme room
#14692: [patch] ISDN-Transfer causes backcall attempt of attendent phone
Category: Channels/chan_sip/General
#11231: [patch] Many retransmits when chan_sip generates multiple
outstanding requests
#12434: Handle wrong at offer/answer in sdp in media description(m=)
#12869: [patch] 'context' doesn't change when 'sip reload' issued when
driven from realtime
#13432: [patch] outboundproxy=proxy.mmmydomain.net where domain can not be
resolved silently removes the sip section
#13623: Asterisk segfaults when using SIP session timers
#14239: [patch] 491-request pending is sent out of dialog
#14464: [patch] lock during simple call processing
#14575: BYE to 408 Request Timeout
#14659: [patch] MWI NOTIFY contains a wrong URI if Asterisk listens to
non-standard port (5060)
#15213: [patch] asterisk lock in sipsock_read for several seconds and drop
sip packets
#15283: [patch] CLI NOTIFY always tries to use UDP, even if the peer is
connected via TCP
#15345: [patch] SIP deadlock in 1.4 revision 199472
#15349: Deadlock in do_monitor() of chan_sip
#15362: [patch] log message output is truncated
#15376: SIP option (SIP_OPT_ flag) is not handled correctly
#15403: [patch] Session timer is not activated
Category: Channels/chan_sip/Interoperability
#13958: SDP replies incorrect - 'a=inactive' - replied to with
'a=sendrecv'
#14465: [patch] Incorrect From: header information when
CALLERPRES=PRES_PROHIB
#14584: [patch] Asterisk does not stop retransmission
#14725: Asterisk doesn't add Route headers in NOTIFY when the SUBSCRIBE
came from a proxy
#15158: [patch] Message: "Unable to handle indication 3"
Revision: 200362
#15442: [patch] Asterisk cannot handle SIP 183 "Session Progress" if no
SDP is contained in it
Category: Channels/chan_sip/Registration
#14344: [patch] Outbound proxy not used for registrations
#14366: [patch] Registration expiry not compatible with some ITSP
#15102: [patch] Registration Deadlock between Asterisk and Polycom
Soundpoint IP 450
#15539: [patch] Register request line contains wrong address when domain
and registrar host differ
Category: Channels/chan_sip/T.38
#14849: [patch] SendFax function not working as expected on > 1.6.0.7
#15182: [patch] T.38 invite does not always comply with RFC 2327
Category: Channels/chan_sip/TCP-TLS
#13865: [patch] SIP/TLS enabled - just one call possible - 481
Call/Transaction Does Not Exist
#14452: in "_sip_tcp_helper_thread" Buffer is filled with dirty bytes
Category: Channels/chan_sip/Video
#15121: [patch] Video support in SIP channel driver appears to be totally
broken
Category: Core/BuildSystem
#15697: most cleaner alaw don't compile
#15698: [patch] If enable DEBUG_FD_LEAKS - h323 can't start.
#15714: [patch] Asterisk won't build with curl unless curl_config is
present
Category: Core/Channels
#14723: ERROR[5003]: channel.c:2043 __ast_read: ast_read() called with no
recorded file descriptor.
Category: Core/Configuration
#14509: [patch] users.conf (and other .conf files) have incorrect
whitespacing
Category: Core/General
#14730: [patch] Fix runlevels in Debian rc files
#15273: [patch] german time (20:01:00 oh clock) is announced wrong
#15649: T38 Faxing failing on 1.6.1 svn
#15667: LOGGER WARNING : error executing after rotate
Category: Core/Internationalization
#15346: [patch] TW is not an ISO Language Code
Category: Core/ManagerInterface
#15397: [patch] segfault in action_coreshowchannels() at manager.c
Category: Core/PBX
#15057: [patch] hints with 2+ devices that include ONHOLD are often set
wrong
#15242: [patch] log does not indicate which function is missing closing
parenthesis
#15303: new_find_extension arguments in wrong order
Category: Documentation
#15518: iax.conf, IP-based access control
#15755: Description in queues.conf on call recording is slightly
misleading
Category: Functions/func_callerid
#15476: callerid(num) is wrong when username is missing
Category: Functions/func_devstate
#15413: [patch] Mapping of extension state to device state is incorrect
Category: Functions/func_iconv
#15169: When building with uClibc, configure script mistakenly assumes
iconv is always available
Category: Functions/func_realtime
#15517: [patch] memory leak in func_realtime
Category: Functions/func_uri
#15439: [patch] URIENCODE() throws a warning when passed an empty string
Category: General
#15420: [patch] No audio on calls from asterisk sip phones to nortel set
until dtmf from sip phone
#15571: [patch] 'received' typos in trunk, in 6 files
#15595: [patch] fix spelling for typos, mainly in comments.
#15595: [patch] fix spelling for typos, mainly in comments.
Category: PBX/pbx_dundi
#15322: [patch] DUNDILOOKUP() does not accept comma as argument separator
Category: Resources/res_config_ldap
#13725: [patch] ERROR[7387]: res_config_ldap.c:1292 update_ldap: Couldn't
modify dn:cn=1001,dc=xxx,dc=xxx because Invalid syntax
#15710: Typo in LDAP schema files on line 598
Category: Resources/res_features
#13794: [patch] CDR for picked up parked call gives answer time < start
time and no record for parking
Category: Resources/res_musiconhold
#15051: [patch] Moh class set in the dialplan is ignored with realtime moh
----------------------------------------------------------------------
Commits Not Associated with an Issue
This is a list of all changes that went into this release that did not
directly close an issue from the issue tracker. The commits may have been
marked as being related to an issue. If that is the case, the issue
numbers are listed here, as well.
+------------------------------------------------------------------------+
| Revision | Author | Summary | Issues |
| | | | Referenced |
|----------+------------+-----------------------------------+------------|
| 199142 | dvossel | Additional updates to | |
| | | AST-2009-001 | |
|----------+------------+-----------------------------------+------------|
| | | __WORDSIZE is not available on | |
| 199858 | seanbright | all platforms, so use sizeof(void | |
| | | *) instead. | |
|----------+------------+-----------------------------------+------------|
| | | The 1.6.0 branch was missing all | |
| 199975 | mmichelson | invite_branch logic. It has now | |
| | | been added. | |
|----------+------------+-----------------------------------+------------|
| 200040 | lmadsen | Fix path for .flavor and .version | #14737 |
|----------+------------+-----------------------------------+------------|
| 200149 | mmichelson | Fix a crash due to a potentially | |
| | | NULL p->options. | |
|----------+------------+-----------------------------------+------------|
| | | Fix all of the parallel build | |
| 200228 | seanbright | warnings issued when running make | |
| | | -j#. | |
|----------+------------+-----------------------------------+------------|
| | | Add INFO to our allowed methods | |
| 200515 | mmichelson | so that endpoints know they may | |
| | | send it to us. | |
|----------+------------+-----------------------------------+------------|
| 200729 | kpfleming | Document the new automatic | |
| | | 'ignoresdpversion' behavior. | |
|----------+------------+-----------------------------------+------------|
| | | Ensure that configure-script | |
| 200767 | kpfleming | testing for compiler attributes | |
| | | actually works. | |
|----------+------------+-----------------------------------+------------|
| | | Fix problems with new compiler | |
| 200986 | kpfleming | attribute checking in configure | |
| | | script. | |
|----------+------------+-----------------------------------+------------|
| | | Improve support for media paths | |
| 201093 | kpfleming | that can generate multiple frames | |
| | | at once. | |
|----------+------------+-----------------------------------+------------|
| | | fix issue with build_contact | |
| 201226 | dvossel | introduced by the "SIP trasnport | |
| | | type issues" commit | |
|----------+------------+-----------------------------------+------------|
| | | Correct AST_LIST_APPEND_LIST | |
| 201263 | kpfleming | behavior when list to be appended | |
| | | is empty. | |
|----------+------------+-----------------------------------+------------|
| | | Change the datastore traversal in | |
| 201459 | mmichelson | ast_do_masquerade to use a safe | |
| | | list traversal. | |
|----------+------------+-----------------------------------+------------|
| 201463 | mmichelson | Fix problem with no audio due to | |
| | | ignoring the SDP. | |
|----------+------------+-----------------------------------+------------|
| | | Fix memory corruption and leakage | #15109, |
| 201612 | russell | related reloads of non files mode | #15123, |
| | | MoH classes. | #15195 |
|----------+------------+-----------------------------------+------------|
| | | One of the changes in 1.6.1 was | |
| 201786 | tilghman | to allow app_directory to use | |
| | | functionality | |
|----------+------------+-----------------------------------+------------|
| 201830 | tilghman | If the "h" extension fails, give | \
|
| | | it another chance in main/pbx.c. | |
|----------+------------+-----------------------------------+------------|
| | | Added deadlock protection to | |
| 202006 | mnicholson | try_suggested_sip_codec in | |
| | | chan_sip.c. | |
|----------+------------+-----------------------------------+------------|
| | | Standardize return values of | |
| 202259 | russell | load_config() so reload() doesn't | |
| | | report an error on success. | |
|----------+------------+-----------------------------------+------------|
| | | Fix possibility of crashiness | |
| 202263 | russell | during reload in custom fields | |
| | | handling. | |
|----------+------------+-----------------------------------+------------|
| 202416 | russell | Make Polycom subscription type | |
| | | override check more explicit. | |
|----------+------------+-----------------------------------+------------|
| | | Fix lock usage in | |
| 202471 | seanbright | cdr_sqlite3_custom to avoid | |
| | | potential crashes during reload. | |
|----------+------------+-----------------------------------+------------|
| 202498 | russell | Report CallerID change during a | |
| | | masquerade. | |
|----------+------------+-----------------------------------+------------|
| | | I could have sworn I committed | |
| 202763 | mattf | this patch ages ago, but... bug | |
| | | fix with setting NAI properly on | |
| | | linksets in certain situations. | |
|----------+------------+-----------------------------------+------------|
| | | Ensure the default settings are | |
| 202926 | file | applied for T.38 when we set it | |
| | | up for a peer. | |
|----------+------------+-----------------------------------+------------|
| | | Use the handy UNLINK macro | |
| 202968 | mmichelson | instead of hand-coding the same | |
| | | thing in-line. | |
|----------+------------+-----------------------------------+------------|
| 203044 | rmudgett | Improved chan_dahdi.conf pritimer | |
| | | error checking. | |
|----------+------------+-----------------------------------+------------|
| 203117 | russell | Resolve a crash related to a T.38 | |
| | | reinvite race condition. | |
|----------+------------+-----------------------------------+------------|
| 203387 | twilson | I didn't see that Mark already | |
| | | fixed the underlying issue! | |
|----------+------------+-----------------------------------+------------|
| 203447 | dvossel | fixes a few redundant conditions | #15269 |
|----------+------------+-----------------------------------+------------|
| | | Improve T.38 negotiation by | |
| 203701 | file | exchanging session parameters | |
| | | between application and channel. | |
|----------+------------+-----------------------------------+------------|
| 203711 | jpeeler | whitespace fix | |
|----------+------------+-----------------------------------+------------|
| | | reverse whitespace change 203711 | |
| | | that was based on looking at | |
| 203717 | jpeeler | sig_analog (which has about a | |
| | | 1000 line indentation change that | |
| | | is not worth doing here) | |
|----------+------------+-----------------------------------+------------|
| | | Fix ast_say_counted_noun to | |
| 204476 | qwell | correctly handle Polish. Fix a | |
| | | comment typo in passing. | |
|----------+------------+-----------------------------------+------------|
| 204652 | dvossel | removes fake dialog_unref and | |
| | | dialog_ref function calls. | |
|----------+------------+-----------------------------------+------------|
| | | Improve handling of | |
| 204949 | kpfleming | AST_CONTROL_T38 and | |
| | | AST_CONTROL_T38_PARAMETERS for | |
| | | non-T.38-capable channels. | |
|----------+------------+-----------------------------------+------------|
| 204980 | tilghman | Restore Hungarian (mistakenly | |
| | | removed during merge) | |
|----------+------------+-----------------------------------+------------|
| | | Move OpenSSL initialization to a | |
| 205139 | russell | single place, make library usage | |
| | | thread-safe. | |
|----------+------------+-----------------------------------+------------|
| 205152 | russell | Use tabs instead of spaces for | |
| | | indentation. | |
|----------+------------+-----------------------------------+------------|
| | | Add redirection warnings for the | |
| 205200 | tilghman | invalid language codes previously | |
| | | removed. | |
|----------+------------+-----------------------------------+------------|
| 205220 | dvossel | ast_samp2tv needs floating point | |
| | | for 16khz audio | |
|----------+------------+-----------------------------------+------------|
| 205224 | tilghman | oops, fixing build | |
|----------+------------+-----------------------------------+------------|
| | | Update config.guess and | |
| 205296 | qwell | config.sub from the | |
| | | savannah.gnu.org git repo. | |
|----------+------------+-----------------------------------+------------|
| 205415 | dvossel | moving ast_devstate_to_extenstate | |
| | | to pbx.c from devicestate.c | |
|----------+------------+-----------------------------------+------------|
| | | pthread_self returns a pthread_t | |
| 205533 | mvanbaak | which is not an unsigned int on | |
| | | all | |
|----------+------------+-----------------------------------+------------|
| 205597 | dvossel | Fixes 8khz assumptions | |
|----------+------------+-----------------------------------+------------|
| 205608 | dvossel | Changing ast_samp2tv to not use | |
| | | floating point. | |
|----------+------------+-----------------------------------+------------|
| 205880 | mmichelson | Fix build. | |
|----------+------------+-----------------------------------+------------|
| 205940 | kpfleming | Update comments about the level | |
| | | of T.38 support in Asterisk. | |
|----------+------------+-----------------------------------+------------|
| 206369 | rmudgett | Fix some memory leaks in | |
| | | chan_misdn. | |
|----------+------------+-----------------------------------+------------|
| 206387 | russell | Ensure apathetic replies are sent | |
| | | out on the proper socket. | |
|----------+------------+-----------------------------------+------------|
| | | Only print debug info in | |
| 206637 | seanbright | codec_dahdi if we are asking for | |
| | | it. | |
|----------+------------+-----------------------------------+------------|
| 206762 | rmudgett | Merged revision 206700 from | |
|----------+------------+-----------------------------------+------------|
| 206871 | dvossel | avoid segfault caused by user | |
| | | error | |
|----------+------------+-----------------------------------+------------|
| 207097 | jpeeler | Update some missing allowed | |
| | | options for overlapdial | |
|----------+------------+-----------------------------------+------------|
| 207286 | rmudgett | | |
|----------+------------+-----------------------------------+------------|
| 207683 | kpfleming | Ensure that user-provided CFLAGS | |
| | | and LDFLAGS are honored. | |
|----------+------------+-----------------------------------+------------|
| 207725 | mmichelson | Document default timeout for AMI | |
| | | originations. | |
|----------+------------+-----------------------------------+------------|
| | | Revert r207636, this approach | |
| 207783 | jpeeler | could potentially block for an | |
| | | unacceptable | |
|----------+------------+-----------------------------------+------------|
| 208316 | mmichelson | Remove inaccurate XXX comment. | |
|----------+------------+-----------------------------------+------------|
| | | Rework of T.38 negotiation and | |
| 208468 | kpfleming | UDPTL API to address | |
| | | interoperability problems | |
|----------+------------+-----------------------------------+------------|
| 208502 | kpfleming | Use correct formatting for T.38 | |
| | | change note in UPGRADE.txt | |
|----------+------------+-----------------------------------+------------|
| | | Resolve a T.38 negotiation issue | |
| 208549 | kpfleming | left over from the udptl-updates | |
| | | merge. | |
|----------+------------+-----------------------------------+------------|
| 208594 | russell | Do not log an ERROR if | |
| | | autoservice_stop() returns -1. | |
|----------+------------+-----------------------------------+------------|
| 208752 | jpeeler | Fix compiling under dev-mode with | |
| | | gcc 4.4.0. | |
|----------+------------+-----------------------------------+------------|
| 208925 | jpeeler | Fix logic errors from 208746 | |
|----------+------------+-----------------------------------+------------|
| | | Restore explicit export of | |
| 209057 | kpfleming | ASTCFLAGS/ASTLDFLAGS and | |
| | | underscore-variants to sub-makes. | |
|----------+------------+-----------------------------------+------------|
| 209061 | dbrooks | Just replacing typos "recieved" | \
#15360 |
| | | with "received". | \
|
|----------+------------+-----------------------------------+------------|
| 209259 | kpfleming | Make T.38 switchover in | |
| | | ReceiveFAX synchronous. | |
|----------+------------+-----------------------------------+------------|
| 209280 | kpfleming | Cleanup T.38 negotiation changes. | |
|----------+------------+-----------------------------------+------------|
| 209325 | tilghman | Publish French extra sounds | |
|----------+------------+-----------------------------------+------------|
| 209394 | kpfleming | Correct error in backport of | |
| | | latest app_fax fixes. | |
|----------+------------+-----------------------------------+------------|
| | | Fix some places where | |
| 209712 | russell | ast_event_type was used instead | |
| | | of ast_event_ie_type. | |
|----------+------------+-----------------------------------+------------|
| 209762 | kpfleming | Minor changes inspired by testing | |
| | | with latest GCC. | |
|----------+------------+-----------------------------------+------------|
| 209896 | russell | Resolve a valgrind warning about | #15396 |
| | | a read from uninitialized memory. | |
|----------+------------+-----------------------------------+------------|
| 211114 | russell | Resolve a deadlock involving | |
| | | app_chanspy and masquerades. | |
|----------+------------+-----------------------------------+------------|
| 211276 | tilghman | Small oops. Clear the flags which | |
| | | have been checked. | |
|----------+------------+-----------------------------------+------------|
| 211551 | tilghman | AST-2009-005 | |
|----------+------------+-----------------------------------+------------|
| 211587 | tilghman | Conversion specifiers, not format | |
| | | specifiers | |
|----------+------------+-----------------------------------+------------|
| | | Check an actual populated | |
| 212068 | file | variable when seeing if we need | |
| | | to do video or not. | |
|----------+------------+-----------------------------------+------------|
| | | Ensure that T38FaxVersion is put | |
| 212114 | kpfleming | into outgoing SDP in the proper | |
| | | case. | |
|----------+------------+-----------------------------------+------------|
| 212432 | rmudgett | Fix uninitialized variable. | |
|----------+------------+-----------------------------------+------------|
| 212765 | rmudgett | Removed some deadwood and added | |
| | | some doxygen comments. | |
|----------+------------+-----------------------------------+------------|
| 212926 | kpfleming | Convert this branch to Opsound | |
| | | music-on-hold. | |
|----------+------------+-----------------------------------+------------|
| | | Remove some | |
| 212941 | kpfleming | accidentally-committed | |
| | | properties. | |
|----------+------------+-----------------------------------+------------|
| | | Make autoheader descriptions | |
| 214361 | tilghman | render correctly in our | #14906 |
| | | autoconfig.h file. | |
|----------+------------+-----------------------------------+------------|
| | | One more build system change, to | |
| 214474 | tilghman | make the descriptions look | |
| | | better, if we have better | |
| | | information. | |
+------------------------------------------------------------------------+
- 1.6.0.15 fixes AST-2009-006 which is a remote DOS issue in IAX2
|