Asterisk
/
asterisk
mirror of https://github.com/asterisk/asterisk
1
0
Fork 0
Code Issues Releases Wiki Activity

Update for 18.0.1

Browse Source
18.0 18.0.1
Asterisk Development Team 5 years ago
parent 7d33320cbe
commit 3c299d2aa0
6 changed files with 177 additions and 4036 deletions
Show Stats Download Patch File Download Diff File

2
.version
Unescape View File

@ -1 +1 @@
18.0.0
18.0.1

47
ChangeLog
Unescape View File

@ -1,3 +1,50 @@
2020-11-05 21:25 +0000 Asterisk Development Team <asteriskteam@digium.com>
* asterisk 18.0.1 Released.
2020-11-02 10:29 +0000 [7d33320cbe] Ben Ford <bford@digium.com>
* AST-2020-002 - res_pjsip: Stop sending INVITEs after challenge limit.
If Asterisk sends out an INVITE and receives a challenge with a
different nonce value each time, it will continuously send out INVITEs,
even if the call is hung up. The endpoint must be configured for
outbound authentication for this to occur. A limit has been set on
outbound INVITEs so that, once reached, Asterisk will stop sending
INVITEs and the transaction will terminate.
ASTERISK-29013
Change-Id: I2d001ca745b00ca8aa12030f2240cd72363b46f7
2020-11-04 15:08 +0000 [eed50a17e5] Kevin Harwell <kharwell@sangoma.com>
* AST-2020-001 - res_pjsip: Return dialog locked and referenced
pjproject returns the dialog locked and with a reference. However,
in Asterisk the method that handles this decrements the reference
and removes the lock prior to returning. This makes it possible,
under some circumstances, for another thread to free said dialog
before the thread that created it attempts to use it again. Of
course when the thread that created it tries to use a freed dialog
a crash can occur.
This patch makes it so Asterisk now returns the newly created
dialog both locked, and with an added reference. This allows the
caller to de-reference, and unlock the dialog when it is safe to
do so.
In the case of a new SIP Invite the lock, and reference are now
held for the entirety of the new invite handling process.
Otherwise it's possible for the dialog, or its dependent objects,
like the transaction, to disappear. For example if there is a TCP
transport error.
ASTERISK-29057 #close
Change-Id: I5ef645a47829596f402cf383dc02c629c618969e
(cherry picked from commit 6baa4b53bef5d9c53692f22cf146215b42de1e89)
2020-10-19 18:31 +0000 Asterisk Development Team <asteriskteam@digium.com>
* asterisk 18.0.0 Released.

1162
asterisk-18.0.0-summary.html
View File

File diff suppressed because one or more lines are too long

2873
asterisk-18.0.0-summary.txt
View File

File diff suppressed because it is too large Load Diff

22
asterisk-18.0.1-summary.html
Unescape View File

@ -0,0 +1,22 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><title>Release Summary - asterisk-18.0.1</title><h1 align="center"><a name="top">Release Summary</a></h1><h3 align="center">asterisk-18.0.1</h3><h3 align="center">Date: 2020-11-05</h3><h3 align="center">&lt;asteriskteam@digium.com&gt;</h3><hr><h2 align="center">Table of Contents</h2><ol>
<li><a href="#summary">Summary</a></li>
<li><a href="#contributors">Contributors</a></li>
<li><a href="#closed_issues">Closed Issues</a></li>
<li><a href="#diffstat">Diffstat</a></li>
</ol><hr><a name="summary"><h2 align="center">Summary</h2></a><center><a href="#top">[Back to Top]</a></center><p>This release has been made to address one or more security vulnerabilities that have been identified. A security advisory document has been published for each vulnerability that includes additional information. Users of versions of Asterisk that are affected are strongly encouraged to review the advisories and determine what action they should take to protect their systems from these issues.</p><p>Security Advisories:</p><ul>
<li><a href="http://downloads.asterisk.org/pub/security/AST-2020-001,AST-2020-002.html">AST-2020-001,AST-2020-002</a></li>
</ul><p>The data in this summary reflects changes that have been made since the previous release, asterisk-18.0.0.</p><hr><a name="contributors"><h2 align="center">Contributors</h2></a><center><a href="#top">[Back to Top]</a></center><p>This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.</p><table width="100%" border="0">
<tr><th width="33%">Coders</th><th width="33%">Testers</th><th width="33%">Reporters</th></tr>
<tr valign="top"><td width="33%">1 Kevin Harwell <kharwell@sangoma.com><br/>1 Ben Ford <bford@digium.com><br/></td><td width="33%"><td width="33%">1 Sandro Gauci <sandro@enablesecurity.com><br/>1 Sebastian Damm <damm@sipgate.de><br/></td></tr>
</table><hr><a name="closed_issues"><h2 align="center">Closed Issues</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all issues from the issue tracker that were closed by changes that went into this release.</p><h3>Security</h3><h4>Category: pjproject/pjsip</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29057">ASTERISK-29057</a>: pjsip: Crash on call rejection during high load<br/>Reported by: Sandro Gauci<ul>
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=eed50a17e57817ba7e85bdce253852466639adb0">[eed50a17e5]</a> Kevin Harwell -- AST-2020-001 - res_pjsip: Return dialog locked and referenced</li>
</ul><br><h3>Bug</h3><h4>Category: Resources/res_pjsip</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29013">ASTERISK-29013</a>: res_pjsip: Asterisk doesn't stop sending invites (with auth) on 407 replies<br/>Reported by: Sebastian Damm<ul>
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=7d33320cbe14d15b7ce45c3293f122c48c9a2fda">[7d33320cbe]</a> Ben Ford -- AST-2020-002 - res_pjsip: Stop sending INVITEs after challenge limit.</li>
</ul><br><h4>Category: Resources/res_pjsip_authenticator_digest</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29013">ASTERISK-29013</a>: res_pjsip: Asterisk doesn't stop sending invites (with auth) on 407 replies<br/>Reported by: Sebastian Damm<ul>
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=7d33320cbe14d15b7ce45c3293f122c48c9a2fda">[7d33320cbe]</a> Ben Ford -- AST-2020-002 - res_pjsip: Stop sending INVITEs after challenge limit.</li>
</ul><br><hr><a name="diffstat"><h2 align="center">Diffstat Results</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.</p><pre>include/asterisk/res_pjsip.h | 46 ++++++++++++
include/asterisk/res_pjsip_session.h | 2
res/res_pjsip.c | 52 +++++++++++---
res/res_pjsip_pubsub.c | 10 ++
res/res_pjsip_session.c | 128 ++++++++++++++++++++++++++++++++---
5 files changed, 219 insertions(+), 19 deletions(-)</pre><br></html>

107
asterisk-18.0.1-summary.txt
Unescape View File

@ -0,0 +1,107 @@
Release Summary
asterisk-18.0.1
Date: 2020-11-05
<asteriskteam@digium.com>
----------------------------------------------------------------------
Table of Contents
1. Summary
2. Contributors
3. Closed Issues
4. Diffstat
----------------------------------------------------------------------
Summary
[Back to Top]
This release has been made to address one or more security vulnerabilities
that have been identified. A security advisory document has been published
for each vulnerability that includes additional information. Users of
versions of Asterisk that are affected are strongly encouraged to review
the advisories and determine what action they should take to protect their
systems from these issues.
Security Advisories:
* AST-2020-001,AST-2020-002
The data in this summary reflects changes that have been made since the
previous release, asterisk-18.0.0.
----------------------------------------------------------------------
Contributors
[Back to Top]
This table lists the people who have submitted code, those that have
tested patches, as well as those that reported issues on the issue tracker
that were resolved in this release. For coders, the number is how many of
their patches (of any size) were committed into this release. For testers,
the number is the number of times their name was listed as assisting with
testing a patch. Finally, for reporters, the number is the number of
issues that they reported that were affected by commits that went into
this release.
Coders Testers Reporters
1 Kevin Harwell 1 Sandro Gauci
1 Ben Ford 1 Sebastian Damm
----------------------------------------------------------------------
Closed Issues
[Back to Top]
This is a list of all issues from the issue tracker that were closed by
changes that went into this release.
Security
Category: pjproject/pjsip
ASTERISK-29057: pjsip: Crash on call rejection during high load
Reported by: Sandro Gauci
* [eed50a17e5] Kevin Harwell -- AST-2020-001 - res_pjsip: Return dialog
locked and referenced
Bug
Category: Resources/res_pjsip
ASTERISK-29013: res_pjsip: Asterisk doesn't stop sending invites (with
auth) on 407 replies
Reported by: Sebastian Damm
* [7d33320cbe] Ben Ford -- AST-2020-002 - res_pjsip: Stop sending
INVITEs after challenge limit.
Category: Resources/res_pjsip_authenticator_digest
ASTERISK-29013: res_pjsip: Asterisk doesn't stop sending invites (with
auth) on 407 replies
Reported by: Sebastian Damm
* [7d33320cbe] Ben Ford -- AST-2020-002 - res_pjsip: Stop sending
INVITEs after challenge limit.
----------------------------------------------------------------------
Diffstat Results
[Back to Top]
This is a summary of the changes to the source code that went into this
release that was generated using the diffstat utility.
include/asterisk/res_pjsip.h | 46 ++++++++++++
include/asterisk/res_pjsip_session.h | 2
res/res_pjsip.c | 52 +++++++++++---
res/res_pjsip_pubsub.c | 10 ++
res/res_pjsip_session.c | 128 ++++++++++++++++++++++++++++++++---
5 files changed, 219 insertions(+), 19 deletions(-)
Write Preview
Loading…
Cancel
Save