| Changelog |
* Thu Apr 09 2015 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.32.3-1:
- The Asterisk Development Team has announced security releases for Certified
- Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available
- security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11,
- 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2.
-
- These releases are available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/releases
-
- The release of these versions resolves the following security vulnerability:
-
- * AST-2015-003: TLS Certificate Common name NULL byte exploit
-
- When Asterisk registers to a SIP TLS device and and verifies the server,
- Asterisk will accept signed certificates that match a common name other than
- the one Asterisk is expecting if the signed certificate has a common name
- containing a null byte after the portion of the common name that Asterisk
- expected. This potentially allows for a man in the middle attack.
-
- For more information about the details of this vulnerability, please read
- security advisory AST-2015-003, which was released at the same time as this
- announcement.
-
- For a full list of changes in the current releases, please see the ChangeLogs:
-
- http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3
- http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2
- http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2
-
- The security advisory is available at:
-
- * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf
* Thu Apr 09 2015 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.32.2-1:
- The Asterisk Development Team has announced security releases for Certified
- Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available
- security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10,
- 11.15.1, 12.8.1, and 13.1.1.
-
- These releases are available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/releases
-
- The release of these versions resolves the following security vulnerabilities:
-
- * AST-2015-001: File descriptor leak when incompatible codecs are offered
-
- Asterisk may be configured to only allow specific audio or
- video codecs to be used when communicating with a
- particular endpoint. When an endpoint sends an SDP offer
- that only lists codecs not allowed by Asterisk, the offer
- is rejected. However, in this case, RTP ports that are
- allocated in the process are not reclaimed.
-
- This issue only affects the PJSIP channel driver in
- Asterisk. Users of the chan_sip channel driver are not
- affected.
-
- * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability
-
- CVE-2014-8150 reported an HTTP request injection
- vulnerability in libcURL. Asterisk uses libcURL in its
- func_curl.so module (the CURL() dialplan function), as well
- as its res_config_curl.so (cURL realtime backend) modules.
-
- Since Asterisk may be configured to allow for user-supplied
- URLs to be passed to libcURL, it is possible that an
- attacker could use Asterisk as an attack vector to inject
- unauthorized HTTP requests if the version of libcURL
- installed on the Asterisk server is affected by
- CVE-2014-8150.
-
- For more information about the details of these vulnerabilities, please read
- security advisory AST-2015-001 and AST-2015-002, which were released at the same
- time as this announcement.
-
- For a full list of changes in the current releases, please see the ChangeLogs:
-
- http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2
- http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1
-
- The security advisories are available at:
-
- * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf
- * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf
* Fri Nov 21 2014 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.32.1-1:
- The Asterisk Development Team has announced security releases for Certified
- Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available
- security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1,
- 11.14.1, 12.7.1, and 13.0.1.
-
- These releases are available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/releases
-
- The release of these versions resolves the following security vulnerabilities:
-
- * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP
- address families
-
- Many modules in Asterisk that service incoming IP traffic have ACL options
- ("permit" and "deny") that can be used to whitelist or blacklist address
- ranges. A bug has been discovered where the address family of incoming
- packets is only compared to the IP address family of the first entry in the
- list of access control rules. If the source IP address for an incoming
- packet is not of the same address as the first ACL entry, that packet
- bypasses all ACL rules.
-
- * AST-2014-018: Permission Escalation through DB dialplan function
-
- The DB dialplan function when executed from an external protocol, such as AMI,
- could result in a privilege escalation. Users with a lower class authorization
- in AMI can access the internal Asterisk database without the required SYSTEM
- class authorization.
-
- In addition, the release of 11.6-cert8 and 11.14.1 resolves the following
- security vulnerability:
-
- * AST-2014-014: High call load with ConfBridge can result in resource exhaustion
-
- The ConfBridge application uses an internal bridging API to implement
- conference bridges. This internal API uses a state model for channels within
- the conference bridge and transitions between states as different things
- occur. Unload load it is possible for some state transitions to be delayed
- causing the channel to transition from being hung up to waiting for media. As
- the channel has been hung up remotely no further media will arrive and the
- channel will stay within ConfBridge indefinitely.
-
- In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves
- the following security vulnerability:
-
- * AST-2014-017: Permission Escalation via ConfBridge dialplan function and
- AMI ConfbridgeStartRecord Action
-
- The CONFBRIDGE dialplan function when executed from an external protocol (such
- as AMI) can result in a privilege escalation as certain options within that
- function can affect the underlying system. Additionally, the AMI
- ConfbridgeStartRecord action has options that would allow modification of the
- underlying system, and does not require SYSTEM class authorization in AMI.
-
- Finally, the release of 12.7.1 and 13.0.1 resolves the following security
- vulnerabilities:
-
- * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack
-
- The Asterisk module res_pjsip provides the ability to configure ACLs that may
- be used to reject SIP requests from various hosts. However, the module
- currently fails to create and apply the ACLs defined in its configuration
- file on initial module load.
-
- * AST-2014-015: Remote crash vulnerability in PJSIP channel driver
-
- The chan_pjsip channel driver uses a queue approach for relating to SIP
- sessions. There exists a race condition where actions may be queued to answer
- a session or send ringing after a SIP session has been terminated using a
- CANCEL request. The code will incorrectly assume that the SIP session is still
- active and attempt to send the SIP response. The PJSIP library does not
- expect the SIP session to be in the disconnected state when sending the
- response and asserts.
-
- * AST-2014-016: Remote crash vulnerability in PJSIP channel driver
-
- When handling an INVITE with Replaces message the res_pjsip_refer module
- incorrectly assumes that it will be operating on a channel that has just been
- created. If the INVITE with Replaces message is sent in-dialog after a session
- has been established this assumption will be incorrect. The res_pjsip_refer
- module will then hang up a channel that is actually owned by another thread.
- When this other thread attempts to use the just hung up channel it will end up
- using a freed channel which will likely result in a crash.
-
- For more information about the details of these vulnerabilities, please read
- security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015,
- AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same
- time as this announcement.
-
- For a full list of changes in the current releases, please see the ChangeLogs:
-
- http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3
- http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1
-
- The security advisories are available at:
-
- * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf
- * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf
- * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf
- * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf
- * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf
- * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf
- * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf
* Fri Nov 21 2014 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.32.0-1:
- The Asterisk Development Team has announced the release of Asterisk 1.8.32.0.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk
-
- The release of Asterisk 1.8.32.0 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following are the issues resolved in this release:
-
- Bugs fixed in this release:
- -----------------------------------
- * ASTERISK-24348 - Built-in editline tab complete segfault with
- MALLOC_DEBUG (Reported by Walter Doekes)
- * ASTERISK-24335 - [PATCH] Asterisk incorrectly responds 503 to
- INVITE retransmissions of rejected calls (Reported by Torrey
- Searle)
- * ASTERISK-23768 - [patch] Asterisk man page contains a (new)
- unquoted minus sign (Reported by Jeremy Lainé)
- * ASTERISK-24357 - [fax] Out of bounds error in update_modem_bits
- (Reported by Jeremy Lainé)
- * ASTERISK-22945 - [patch] Memory leaks in chan_sip.c with
- realtime peers (Reported by ibercom)
- * ASTERISK-24390 - astobj2: REF_DEBUG reports false leaks with
- ao2_callback with OBJ_MULTIPLE (Reported by Corey Farrell)
- * ASTERISK-24011 - [patch]safe_asterisk tries to set ulimit -n too
- high on linux systems with lots of RAM (Reported by Michael
- Myles)
- * ASTERISK-20784 - Failure to receive an ACK to a SIP Re-INVITE
- results in a SIP channel leak (Reported by NITESH BANSAL)
- * ASTERISK-15879 - [patch] Failure to receive an ACK to a SIP
- Re-INVITE results in a SIP channel leak (Reported by Torrey
- Searle)
- * ASTERISK-24406 - Some caller ID strings are parsed differently
- since 11.13.0 (Reported by Etienne Lessard)
- * ASTERISK-24325 - res_calendar_ews: cannot be used with neon 0.30
- (Reported by Tzafrir Cohen)
- * ASTERISK-13797 - [patch] relax badshell tilde test (Reported by
- Tzafrir Cohen)
- * ASTERISK-22791 - asterisk sends Re-INVITE after receiving a BYE
- (Reported by Paolo Compagnini)
- * ASTERISK-18923 - res_fax_spandsp usage counter is wrong
- (Reported by Grigoriy Puzankin)
- * ASTERISK-24393 - rtptimeout=0 doesn't disable rtptimeout
- (Reported by Dmitry Melekhov)
- * ASTERISK-24063 - [patch]Asterisk does not respect outbound proxy
- when sending qualify requests (Reported by Damian Ivereigh)
- * ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of
- SSLv3, security fix POODLE (CVE-2014-3566) (Reported by
- abelbeck)
- * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling
- against libsrtp-1.5.0 (Reported by Patrick Laimbock)
- * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers
- (Reported by Olle Johansson)
- * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by
- Nick Adams)
- * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled
- (Reported by Corey Farrell)
- * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream
- leaks (Reported by Corey Farrell)
- * ASTERISK-24307 - Unintentional memory retention in stringfields
- (Reported by Etienne Lessard)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.32.0
* Tue Oct 21 2014 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.31.1-1:
- The Asterisk Development Team has announced security releases for Certified
- Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available
- security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1,
- 11.13.1, 12.6.1, and 13.0.0-beta3.
-
- These releases are available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/releases
-
- The release of these versions resolves the following security vulnerability:
-
- * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability
-
- Asterisk is susceptible to the POODLE vulnerability in two ways:
- 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their
- encrypted connections.
- 2) The core TLS handling in Asterisk, which is used by the chan_sip channel
- driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by
- default allow a TLS connection to fallback to SSLv3. This allows for a
- MITM to potentially force a connection to fallback to SSLv3, exposing it
- to the POODLE vulnerability.
-
- These issues have been resolved in the versions released in conjunction with
- this security advisory.
-
- For more information about the details of this vulnerability, please read
- security advisory AST-2014-011, which was released at the same time as this
- announcement.
-
- For a full list of changes in the current releases, please see the ChangeLogs:
-
- http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2
- http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3
-
- The security advisory is available at:
-
- * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf
* Tue Oct 21 2014 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.31.0-1:
- The Asterisk Development Team has announced the release of Asterisk 1.8.31.0.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk
-
- The release of Asterisk 1.8.31.0 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following are the issues resolved in this release:
-
- Bugs fixed in this release:
- -----------------------------------
- * ASTERISK-24032 - Gentoo compilation emits warning:
- "_FORTIFY_SOURCE" redefined (Reported by Kilburn)
- * ASTERISK-24225 - Dial option z is broken (Reported by
- dimitripietro)
- * ASTERISK-24178 - [patch]fromdomainport used even if not set
- (Reported by Elazar Broad)
- * ASTERISK-24019 - When a Music On Hold stream starts it restarts
- at beginning of file. (Reported by Jason Richards)
- * ASTERISK-24211 - testsuite: Fix the dial_LS_options test
- (Reported by Matt Jordan)
- * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash
- Mohod)
-
- Improvements made in this release:
- -----------------------------------
- * ASTERISK-24171 - [patch] Provide a manpage for the aelparse
- utility (Reported by Jeremy Lainé)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.31.0
* Tue Oct 21 2014 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.30.0-1:
- The Asterisk Development Team has announced the release of Asterisk 1.8.30.0.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk
-
- The release of Asterisk 1.8.30.0 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following are the issues resolved in this release:
-
- Bugs fixed in this release:
- -----------------------------------
- * ASTERISK-23911 - URIENCODE/URIDECODE: WARNING about passing an
- empty string is a bit over zealous (Reported by Matt Jordan)
- * ASTERISK-23814 - No call started after peer dialed (Reported by
- Igor Goncharovsky)
- * ASTERISK-24087 - [patch]chan_sip: sip_subscribe_mwi_destroy
- should not call sip_destroy (Reported by Corey Farrell)
- * ASTERISK-23818 - PBX_Lua: after asterisk startup module is
- loaded, but dialplan not available (Reported by Dennis Guse)
- * ASTERISK-18345 - [patch] sips connection dropped by asterisk
- with a large INVITE (Reported by Stephane Chazelas)
- * ASTERISK-23508 - Memory Corruption in
- __ast_string_field_ptr_build_va (Reported by Arnd Schmitter)
-
- Improvements made in this release:
- -----------------------------------
- * ASTERISK-21178 - Improve documentation for manager command
- Getvar, Setvar (Reported by Rusty Newton)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.30.0
* Tue Oct 21 2014 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.29.0-1:
- The Asterisk Development Team has announced the release of Asterisk 1.8.29.0.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk
-
- The release of Asterisk 1.8.29.0 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following are the issues resolved in this release:
-
- Bugs fixed in this release:
- -----------------------------------
- * ASTERISK-22551 - Session timer : UAS (Asterisk) starts counting
- at Invite, UAC starts counting at 200 OK. (Reported by i2045)
- * ASTERISK-23582 - [patch]Inconsistent column length in *odbc
- (Reported by Walter Doekes)
- * ASTERISK-23803 - AMI action UpdateConfig EmptyCat clears all
- categories but the requested one (Reported by zvision)
- * ASTERISK-23035 - ConfBridge with name longer than max (32 chars)
- results in several bridges with same conf_name (Reported by
- Iñaki Cívico)
- * ASTERISK-23683 - #includes - wildcard character in a path more
- than one directory deep - results in no config parsing on module
- reload (Reported by tootai)
- * ASTERISK-23827 - autoservice thread doesn't exit at shutdown
- (Reported by Corey Farrell)
- * ASTERISK-23814 - No call started after peer dialed (Reported by
- Igor Goncharovsky)
- * ASTERISK-23673 - Security: DOS by consuming the number of
- allowed HTTP connections. (Reported by Richard Mudgett)
- * ASTERISK-23246 - DEBUG messages in sdp_crypto.c display despite
- a DEBUG level of zero (Reported by Rusty Newton)
- * ASTERISK-23766 - [patch] Specify timeout for database write in
- SQLite (Reported by Igor Goncharovsky)
- * ASTERISK-23818 - PBX_Lua: after asterisk startup module is
- loaded, but dialplan not available (Reported by Dennis Guse)
- * ASTERISK-23667 - features.conf.sample is unclear as to which
- options can or cannot be set in the general section (Reported by
- David Brillert)
- * ASTERISK-23790 - [patch] - SIP From headers longer than 256
- characters result in dropped call and 'No closing bracket'
- warnings. (Reported by uniken1)
- * ASTERISK-23908 - [patch]When using FEC error correction,
- asterisk tries considers negative sequence numbers as missing
- (Reported by Torrey Searle)
- * ASTERISK-23921 - refcounter.py uses excessive ram for large refs
- files (Reported by Corey Farrell)
- * ASTERISK-23948 - REF_DEBUG fails to record ao2_ref against
- objects that were already freed (Reported by Corey Farrell)
- * ASTERISK-23984 - Infinite loop possible in ast_careful_fwrite()
- (Reported by Steve Davies)
- * ASTERISK-23897 - [patch]Change in SETUP ACK handling (checking
- PI) in revision 413765 breaks working environments (Reported by
- Pavel Troller)
-
- Improvements made in this release:
- -----------------------------------
- * ASTERISK-23564 - [patch]TLS/SRTP status of channel not currently
- available in a CLI command (Reported by Patrick Laimbock)
- * ASTERISK-23492 - Add option to safe_asterisk to disable
- backgrounding (Reported by Walter Doekes)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.29.0
* Tue Oct 21 2014 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.28.2-1:
- The Asterisk Development Team has announced security releases for Certified
- Asterisk 1.8.15, 11.6, and Asterisk 1.8, 11, and 12. The available security
- releases are released as versions 1.8.15-cert7, 11.6-cert4, 1.8.28.2, 11.10.2,
- and 12.3.2.
-
- These releases are available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/releases
-
- These releases resolve security vulnerabilities that were previously fixed in
- 1.8.15-cert6, 11.6-cert3, 1.8.28.1, 11.10.1, and 12.3.1. Unfortunately, the fix
- for AST-2014-007 inadvertently introduced a regression in Asterisk's TCP and TLS
- handling that prevented Asterisk from sending data over these transports. This
- regression and the security vulnerabilities have been fixed in the versions
- specified in this release announcement.
-
- The security patches for AST-2014-007 have been updated with the fix for the
- regression, and are available at http://downloads.asterisk.org/pub/security
-
- Please note that the release of these versions resolves the following security
- vulnerabilities:
-
- * AST-2014-005: Remote Crash in PJSIP Channel Driver's Publish/Subscribe
- Framework
-
- * AST-2014-006: Permission Escalation via Asterisk Manager User Unauthorized
- Shell Access
-
- * AST-2014-007: Denial of Service via Exhaustion of Allowed Concurrent HTTP
- Connections
-
- * AST-2014-008: Denial of Service in PJSIP Channel Driver Subscriptions
-
- For more information about the details of these vulnerabilities, please read
- security advisories AST-2014-005, AST-2014-006, AST-2014-007, and AST-2014-008,
- which were released with the previous versions that addressed these
- vulnerabilities.
-
- For a full list of changes in the current releases, please see the ChangeLogs:
-
- http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.15-cert7
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.28.2
- http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert4
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.10.2
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.3.2
-
- The security advisories are available at:
-
- * http://downloads.asterisk.org/pub/security/AST-2014-005.pdf
- * http://downloads.asterisk.org/pub/security/AST-2014-006.pdf
- * http://downloads.asterisk.org/pub/security/AST-2014-007.pdf
- * http://downloads.asterisk.org/pub/security/AST-2014-008.pdf
* Tue Oct 21 2014 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.28.1-1:
- The Asterisk Development Team has announced security releases for Certified
- Asterisk 1.8.15, 11.6, and Asterisk 1.8, 11, and 12. The available security
- releases are released as versions 1.8.15-cert6, 11.6-cert3, 1.8.28.1, 11.10.1,
- and 12.3.1.
-
- These releases are available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/releases
-
- The release of these versions resolves the following issue:
-
- * AST-2014-007: Denial of Service via Exhaustion of Allowed Concurrent HTTP
- Connections
-
- Establishing a TCP or TLS connection to the configured HTTP or HTTPS port
- respectively in http.conf and then not sending or completing a HTTP request
- will tie up a HTTP session. By doing this repeatedly until the maximum number
- of open HTTP sessions is reached, legitimate requests are blocked.
-
- Additionally, the release of 11.6-cert3, 11.10.1, and 12.3.1 resolves the
- following issue:
-
- * AST-2014-006: Permission Escalation via Asterisk Manager User Unauthorized
- Shell Access
-
- Manager users can execute arbitrary shell commands with the MixMonitor manager
- action. Asterisk does not require system class authorization for a manager
- user to use the MixMonitor action, so any manager user who is permitted to use
- manager commands can potentially execute shell commands as the user executing
- the Asterisk process.
-
- Additionally, the release of 12.3.1 resolves the following issues:
-
- * AST-2014-005: Remote Crash in PJSIP Channel Driver's Publish/Subscribe
- Framework
-
- A remotely exploitable crash vulnerability exists in the PJSIP channel
- driver's pub/sub framework. If an attempt is made to unsubscribe when not
- currently subscribed and the endpoint's “sub_min_expiry” is set to zero,
- Asterisk tries to create an expiration timer with zero seconds, which is not
- allowed, so an assertion raised.
-
- * AST-2014-008: Denial of Service in PJSIP Channel Driver Subscriptions
-
- When a SIP transaction timeout caused a subscription to be terminated, the
- action taken by Asterisk was guaranteed to deadlock the thread on which SIP
- requests are serviced. Note that this behavior could only happen on
- established subscriptions, meaning that this could only be exploited if an
- attacker bypassed authentication and successfully subscribed to a real
- resource on the Asterisk server.
-
- These issues and their resolutions are described in the security advisories.
-
- For more information about the details of these vulnerabilities, please read
- security advisories AST-2014-005, AST-2014-006, AST-2014-007, and AST-2014-008,
- which were released at the same time as this announcement.
-
- For a full list of changes in the current releases, please see the ChangeLogs:
-
- http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.15-cert6
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.28.1
- http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert3
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.10.1
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.3.1
-
- The security advisories are available at:
-
- * http://downloads.asterisk.org/pub/security/AST-2014-005.pdf
- * http://downloads.asterisk.org/pub/security/AST-2014-006.pdf
- * http://downloads.asterisk.org/pub/security/AST-2014-007.pdf
- * http://downloads.asterisk.org/pub/security/AST-2014-008.pdf
* Tue Oct 21 2014 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.28.0-1:
- The Asterisk Development Team has announced the release of Asterisk 1.8.28.0.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk
-
- The release of Asterisk 1.8.28.0 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following are the issues resolved in this release:
-
- Bugs fixed in this release:
- -----------------------------------
- * ASTERISK-23547 - [patch] app_queue removing callers from queue
- when reloading (Reported by Italo Rossi)
- * ASTERISK-22846 - testsuite: masquerade super test fails on all
- branches (still) (Reported by Matt Jordan)
- * ASTERISK-23546 - CB_ADD_LEN does not do what you'd think
- (Reported by Walter Doekes)
- * ASTERISK-23620 - Code path in app_stack fails to unlock list
- (Reported by Bradley Watkins)
- * ASTERISK-18331 - app_sms failure (Reported by David Woodhouse)
- * ASTERISK-19465 - P-Asserted-Identity Privacy (Reported by
- Krzysztof Chmielewski)
- * ASTERISK-23707 - Realtime Contacts: Apparent mismatch between
- PGSQL database state and Asterisk state (Reported by Mark
- Michelson)
- * ASTERISK-23665 - Wrong mime type for codec H263-1998 (h263+)
- (Reported by Guillaume Maudoux)
- * ASTERISK-22977 - chan_sip+CEL: missing ANSWER and PICKUP event
- for INVITE/w/replaces pickup (Reported by Walter Doekes)
- * ASTERISK-23709 - Regression in Dahdi/Analog/waitfordialtone
- (Reported by Steve Davies)
- * ASTERISK-23650 - Intermittent segfault in string functions
- (Reported by Roel van Meer)
-
- Improvements made in this release:
- -----------------------------------
- * ASTERISK-23754 - [patch] Use var/lib directory for log file
- configured in asterisk.conf (Reported by Igor Goncharovsky)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.28.0
-
- * Tue Oct 21 2014 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.27.0-1:
- The Asterisk Development Team has announced the release of Asterisk 1.8.27.0.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk
-
- The release of Asterisk 1.8.27.0 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following are the issues resolved in this release:
-
- Bugs fixed in this release:
- -----------------------------------
- * ASTERISK-22790 - check_modem_rate() may return incorrect rate
- for V.27 (Reported by Paolo Compagnini)
- * ASTERISK-23061 - [Patch] 'textsupport' setting not mentioned in
- sip.conf.sample (Reported by Eugene)
- * ASTERISK-23028 - [patch] Asterisk man pages contains unquoted
- minus signs (Reported by Jeremy Lainé)
- * ASTERISK-23046 - Custom CDR fields set during a GoSUB called
- from app_queue are not inserted (Reported by Denis Pantsyrev)
- * ASTERISK-23027 - [patch] Spelling typo "transfered" instead of
- "transferred" (Reported by Jeremy Lainé)
- * ASTERISK-23008 - Local channels loose CALLERID name when DAHDI
- channel connects (Reported by Michael Cargile)
- * ASTERISK-23100 - [patch] In chan_mgcp the ident in transmitted
- request and request queue may differ - fix for locking (Reported
- by adomjan)
- * ASTERISK-22988 - [patch]T38 , SIP 488 after Rejecting image
- media offer due to invalid or unsupported syntax (Reported by
- adomjan)
- * ASTERISK-22861 - [patch]Specifying a null time as parameter to
- GotoIfTime or ExecIfTime causes segmentation fault (Reported by
- Sebastian Murray-Roberts)
- * ASTERISK-17837 - extconfig.conf - Maximum Include level (1)
- exceeded (Reported by pz)
- * ASTERISK-22662 - Documentation fix? - queues.conf says
- persistentmembers defaults to yes, it appears to lie (Reported
- by Rusty Newton)
- * ASTERISK-23134 - [patch] res_rtp_asterisk port selection cannot
- handle selinux port restrictions (Reported by Corey Farrell)
- * ASTERISK-23220 - STACK_PEEK function with no arguments causes
- crash/core dump (Reported by James Sharp)
- * ASTERISK-19773 - Asterisk crash on issuing Asterisk-CLI 'reload'
- command multiple times on cli_aliases (Reported by Joel Vandal)
- * ASTERISK-22757 - segfault in res_clialiases.so on reload when
- mapping "module reload" command (Reported by Gareth Blades)
- * ASTERISK-17727 - [patch] TLS doesn't get all certificate chain
- (Reported by LN)
- * ASTERISK-23178 - devicestate.h: device state setting functions
- are documented with the wrong return values (Reported by
- Jonathan Rose)
- * ASTERISK-23297 - Asterisk 12, pbx_config.so segfaults if
- res_parking.so is not loaded, or if res_parking.conf has no
- configuration (Reported by CJ Oster)
- * ASTERISK-23069 - Custom CDR variable not recorded when set in
- macro called from app_queue (Reported by Bryan Anderson)
- * ASTERISK-19499 - ConfBridge MOH is not working for transferee
- after attended transfer (Reported by Timo Teräs)
- * ASTERISK-23261 - [patch]Output mixup in
- ${CHANNEL(rtpqos,audio,all)} (Reported by rsw686)
- * ASTERISK-23260 - [patch]ForkCDR v option does not keep CDR
- variables for subsequent records (Reported by zvision)
- * ASTERISK-23141 - Asterisk crashes on Dial(), in
- pbx_find_extension at pbx.c (Reported by Maxim)
- * ASTERISK-23231 - Since 405693 If we have res_fax.conf file set
- to minrate=2400, then res_fax refuse to load (Reported by David
- Brillert)
- * ASTERISK-23135 - Crash - segfault in ast_channel_hangupcause_set
- - probably introduced in 11.7.0 (Reported by OK)
- * ASTERISK-23323 - [patch]chan_sip: missing p->owner checks in
- handle_response_invite (Reported by Walter Doekes)
- * ASTERISK-23382 - [patch]Build System: make -qp can corrupt
- menuselect-tree and related files (Reported by Corey Farrell)
- * ASTERISK-23406 - [patch]Fix typo in "sip show peer" (Reported by
- ibercom)
- * ASTERISK-23310 - bridged channel crashes in bridge_p2p_rtp_write
- (Reported by Jeremy Lainé)
- * ASTERISK-23104 - Specifying the SetVar AMI without a Channel
- cause Asterisk to crash (Reported by Joel Vandal)
- * ASTERISK-23383 - Wrong sense test on stat return code causes
- unchanged config check to break with include files. (Reported by
- David Woolley)
- * ASTERISK-17523 - Qualify for static realtime peers does not work
- (Reported by Maciej Krajewski)
- * ASTERISK-21406 - [patch] chan_sip deadlock on monlock between
- unload_module and do_monitor (Reported by Corey Farrell)
- * ASTERISK-23373 - [patch]Security: Open FD exhaustion with
- chan_sip Session-Timers (Reported by Corey Farrell)
- * ASTERISK-23340 - Security Vulnerability: stack allocation of
- cookie headers in loop allows for unauthenticated remote denial
- of service attack (Reported by Matt Jordan)
- * ASTERISK-23488 - Logic error in callerid checksum processing
- (Reported by Russ Meyerriecks)
- * ASTERISK-20841 - fromdomain not honored on outbound INVITE
- request (Reported by Kelly Goedert)
- * ASTERISK-22079 - Segfault: INTERNAL_OBJ (user_data=0x6374652f)
- at astobj2.c:120 (Reported by Jamuel Starkey)
- * ASTERISK-23509 - [patch]SayNumber for Polish language tries to
- play empty files for numbers divisible by 100 (Reported by
- zvision)
- * ASTERISK-23391 - Audit dialplan function usage of channel
- variable (Reported by Corey Farrell)
- * ASTERISK-23548 - POST to ARI sometimes returns no body on
- success (Reported by Scott Griepentrog)
-
- Improvements made in this release:
- -----------------------------------
- * ASTERISK-22980 - [patch]Allow building cdr_radius and cel_radius
- against libfreeradius-client (Reported by Jeremy Lainé)
- * ASTERISK-22661 - Unable to exit ChanSpy if spied channel does
- not have a call in progress (Reported by Chris Hillman)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.27.0
* Fri Mar 14 2014 Jon Disnard <disnard@gmail.com> - 1.8.26.1:
- bump to upstream 1.8.26.1
- BZs: 1074829, 1074825, 1074827
- CVEs: CVE-2014-2286, CVE-2014-2287
* Thu Feb 20 2014 Jon Disnard <jdisnard@gmail.com> - 1.8.25.0-1:
- Bump to newer upstream release
* Mon Aug 26 2013 Jeffrey Ollie <jeff@ocjtech.us> - 1.8.23.1-1:
- The Asterisk Development Team has announced security releases for Certified
- Asterisk 1.8.15, 11.2, and Asterisk 1.8, 10, and 11. The available security releases
- are released as versions 1.8.15-cert2, 11.2-cert2, 1.8.23.1, 10.12.3, 10.12.3-digiumphones,
- and 11.5.1.
-
- These releases are available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/releases
-
- The release of these versions resolve the following issues:
-
- * A remotely exploitable crash vulnerability exists in the SIP channel driver if
- an ACK with SDP is received after the channel has been terminated. The
- handling code incorrectly assumes that the channel will always be present.
-
- * A remotely exploitable crash vulnerability exists in the SIP channel driver if
- an invalid SDP is sent in a SIP request that defines media descriptions before
- connection information. The handling code incorrectly attempts to reference
- the socket address information even though that information has not yet been
- set.
-
- These issues and their resolutions are described in the security advisories.
-
- For more information about the details of these vulnerabilities, please read
- security advisories AST-2013-004 and AST-2013-005, which were
- released at the same time as this announcement.
-
- For a full list of changes in the current releases, please see the ChangeLogs:
-
- http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.15-cert3
- http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.2-cert2
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.23.1
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.12.3
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.12.3-digiumphones
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.5.1
-
- The security advisories are available at:
-
- * http://downloads.asterisk.org/pub/security/AST-2013-004.pdf
- * http://downloads.asterisk.org/pub/security/AST-2013-005.pdf
-
- The Asterisk Development Team has announced the release of Asterisk 1.8.23.0.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk
* Mon Aug 26 2013 Jeffrey Ollie <jeff@ocjtech.us> - 1.8.23.0-1:
- The release of Asterisk 1.8.23.0 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is a sample of the issues resolved in this release:
-
- * --- Fix a memory copying bug in slinfactory which was causing
- mixmonitor issues.
- (Closes issue ASTERISK-21799. Reported by Michael Walton)
-
- * --- IAX2: fix race condition with nativebridge transfers.
- (Closes issue ASTERISK-21409. Reported by alecdavis)
-
- * --- Fix crash in chan_sip when a core initiated op occurs at the
- same time as a BYE
- (Closes issue ASTERISK-20225. Reported by Jeff Hoppe)
-
- * --- Fix The Payload Being Set On CN Packets And Do Not Set Marker
- Bit
- (Closes issue ASTERISK-21246. Reported by Peter Katzmann)
-
- * --- chan_sip: Session-Expires: Set timer to correctly expire at
- (~2/3) of the interval when not the refresher
- (Closes issue ASTERISK-21742. Reported by alecdavis)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.23.0
* Mon May 20 2013 Jeffrey Ollie <jeff@ocjtech.us> - 1.8.22.0-1:
- The Asterisk Development Team has announced the release of Asterisk 1.8.22.0.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk
-
- The release of Asterisk 1.8.22.0 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is a sample of the issues resolved in this release:
-
- * --- Fix Sorting Order For Parking Lots Stored In Static Realtime
- (Closes issue ASTERISK-21035. Reported by Alex Epshteyn)
-
- * --- Make ParkAndAnnounce return to priority + 1 when return context
- is not defined
- (Closes issue ASTERISK-20113. Reported by serginuez)
-
- * --- When a session timer expires during a T.38 call, re-invite with
- correct SDP
- (Closes issue ASTERISK-21232. Reported by Nitesh Bansal)
-
- * --- Fix several unreleased mutex locks that cause problem with
- processing calls
- (Closes issue ASTERISK-21119. Reported by Daniel Bohling)
-
- * --- Fix crash when AMI redirect action redirects two channels out of
- a bridge.
- (Closes issue ASTERISK-21356. Reported by William luke)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.22.0
-
- The Asterisk Development Team has announced the release of Asterisk 1.8.21.0.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk
-
- The release of Asterisk 1.8.21.0 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is a sample of the issues resolved in this release:
-
- * --- Fix issue where chan_mobile fails to bind to first available
- port
- (Closes issue ASTERISK-16357. Reported by challado)
-
- * --- Fix station ringback; trunk hangup issues in SLA
- (Closes issue ASTERISK-20462. Reported by dkerr)
-
- * --- Fix Queue Log Reporting Every Call COMPLETECALLER With "h"
- Extension Present
- (Closes issue ASTERISK-20743. Reported by call)
-
- * --- Fix Record-Route parsing for large headers.
- (Closes issue ASTERISK-20837. Reported by Corey Farrell)
-
- * --- Fix AMI redirect action with two channels failing to redirect
- both channels.
- (Closes issue ASTERISK-18975. Reported by Ben Klang)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.21.0
-
- The Asterisk Development Team has announced security releases for Certified
- Asterisk 1.8.15 and Asterisk 1.8, 10, and 11. The available security releases
- are released as versions 1.8.15-cert2, 1.8.20.2, 10.12.2, 10.12.2-digiumphones,
- and 11.2.2.
-
- These releases are available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/releases
-
- The release of these versions resolve the following issues:
-
- * A possible buffer overflow during H.264 format negotiation. The format
- attribute resource for H.264 video performs an unsafe read against a media
- attribute when parsing the SDP.
-
- This vulnerability only affected Asterisk 11.
-
- * A denial of service exists in Asterisk's HTTP server. AST-2012-014, fixed
- in January of this year, contained a fix for Asterisk's HTTP server for a
- remotely-triggered crash. While the fix prevented the crash from being
- triggered, a denial of service vector still exists with that solution if an
- attacker sends one or more HTTP POST requests with very large Content-Length
- values.
-
- This vulnerability affects Certified Asterisk 1.8.15, Asterisk 1.8, 10, and 11
-
- * A potential username disclosure exists in the SIP channel driver. When
- authenticating a SIP request with alwaysauthreject enabled, allowguest
- disabled, and autocreatepeer disabled, Asterisk discloses whether a user
- exists for INVITE, SUBSCRIBE, and REGISTER transactions in multiple ways.
-
- This vulnerability affects Certified Asterisk 1.8.15, Asterisk 1.8, 10, and 11
-
- These issues and their resolutions are described in the security advisories.
-
- For more information about the details of these vulnerabilities, please read
- security advisories AST-2013-001, AST-2013-002, and AST-2013-003, which were
- released at the same time as this announcement.
-
- For a full list of changes in the current releases, please see the ChangeLogs:
-
- http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.15-cert2
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.20.2
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.12.2
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.12.2-digiumphones
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.2.2
-
- The security advisories are available at:
-
- * http://downloads.asterisk.org/pub/security/AST-2013-001.pdf
- * http://downloads.asterisk.org/pub/security/AST-2013-002.pdf
- * http://downloads.asterisk.org/pub/security/AST-2013-003.pdf
-
- The Asterisk Development Team has announced the release of Asterisk 1.8.20.1.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk
-
- The release of Asterisk 1.8.20.1 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following are the issues resolved in this release:
-
- * --- Fix astcanary startup problem due to wrong pid value from before
- daemon call
- (Closes issue ASTERISK-20947. Reported by Jakob Hirsch)
-
- * --- Update init.d scripts to handle stderr; readd splash screen for
- remote consoles
- (Closes issue ASTERISK-20945. Reported by Warren Selby)
-
- * --- Reset RTP timestamp; sequence number on SSRC change
- (Closes issue ASTERISK-20906. Reported by Eelco Brolman)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.20.1
* Fri Jan 18 2013 Jeffrey Ollie <jeff@ocjtech.us> - 1.8.20.0-1:
- The Asterisk Development Team has announced the release of Asterisk 1.8.20.0.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk
-
- The release of Asterisk 1.8.20.0 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is a sample of the issues resolved in this release:
-
- * --- app_meetme: Fix channels lingering when hung up under certain
- conditions
- (Closes issue ASTERISK-20486. Reported by Michael Cargile)
-
- * --- Fix stuck DTMF when bridge is broken.
- (Closes issue ASTERISK-20492. Reported by Jeremiah Gowdy)
-
- * --- Improve Code Readability And Fix Setting natdetected Flag
- (Closes issue ASTERISK-20724. Reported by Michael L. Young)
-
- * --- Fix extension matching with the '-' char.
- (Closes issue ASTERISK-19205. Reported by Philippe Lindheimer, Birger "WIMPy" Harzenetter)
-
- * --- Fix call files when astspooldir is relative.
- (Closes issue ASTERISK-20593. Reported by James Le Cuirot)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.20.0
* Wed Dec 19 2012 Jeffrey Ollie <jeff@ocjtech.us> - 1.8.19.0-1:
- The Asterisk Development Team has announced the release of Asterisk 1.8.19.0.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk
-
- The release of Asterisk 1.8.19.0 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is a sample of the issues resolved in this release:
-
- * --- Prevent resetting of NATted realtime peer address on reload.
- (Closes issue ASTERISK-18203. Reported by daren ferreira)
-
- * --- Do not use a FILE handle when doing SIP TCP reads.
- (Closes issue ASTERISK-20212. Reported by Phil Ciccone)
-
- * --- Fix execution of 'i' extension due to uninitialized variable.
- (Closes issue ASTERISK-20455. Reported by Richard Miller)
-
- * --- Ensure that the Queue application tracks busy members in off
- nominal situations
- (Closes issue ASTERISK-20623. Reported by Bryan Walters)
-
- * --- Properly extract the Body information of an EWS calendar item
- (Closes issue ASTERISK-19738. Reported by Dmitry Burilov)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.19.0
* Fri Dec 07 2012 Jeffrey Ollie <jeff@ocjtech.us> - 1.8.18.1-1:
- The Asterisk Development Team has announced the release of Asterisk 1.8.18.1.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk
-
- The release of Asterisk 1.8.18.1 resolves an issue reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is the issue resolved in this release:
-
- * --- chan_local: Fix local_pvt ref leak in local_devicestate().
- (Closes issue ASTERISK-20769. Reported by rmudgett)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.18.1
* Wed Nov 07 2012 Jeffrey Ollie <jeff@ocjtech.us> - 1.8.18.0-1:
- The Asterisk Development Team has announced the release of Asterisk 1.8.18.0.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk
-
- The release of Asterisk 1.8.18.0 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is a sample of the issues resolved in this release:
-
- * --- dsp.c User Configurable DTMF_HITS_TO_BEGIN and
- DTMF_MISSES_TO_END
- (Closes issue ASTERISK-17493. Reported by alecdavis)
-
- * --- Fix error where improper IMAP greetings would be deleted.
- (Closes issue ASTERISK-20435. Reported by fhackenberger)
-
- * --- iax2-provision: Fix improper return on failed cache retrieval
- (Closes issue ASTERISK-20337. Reported by John Covert)
-
- * --- Fix T.38 support when used with chan_local in between.
- (Closes issue ASTERISK-20229. Reported by wdoekes)
-
- * --- Fix an issue where media would not flow for situations where the
- legacy STUN code is in use.
- (Closes issue ASTERISK-20415. Reported by Michele Cicciotti)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.18.0
* Tue Oct 09 2012 Jeffrey Ollie <jeff@ocjtech.us> - 1.8.17.0-1:
- The Asterisk Development Team has announced the release of Asterisk 1.8.17.0.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk
-
- The release of Asterisk 1.8.17.0 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is a sample of the issues resolved in this release:
-
- * --- Fix channel reference leak in ChanSpy.
- (Closes issue ASTERISK-19461. Reported by Irontec)
-
- * --- dsp.c: Fix multiple issues when no-interdigit delay is present,
- and fast DTMF 50ms/50ms
- (Closes issue ASTERISK-19610. Reported by Jean-Philippe Lord)
-
- * --- Fix bug where final queue member would not be removed from
- memory.
- (Closes issue ASTERISK-19793. Reported by Marcus Haas)
-
- * --- Fix memory leak when CEL is successfully written to PostgreSQL
- database
- (Closes issue ASTERISK-19991. Reported by Etienne Lessard)
-
- * --- Fix DUNDi message routing bug when neighboring peer is
- unreachable
- (Closes issue ASTERISK-19309. Reported by Peter Racz)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.17.0
* Wed Sep 26 2012 Jeffrey Ollie <jeff@ocjtech.us> - 1.8.16.0-1
- The Asterisk Development Team has announced the release of Asterisk 1.8.16.0.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk
-
- The release of Asterisk 1.8.16.0 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is a sample of the issues resolved in this release:
-
- * --- AST-2012-012: Resolve AMI User Unauthorized Shell Access through
- ExternalIVR
- (Closes issue ASTERISK-20132. Reported by Zubair Ashraf of IBM X-Force Research)
-
- * --- AST-2012-013: Resolve ACL rules being ignored during calls by
- some IAX2 peers
- (Closes issue ASTERISK-20186. Reported by Alan Frisch)
-
- * --- Handle extremely out of order RFC 2833 DTMF
- (Closes issue ASTERISK-18404. Reported by Stephane Chazelas)
-
- * --- Resolve severe memory leak in CEL logging modules.
- (Closes issue AST-916. Reported by Thomas Arimont)
-
- * --- Only re-create an SRTP session when needed; respond with correct
- crypto policy
- (Issue ASTERISK-20194. Reported by Nicolo Mazzon)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.16.0
* Tue Sep 04 2012 Jeffrey Ollie <jeff@ocjtech.us> - 1.8.15.1-1
- The Asterisk Development Team has announced security releases for Certified
- Asterisk 1.8.11 and Asterisk 1.8 and 10. The available security releases are
- released as versions 1.8.11-cert7, 1.8.15.1, 10.7.1, and 10.7.1-digiumphones.
-
- These releases are available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/releases
-
- The release of Asterisk 1.8.11-cert7, 1.8.15.1, 10.7.1, and 10.7.1-digiumphones
- resolve the following two issues:
-
- * A permission escalation vulnerability in Asterisk Manager Interface. This
- would potentially allow remote authenticated users the ability to execute
- commands on the system shell with the privileges of the user running the
- Asterisk application. Please note that the README-SERIOUSLY.bestpractices.txt
- file delivered with Asterisk has been updated due to this and other related
- vulnerabilities fixed in previous versions of Asterisk.
-
- * When an IAX2 call is made using the credentials of a peer defined in a
- dynamic Asterisk Realtime Architecture (ARA) backend, the ACL rules for that
- peer are not applied to the call attempt. This allows for a remote attacker
- who is aware of a peer's credentials to bypass the ACL rules set for that
- peer.
-
- These issues and their resolutions are described in the security advisories.
-
- For more information about the details of these vulnerabilities, please read
- security advisories AST-2012-012 and AST-2012-013, which were released at the
- same time as this announcement.
-
- For a full list of changes in the current releases, please see the ChangeLogs:
-
- http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.11-cert7
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.15.1
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.7.1
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.7.1-digiumphones
-
- The security advisories are available at:
-
- * http://downloads.asterisk.org/pub/security/AST-2012-012.pdf
- * http://downloads.asterisk.org/pub/security/AST-2012-013.pdf
* Tue Sep 04 2012 Jeffrey Ollie <jeff@ocjtech.us> - 1.8.15.0-1
- The Asterisk Development Team has announced the release of Asterisk 1.8.15.0.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk
-
- The release of Asterisk 1.8.15.0 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is a sample of the issues resolved in this release:
-
- * --- Fix deadlock potential with ast_set_hangupsource() calls.
- (Closes issue ASTERISK-19801. Reported by Alec Davis)
-
- * --- Fix request routing issue when outboundproxy is used.
- (Closes issue ASTERISK-20008. Reported by Marcus Hunger)
-
- * --- Make the address family filter specific to the transport.
- (Closes issue ASTERISK-16618. Reported by Leif Madsen)
-
- * --- Fix NULL pointer segfault in ast_sockaddr_parse()
- (Closes issue ASTERISK-20006. Reported by Michael L. Young)
-
- * --- Do not perform install on existing directories
- (Closes issue ASTERISK-19492. Reported by Karl Fife)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.15.0
* Tue Sep 04 2012 Jeffrey Ollie <jeff@ocjtech.us> - 1.8.14.1-1
- The Asterisk Development Team has announced the release of Asterisk 1.8.14.1.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk
-
- The release of Asterisk 1.8.14.1 resolves an issue reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is the issue resolved in this release:
-
- * --- Remove a superfluous and dangerous freeing of an SSL_CTX.
- (Closes issue ASTERISK-20074. Reported by Trevor Helmsley)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.14.1
* Tue Sep 04 2012 Jeffrey Ollie <jeff@ocjtech.us> - 1.8.14.0-1
- The Asterisk Development Team has announced the release of Asterisk 1.8.14.0.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk
-
- The release of Asterisk 1.8.14.0 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is a sample of the issues resolved in this release:
-
- * --- format_mp3: Fix a possible crash in mp3_read().
- (Closes issue ASTERISK-19761. Reported by Chris Maciejewsk)
-
- * --- Fix local channel chains optimizing themselves out of a call.
- (Closes issue ASTERISK-16711. Reported by Alec Davis)
-
- * --- Update a peer's LastMsgsSent when the peer is notified of
- waiting messages
- (Closes issue ASTERISK-17866. Reported by Steve Davies)
-
- * --- Prevent sip_pvt refleak when an ast_channel outlasts its
- corresponding sip_pvt.
- (Closes issue ASTERISK-19425. Reported by David Cunningham)
-
- * --- Send more accurate identification information in dialog-info SIP
- NOTIFYs.
- (Closes issue ASTERISK-16735. Reported by Maciej Krajewski)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.14.0
* Tue Sep 04 2012 Jeffrey Ollie <jeff@ocjtech.us> - 1.8.13.1-1
- The Asterisk Development Team has announced security releases for Certified
- Asterisk 1.8.11 and Asterisk 1.8 and 10. The available security releases are
- released as versions 1.8.11-cert4, 1.8.13.1, 10.5.2, and 10.5.2-digiumphones.
-
- These releases are available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/releases
-
- The release of Asterisk 1.8.11-cert4, 1.8.13.1, 10.5.2, and 10.5.2-digiumphones
- resolve the following two issues:
-
- * If Asterisk sends a re-invite and an endpoint responds to the re-invite with
- a provisional response but never sends a final response, then the SIP dialog
- structure is never freed and the RTP ports for the call are never released. If
- an attacker has the ability to place a call, they could create a denial of
- service by using all available RTP ports.
-
- * If a single voicemail account is manipulated by two parties simultaneously,
- a condition can occur where memory is freed twice causing a crash.
-
- These issues and their resolution are described in the security advisories.
-
- For more information about the details of these vulnerabilities, please read
- security advisories AST-2012-010 and AST-2012-011, which were released at the
- same time as this announcement.
-
- For a full list of changes in the current releases, please see the ChangeLogs:
-
- http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.11-cert4
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.13.1
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.5.2
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.5.2-digiumphones
-
- The security advisories are available at:
-
- * http://downloads.asterisk.org/pub/security/AST-2012-010.pdf
- * http://downloads.asterisk.org/pub/security/AST-2012-011.pdf
* Tue Sep 04 2012 Jeffrey Ollie <jeff@ocjtech.us> - 1.8.13.0-1
- The Asterisk Development Team has announced the release of Asterisk 1.8.13.0.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk
-
- The release of Asterisk 1.8.13.0 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is a sample of the issues resolved in this release:
-
- * --- Turn off warning message when bind address is set to any.
- (Closes issue ASTERISK-19456. Reported by Michael L. Young)
-
- * --- Prevent overflow in calculation in ast_tvdiff_ms on 32-bit
- machines
- (Closes issue ASTERISK-19727. Reported by Ben Klang)
-
- * --- Make DAHDISendCallreroutingFacility wait 5 seconds for a reply
- before disconnecting the call.
- (Closes issue ASTERISK-19708. Reported by mehdi Shirazi)
-
- * --- Fix recalled party B feature flags for a failed DTMF atxfer.
- (Closes issue ASTERISK-19383. Reported by lgfsantos)
-
- * --- Fix DTMF atxfer running h exten after the wrong bridge ends.
- (Closes issue ASTERISK-19717. Reported by Mario)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.13.0
* Wed May 30 2012 Jeffrey Ollie <jeff@ocjtech.us> - 1.8.12.2-1
- The Asterisk Development Team has announced the release of Asterisk 1.8.12.2.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk
-
- The release of Asterisk 1.8.12.2 resolves an issue reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is the issue resolved in this release:
-
- * --- Resolve crash in subscribing for MWI notifications
- (Closes issue ASTERISK-19827. Reported by B. R)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.12.2
* Wed May 30 2012 Jeffrey Ollie <jeff@ocjtech.us> - 1.8.12.1-1:
- The Asterisk Development Team has announced security releases for Certified
- Asterisk 1.8.11 and Asterisk 1.8 and 10. The available security releases are
- released as versions 1.8.11-cert2, 1.8.12.1, and 10.4.1.
-
- These releases are available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/releases
-
- The release of Asterisk 1.8.11-cert2, 1.8.12.1, and 10.4.1 resolve the following
- two issues:
-
- * A remotely exploitable crash vulnerability exists in the IAX2 channel
- driver if an established call is placed on hold without a suggested music
- class. Asterisk will attempt to use an invalid pointer to the music
- on hold class name, potentially causing a crash.
-
- * A remotely exploitable crash vulnerability was found in the Skinny (SCCP)
- Channel driver. When an SCCP client closes its connection to the server,
- a pointer in a structure is set to NULL. If the client was not in the
- on-hook state at the time the connection was closed, this pointer is later
- dereferenced. This allows remote authenticated connections the ability to
- cause a crash in the server, denying services to legitimate users.
-
- These issues and their resolution are described in the security advisories.
-
- For more information about the details of these vulnerabilities, please read
- security advisories AST-2012-007 and AST-2012-008, which were released at the
- same time as this announcement.
-
- For a full list of changes in the current releases, please see the ChangeLogs:
-
- http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.11-cert2
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.12.1
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.4.1
-
- The security advisories are available at:
-
- * http://downloads.asterisk.org/pub/security/AST-2012-007.pdf
- * http://downloads.asterisk.org/pub/security/AST-2012-008.pdf
* Thu May 03 2012 Jeffrey Ollie <jeff@ocjtech.us> - 1.8.12.0-1:
- The Asterisk Development Team has announced the release of Asterisk 1.8.12.0.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk
-
- The release of Asterisk 1.8.12.0 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following are the issues resolved in this release:
-
- * --- Prevent chanspy from binding to zombie channels
- (Closes issue ASTERISK-19493. Reported by lvl)
-
- * --- Fix Dial m and r options and forked calls generating warnings
- for voice frames.
- (Closes issue ASTERISK-16901. Reported by Chris Gentle)
-
- * --- Remove ISDN hold restriction for non-bridged calls.
- (Closes issue ASTERISK-19388. Reported by Birger Harzenetter)
-
- * --- Fix copying of CDR(accountcode) to local channels.
- (Closes issue ASTERISK-19384. Reported by jamicque)
-
- * --- Ensure Asterisk acknowledges ACKs to 4xx on Replaces errors
- (Closes issue ASTERISK-19303. Reported by Jon Tsiros)
-
- * --- Eliminate double close of file descriptor in manager.c
- (Closes issue ASTERISK-18453. Reported by Jaco Kroon)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.12.0
* Tue Apr 24 2012 Jeffrey Ollie <jeff@ocjtech.us> - 1.8.11.1-1:
- The Asterisk Development Team has announced security releases for Asterisk 1.6.2,
- 1.8, and 10. The available security releases are released as versions 1.6.2.24,
- 1.8.11.1, and 10.3.1.
-
- These releases are available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/releases
-
- The release of Asterisk 1.6.2.24, 1.8.11.1, and 10.3.1 resolve the following two
- issues:
-
- * A permission escalation vulnerability in Asterisk Manager Interface. This
- would potentially allow remote authenticated users the ability to execute
- commands on the system shell with the privileges of the user running the
- Asterisk application.
-
- * A heap overflow vulnerability in the Skinny Channel driver. The keypad
- button message event failed to check the length of a fixed length buffer
- before appending a received digit to the end of that buffer. A remote
- authenticated user could send sufficient keypad button message events that the
- buffer would be overrun.
-
- In addition, the release of Asterisk 1.8.11.1 and 10.3.1 resolve the following
- issue:
-
- * A remote crash vulnerability in the SIP channel driver when processing UPDATE
- requests. If a SIP UPDATE request was received indicating a connected line
- update after a channel was terminated but before the final destruction of the
- associated SIP dialog, Asterisk would attempt a connected line update on a
- non-existing channel, causing a crash.
-
- These issues and their resolution are described in the security advisories.
-
- For more information about the details of these vulnerabilities, please read
- security advisories AST-2012-004, AST-2012-005, and AST-2012-006, which were
- released at the same time as this announcement.
-
- For a full list of changes in the current releases, please see the ChangeLogs:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.24
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.11.1
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.3.1
-
- The security advisories are available at:
-
- * http://downloads.asterisk.org/pub/security/AST-2012-004.pdf
- * http://downloads.asterisk.org/pub/security/AST-2012-005.pdf
- * http://downloads.asterisk.org/pub/security/AST-2012-006.pdf
* Fri Mar 30 2012 Russell Bryant <russell@russellbryant.net> - 1.8.11.0-1
- Update to 1.8.11.0
* Sat Mar 17 2012 Russell Bryant <russell@russellbryant.net> - 1.8.10.1-1
- Update to 1.8.10.1 from upstream.
- Fix remote stack overflow in app_milliwatt.
- Fix remote stack overflow, including possible code injection, in HTTP digest
authentication handling.
- Diable build of SRTP on ppc64, as it doesn't build right now.
- Resolves: rhbz#804045, rhbz#804038, rhbz#804042
* Fri Dec 09 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.7.2-1
- The Asterisk Development Team has announced security releases for Asterisk 1.4,
- 1.6.2 and 1.8. The available security releases are released as versions 1.4.43,
- 1.6.2.21 and 1.8.7.2.
-
- These releases are available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/releases
-
- The release of Asterisk versions 1.4.43, 1.6.2.21, and 1.8.7.2 resolves an issue
- with possible remote enumeration of SIP endpoints with differing NAT settings.
-
- The release of Asterisk versions 1.6.2.21 and 1.8.7.2 resolves a remote crash
- possibility with SIP when the "automon" feature is enabled.
-
- The issues and resolutions are described in the AST-2011-013 and AST-2011-014
- security advisories.
-
- For more information about the details of these vulnerabilities, please read the
- security advisories AST-2011-013 and AST-2011-014, which were released at the
- same time as this announcement.
-
- For a full list of changes in the current releases, please see the ChangeLogs:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.4.43
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.21
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.7.2
-
- Security advisory AST-2011-013 is available at:
-
- * http://downloads.asterisk.org/pub/security/AST-2011-013.pdf
-
- Security advisory AST-2011-014 is available at:
-
- * http://downloads.asterisk.org/pub/security/AST-2011-014.pdf
* Thu Nov 17 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.8.0-0.4.rc4
- The Asterisk Development Team has announced the fourth release candidate of
- Asterisk 1.8.8.0. This release candidate is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/
-
- The release of Asterisk 1.8.8.0-rc4 resolves a particular issue with BLF
- subscriptions. A change in Asterisk 1.8.8.0-rc3 had the potential to cause a
- segfault, and this release candidate was created to resolve that.
-
- For a full list of changes in this release candidate, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.8.0-rc4
* Thu Nov 10 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.8.0-0.3.rc3
- The Asterisk Development Team has announced the third release candidate of
- Asterisk 1.8.8.0. This release candidate is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/
-
- The release of Asterisk 1.8.8.0-rc3 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is a sample of the issues resolved in this release candidate:
-
- * Prevent BLF subscriptions from causing deadlocks.
- (Closes issue ASTERISK-18663)
- Review: https://reviewboard.asterisk.org/r/1563/
-
- * Fix deadlock if peer is destroyed while sending MWI notice.
- (Closes issue ASTERISK-18747)
- Reported by: Gregory Hinton Nietsky
-
- * Fix issue with setting defaultenabled on categories that are already enabled
- by default.
- (Closes issue ASTERISK-18738)
- Reported by: Paul Belanger
-
- For a full list of changes in this release candidate, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.8.0-rc3
* Tue Nov 08 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.8.0-0.2.rc2
- The Asterisk Development Team has announced the second release candidate of
- Asterisk 1.8.8.0. This release candidate is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/
-
- The release of Asterisk 1.8.8.0-rc2 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is a sample of the issues resolved in this release candidate:
-
- * --- Fix remote Crash Vulnerability in SIP channel driver (AST-2011-012) ---
- http://downloads.asterisk.org/pub/security/AST-2011-012.pdf
-
- * --- Fix locking order in app_queue.c which caused deadlocks ---
- (Closes issue ASTERISK-18101. Reported by Paul Rolfe, patched by Gregory Nietsky)
- (Closes issue ASTERISK-18487. Reported by Jason Legault, patched by Gregory
- Nietsky)
-
- * --- Fix regression in configure script for libpri capability checks ---
- (Closes issue ASTERISK-18687. Reported by norbert, patched by Richard Mudgett)
-
- * --- Properly ignore AST_CONTROL_UPDATE_RTP_PEER in more places ---
- (Closes issue ASTERISK-18610. Reported by Kristijan_Vrban, patched by Terry
- Wilson, and again by Kristijan_Vrban)
-
- * --- Fix issue with removing peers by IP ---
- (Closes issue ASTERISK-18696. Reported by rsw686, patched by Terry Wilson)
-
- For a full list of changes in this release candidate, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.8.0-rc2
* Tue Nov 08 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.8.0-0.1.rc1
- The Asterisk Development Team announces the first release candidate of
- Asterisk 1.8.8.0. This release candidate is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/
-
- The release of Asterisk 1.8.8.0-rc1 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is a sample of the issues resolved in this release candidate:
-
- * Updated SIP 484 handling; added Incomplete control frame
- When a SIP phone uses the dial application and receives a 484 Address
- Incomplete response, if overlapped dialing is enabled for SIP, then the 484
- Address Incomplete is forwarded back to the SIP phone and the HANGUPCAUSE
- channel variable is set to 28. Previously, the Incomplete application
- dialplan logic was automatically triggered; now, explicit dialplan usage of
- the application is required.
- (Closes ASTERISK-17288. Reported by: Mikael Carlsson Tested by: Matthew
- Jordan Review: https://reviewboard.asterisk.org/r/1416/)
-
- * Prevent IAX2 from getting IPv6 addresses via DNS IAX2 does not support IPv6
- and getting such addresses from DNS can cause error messages on the remote
- end involving bad IPv4 address casts in the presence of IPv6/IPv4 tunnels.
- (Closes issue ASTERISK-18090. Patched by Kinsey Moore)
-
- * Fix bad RTP media bridges in directmedia calls on peers separated by multiple
- Asterisk nodes.
- (Closes issue ASTERISK-18340. Reported by: Thomas Arimont. Closes issue
- ASTERISK-17725. Reported by: kwk. Tested by: twilson, jrose)
-
- * Fix crashes in ast_rtcp_write()
- (Closes issue ASTERISK-18570)
- Related issues that look like they are the same problem:
- (Issue ASTERISK-17560, ASTERISK-15406, ASTERISK-15257, ASTERISK-13334,
- ASTERISK-9977, ASTERISK-9716)
- Review: https://reviewboard.asterisk.org/r/1444/
- Patched by: Russell Bryant
-
- * Fix for incorrect voicemail duration in external notifications.
- This patch fixes an issue where the voicemail duration was being reported
- with a duration significantly less than the actual sound file duration.
- (Closes ASTERISK-16981. Reported by: Mary Ciuciu, Byron Clark, Brad House,
- Karsten Wemheuer, KevinH Tested by: Matt Jordan
- Review: https://reviewboard.asterisk.org/r/1443)
-
- * Prevent segfault if call arrives before Asterisk is fully booted.
- (Patched by alecdavis. https://reviewboard.asterisk.org/r/1407/)
-
- For a full list of changes in this release candidate, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.8.0-rc1
* Mon Oct 17 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.7.1-1
- The Asterisk Development Team has announced a security release for Asterisk 1.8.
- The available security release is released as version 1.8.7.1.
-
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/releases
-
- The release of Asterisk 1.8.7.1 resolves an issue with SIP URI parsing which can
- lead to a remotely exploitable crash:
-
- Remote Crash Vulnerability in SIP channel driver (AST-2011-012)
-
- The issue and resolution is described in the AST-2011-012 security
- advisory.
-
- For more information about the details of this vulnerability, please read the
- security advisory AST-2011-012, which was released at the same time as this
- announcement.
-
- For a full list of changes in the current release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.7.1
* Mon Oct 03 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.7.0-1
- The Asterisk Development Team announces the release of Asterisk 1.8.7.0. This
- release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/
-
- The release of Asterisk 1.8.7.0 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- Please note that a significant numbers of changes and fixes have gone into
- features.c in this release (call parking, built-in transfers, call pickup,
- etc.).
-
- NOTE:
-
- Recently, we were notified that the mechanism included in our Asterisk source
- code releases to download and build support for the iLBC codec had stopped
- working correctly; a little investigation revealed that this occurred because of
- some changes on the ilbcfreeware.org website. These changes occurred as a result
- of Google's acquisition of GIPS, who produced (and provided licenses for) the
- iLBC codec.
-
- If you are a user of Asterisk and iLBC together, and you've already executed a
- license agreement with GIPS, we believe you can continue using iLBC with
- Asterisk. If you are a user of Asterisk and iLBC together, but you had not
- executed a license agreement with GIPS, we encourage you to research the
- situation and consult with your own legal representatives to determine what
- actions you may want to take (or avoid taking).
-
- More information is available on the Asterisk blog:
-
- http://blogs.asterisk.org/2011/09/19/ilbc-support-in-asterisk-after-googles-acquisition-of-gips/
-
- The following is a sample of the issues resolved in this release:
-
- * Added the 'storesipcause' option to sip.conf to allow the user to disable the
- setting of HASH(SIP_CAUSE,) on the channel. Having chan_sip set
- HASH(SIP_CAUSE,) on the channel carries a significant performance
- penalty because of the usage of the MASTER_CHANNEL() dialplan function.
-
- We've decided to disable this feature by default in future 1.8 versions. This
- would be an unexpected behavior change for anyone depending on that SIP_CAUSE
- update in their dialplan. Please refer to the asterisk-dev mailing list more
- information:
-
- http://lists.digium.com/pipermail/asterisk-dev/2011-August/050626.html
-
- * Significant fixes and improvements to parking lots.
- (Closes issues ASTERISK-17183, ASTERISK-17870, ASTERISK-17430, ASTERISK-17452,
- ASTERISK-17452, ASTERISK-15792. Reported by: David Cabrejos, Remi Quezada,
- Philippe Lindheimer, David Woolley, Mat Murdock. Patched by: rmudgett)
-
- * Numerous issues have been reported for deadlocks that are caused by a blocking
- read in res_timing_timerfd on a file descriptor that will never be written to.
-
- A change to Asterisk adds some checks to make sure that the timerfd is both
- valid and armed before calling read(). Should fix: ASTERISK-18142,
- ASTERISK-18197, ASTERISK-18166 and possibly others.
- (In essence, this change should make res_timing_timerfd usable.)
-
- * Resolve segfault when publishing device states via XMPP and not connected.
- (Closes issue ASTERISK-18078. Reported, patched by: Michael L. Young. Tested
- by Jonathan Rose)
-
- * Refresh peer address if DNS unavailable at peer creation.
- (Closes issue ASTERISK-18000)
-
- * Fix the missing DAHDI channels when using the newer chan_dahdi.conf sections
- for channel configuration.
- (Closes issue ASTERISK-18496. Reported by Sean Darcy. Patched by Richard
- Mudgett)
-
- * Remove unnecessary libpri dependency checks in the configure script.
- (Closes issue ASTERISK-18535. Reported by Michael Keuter. Patched by Richard
- Mudgett)
-
- * Update get_ilbc_source.sh script to work again.
- (Closes issue ASTERISK-18412)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.7.0
* Tue Sep 20 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.6.0-4
- Add additional patch for res_pktccops.
* Tue Sep 20 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.6.0-3
- Add patch to fix compatibility with 389 directory server.
* Tue Sep 20 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.6.0-2
- Add patches to fix many bug reports from bugzilla.
* Tue Sep 20 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.6.0-1
- The Asterisk Development Team announces the release of Asterisk 1.8.6.0. This
- release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/
-
- The release of Asterisk 1.8.6.0 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is a sample of the issues resolved in this release:
-
- * Fix an issue with Music on Hold classes losing files in playlist when realtime
- is used.
- (Closes issue ASTERISK-17875. Reported by David Cunningham. Patched by Igor
- Goncharovsky)
-
- * Resolve a potential crash in chan_sip when utilizing auth= and performing a
- 'sip reload' from the console.
- (Closes issue ASTERISK-17939. Reported by wdoekes. Patched by Richard Mudgett)
-
- * Address some improper sql statements in res_odbc that would cause an update
- to fail on realtime peers due to trying to set as "(NULL)" rather than an
- actual NULL.
- (Closes issue ASTERISK-17791. Reported by marcelloceschia. Patched by Tilghman
- Lesher)
-
- * Resolve issue where 403 Forbidden would always be sent maximum number of times
- regardless to receipt of ACK.
- (Patched by Richard Mudgett)
-
- * Resolve issue where if a call to MeetMe includes both the dynamic(D) and
- always request PIN(P) options, MeetMe will ask for the PIN two times: once for
- creating the conference and once for entering the conference.
- (Patched by Kinsey Moore)
-
- * Fix New Zealand indications profile based on
- http://www.telepermit.co.nz/TNA102.pdf
- (Closes issue ASTERISK-16263. Reported, Patched by richardf)
-
- * Segfault in shell_helper in func_shell.c
- (Closes issue ASTERISK-18109. Reported by Michael Myles, patched by Richard
- Mudgett)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.6.0
* Tue Aug 23 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.6.0-0.2.rc2
- The Asterisk Development Team has announced the second release candidate of
- Asterisk 1.8.6.0. This release candidate is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/
-
- The release of Asterisk 1.8.6.0-rc2 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is a sample of the issues resolved in this release candidate:
-
- * --- Segfault in shell_helper in func_shell.c ---
- (Closes issue ASTERISK-18109.
- Reported by Michael Myles, patched by Richard Mudgett)
-
- * --- Re-add support for spaces in pathnames ---
- (Closes issue ASTERISK-18290.
- Reported by Paul Belanger, patched by Tilghman Lesher)
-
- For a full list of changes in this release candidate, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.6.0-rc2
* Thu Aug 11 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.6.0-0.1.rc1
- The Asterisk Development Team announces the first release candidate of
- Asterisk 1.8.6.0. This release candidate is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/
-
- The release of Asterisk 1.8.6.0-rc1 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is a sample of the issues resolved in this release candidate:
-
- * Fix an issue with Music on Hold classes losing files in playlist when realtime
- is used.
- (Closes issue ASTERISK-17875. Reported by David Cunningham. Patched by Igor
- Goncharovsky)
-
- * Resolve a potential crash in chan_sip when utilizing auth= and performing a
- 'sip reload' from the console.
- (Closes issue ASTERISK-17939. Reported by wdoekes. Patched by Richard Mudgett)
-
- * Address some improper sql statements in res_odbc that would cause an update
- to fail on realtime peers due to trying to set as "(NULL)" rather than an
- actual NULL.
- (Closes issue ASTERISK-17791. Reported by marcelloceschia. Patched by Tilghman
- Lesher)
-
- * Resolve issue where 403 Forbidden would always be sent maximum number of times
- regardless to receipt of ACK.
- (Patched by Richard Mudgett)
-
- * Updated chan_gtalk to work with changes made by Google.
- (Closes issue ASTERISK-18804. Patched by Terry Wilson)
-
- * Resolve issue where if a call to MeetMe includes both the dynamic(D) and
- always request PIN(P) options, MeetMe will ask for the PIN two times: once for
- creating the conference and once for entering the conference.
- (Patched by Kinsey Moore)
-
- * Fix New Zealand indications profile based on
- http://www.telepermit.co.nz/TNA102.pdf
- (Closes issue ASTERISK-16263. Reported, Patched by richardf)
-
- For a full list of changes in this release candidate, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.6.0-rc1
* Thu Jul 21 2011 Petr Sabata <contyk@redhat.com> - 1.8.5.0-1.2
- Perl mass rebuild
* Wed Jul 20 2011 Petr Sabata <contyk@redhat.com> - 1.8.5.0-1.1
- Perl mass rebuild
* Mon Jul 11 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.5.0-1
- The Asterisk Development Team announces the release of Asterisk 1.8.5.0. This
- release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/
-
- The release of Asterisk 1.8.5.0 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is a sample of the issues resolved in this release:
-
- * Fix Deadlock with attended transfer of SIP call
- (Closes issue #18837. Reported, patched by alecdavis. Tested by Irontec, ZX81,
- cmaj)
-
- * Fixes thread blocking issue in the sip TCP/TLS implementation.
- (Closes issue #18497. Reported by vois. Patched by dvossel. Tested by vois,
- rossbeer, kowalma, Freddi_Fonet)
-
- * Be more tolerant of what URI we accept for call completion PUBLISH requests.
- (Closes issue #18946. Reported by GeorgeKonopacki. Patched by mmichelson)
-
- * Fix a nasty chanspy bug which was causing a channel leak every time a spied on
- channel made a call.
- (Closes issue #18742. Reported by jkister. Tested by jcovert, jrose)
-
- * This patch fixes a bug with MeetMe behavior where the 'P' option for always
- prompting for a pin is ignored for the first caller.
- (Closes issue #18070. Reported by mav3rick. Patched by bbryant)
-
- * Fix issue where Asterisk does not hangup a channel after endpoint hangs up. If
- the call that the dialplan started an AGI script for is hungup while the AGI
- script is in the middle of a command then the AGI script is not notified of
- the hangup.
- (Closes issue #17954, #18492. Reported by mn3250, devmod. Patched by rmudgett)
-
- * Resolve issue where leaving a voicemail, the MWI message is never sent. The
- same thing happens when checking a voicemail and marking it as read.
- (Closes issue ASTERISK-18002. Reported by Leif Madsen. Resolved by Richard
- Mudgett)
-
- * Resolve issue where wait for leader with Music On Hold allows crosstalk
- between participants. Parenthesis in the wrong position. Regression from issue
- #14365 when expanding conference flags to use 64 bits.
- (Closes issue #18418. Reported by MrHanMan. Patched by rmudgett)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.5.0
* Thu Jul 07 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.5-0.2
- Rebuild for net-snmp 5.7
* Fri Jul 01 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.5-0.1.rc1
- Fix systemd dependencies in EL6 and F15
* Fri Jul 01 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.4.4-3
- Bump release
* Fri Jul 01 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.4.4-2
- Fix systemd dependencies in EL6 and F15
* Thu Jun 30 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.5-0.1.rc1
- The Asterisk Development Team has announced the first release candidate of
- Asterisk 1.8.5. This release candidate is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/
-
- The release of Asterisk 1.8.5-rc1 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is a sample of the issues resolved in this release candidate:
-
- * Fix Deadlock with attended transfer of SIP call
- (Closes issue #18837. Reported, patched by alecdavis. Tested by Irontec, ZX81,
- cmaj)
-
- * Fixes thread blocking issue in the sip TCP/TLS implementation.
- (Closes issue #18497. Reported by vois. Patched by dvossel. Tested by vois,
- rossbeer, kowalma, Freddi_Fonet)
-
- * Be more tolerant of what URI we accept for call completion PUBLISH requests.
- (Closes issue #18946. Reported by GeorgeKonopacki. Patched by mmichelson)
-
- * Fix a nasty chanspy bug which was causing a channel leak every time a spied on
- channel made a call.
- (Closes issue #18742. Reported by jkister. Tested by jcovert, jrose)
-
- * This patch fixes a bug with MeetMe behavior where the 'P' option for always
- prompting for a pin is ignored for the first caller.
- (Closes issue #18070. Reported by mav3rick. Patched by bbryant)
-
- * Fix issue where Asterisk does not hangup a channel after endpoint hangs up. If
- the call that the dialplan started an AGI script for is hungup while the AGI
- script is in the middle of a command then the AGI script is not notified of
- the hangup.
- (Closes issue #17954, #18492. Reported by mn3250, devmod. Patched by rmudgett)
-
- * Resolve issue where leaving a voicemail, the MWI message is never sent. The
- same thing happens when checking a voicemail and marking it as read.
- (Closes issue ASTERISK-18002. Reported by Leif Madsen. Resolved by Richard
- Mudgett)
-
- * Resolve issue where wait for leader with Music On Hold allows crosstalk
- between participants. Parenthesis in the wrong position. Regression from issue
- #14365 when expanding conference flags to use 64 bits.
- (Closes issue #18418. Reported by MrHanMan. Patched by rmudgett)
-
- * Fix timerfd locking issue.
- (Closes ASTERISK-17867, ASTERISK-17415. Patched by kobaz)
-
- For a full list of changes in this release candidate, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.5-rc1
* Thu Jun 30 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.4.4-2
- Fedora Directory Server -> 389 Directory Server
* Wed Jun 29 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.4.4-1
- The Asterisk Development Team has announced the release of Asterisk
- versions 1.4.41.2, 1.6.2.18.2, and 1.8.4.4, which are security
- releases.
-
- These releases are available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/releases
-
- The release of Asterisk 1.4.41.2, 1.6.2.18.2, and 1.8.4.4 resolves the
- following issue:
-
- AST-2011-011: Asterisk may respond differently to SIP requests from an
- invalid SIP user than it does to a user configured on the system, even
- when the alwaysauthreject option is set in the configuration. This can
- leak information about what SIP users are valid on the Asterisk
- system.
-
- For more information about the details of this vulnerability, please
- read the security advisory AST-2011-011, which was released at the
- same time as this announcement.
-
- For a full list of changes in the current releases, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.4.41.2
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.18.2
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.4.4
-
- Security advisory AST-2011-011 is available at:
-
- http://downloads.asterisk.org/pub/security/AST-2011-011.pdf
* Mon Jun 27 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.4.3-3
- Don't forget stereorize
* Mon Jun 27 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.4.3-2
- Move /var/run/asterisk to /run/asterisk
- Add comments to systemd service file on how to mimic safe_asterisk functionality
- Build more of the optional binaries
- Install the tmpfiles.d configuration on Fedora 15
* Fri Jun 24 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.4.3-1
- The Asterisk Development Team has announced the release of Asterisk versions
- 1.4.41.1, 1.6.2.18.1, and 1.8.4.3, which are security releases.
-
- These releases are available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/releases
-
- The release of Asterisk 1.4.41.1, 1.6.2.18, and 1.8.4.3 resolves several issues
- as outlined below:
-
- * AST-2011-008: If a remote user sends a SIP packet containing a null,
- Asterisk assumes available data extends past the null to the
- end of the packet when the buffer is actually truncated when
- copied. This causes SIP header parsing to modify data past
- the end of the buffer altering unrelated memory structures.
- This vulnerability does not affect TCP/TLS connections.
- -- Resolved in 1.6.2.18.1 and 1.8.4.3
-
- * AST-2011-009: A remote user sending a SIP packet containing a Contact header
- with a missing left angle bracket (<) causes Asterisk to
- access a null pointer.
- -- Resolved in 1.8.4.3
-
- * AST-2011-010: A memory address was inadvertently transmitted over the
- network via IAX2 via an option control frame and the remote party would try
- to access it.
- -- Resolved in 1.4.41.1, 1.6.2.18.1, and 1.8.4.3
-
- The issues and resolutions are described in the AST-2011-008, AST-2011-009, and
- AST-2011-010 security advisories.
-
- For more information about the details of these vulnerabilities, please read
- the security advisories AST-2011-008, AST-2011-009, and AST-2011-010, which were
- released at the same time as this announcement.
-
- For a full list of changes in the current releases, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.4.41.1
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.18.1
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.4.3
-
- Security advisories AST-2011-008, AST-2011-009, and AST-2011-010 are available
- at:
-
- http://downloads.asterisk.org/pub/security/AST-2011-008.pdf
- http://downloads.asterisk.org/pub/security/AST-2011-009.pdf
- http://downloads.asterisk.org/pub/security/AST-2011-010.pdf
* Tue Jun 21 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.4.2-2
- Convert to systemd
* Fri Jun 17 2011 Marcela Mašláňová <mmaslano@redhat.com> - 1.8.4.2-1.2
- Perl mass rebuild
* Fri Jun 10 2011 Marcela Mašláňová <mmaslano@redhat.com> - 1.8.4.2-1.1
- Perl 5.14 mass rebuild
* Fri Jun 03 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.4.2-1:
-
- The Asterisk Development Team has announced the release of Asterisk
- version 1.8.4.2, which is a security release for Asterisk 1.8.
-
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/releases
-
- The release of Asterisk 1.8.4.2 resolves an issue with SIP URI
- parsing which can lead to a remotely exploitable crash:
-
- Remote Crash Vulnerability in SIP channel driver (AST-2011-007)
-
- The issue and resolution is described in the AST-2011-007 security
- advisory.
-
- For more information about the details of this vulnerability, please
- read the security advisory AST-2011-007, which was released at the
- same time as this announcement.
-
- For a full list of changes in the current release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.4.2
-
- Security advisory AST-2011-007 is available at:
-
- http://downloads.asterisk.org/pub/security/AST-2011-007.pdf
-
- The Asterisk Development Team has announced the release of Asterisk 1.8.4.1.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/
-
- The release of Asterisk 1.8.4.1 resolves several issues reported by the
- community. Without your help this release would not have been possible.
- Thank you!
-
- Below is a list of issues resolved in this release:
-
- * Fix our compliance with RFC 3261 section 18.2.2. (aka Cisco phone fix)
- (Closes issue #18951. Reported by jmls. Patched by wdoekes)
-
- * Resolve a change in IPv6 header parsing due to the Cisco phone fix issue.
- This issue was found and reported by the Asterisk test suite.
- (Closes issue #18951. Patched by mnicholson)
-
- * Resolve potential crash when using SIP TLS support.
- (Closes issue #19192. Reported by stknob. Patched by Chainsaw. Tested by
- vois, Chainsaw)
-
- * Improve reliability when using SIP TLS.
- (Closes issue #19182. Reported by st. Patched by mnicholson)
-
-
- For a full list of changes in this release candidate, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.4.1
- The Asterisk Development Team has announced the release of Asterisk 1.8.4. This
- release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/
-
- The release of Asterisk 1.8.4 resolves several issues reported by the community.
- Without your help this release would not have been possible. Thank you!
-
- Below is a sample of the issues resolved in this release:
-
- * Use SSLv23_client_method instead of old SSLv2 only.
- (Closes issue #19095, #19138. Reported, patched by tzafrir. Tested by russell
- and chazzam.
-
- * Resolve crash in ast_mutex_init()
- (Patched by twilson)
-
- * Resolution of several DTMF based attended transfer issues.
- (Closes issue #17999, #17096, #18395, #17273. Reported by iskatel, gelo,
- shihchuan, grecco. Patched by rmudgett)
-
- NOTE: Be sure to read the ChangeLog for more information about these changes.
-
- * Resolve deadlocks related to device states in chan_sip
- (Closes issue #18310. Reported, patched by one47. Patched by jpeeler)
-
- * Resolve an issue with the Asterisk manager interface leaking memory when
- disabled.
- (Reported internally by kmorgan. Patched by russellb)
-
- * Support greetingsfolder as documented in voicemail.conf.sample.
- (Closes issue #17870. Reported by edhorton. Patched by seanbright)
-
- * Fix channel redirect out of MeetMe() and other issues with channel softhangup
- (Closes issue #18585. Reported by oej. Tested by oej, wedhorn, russellb.
- Patched by russellb)
-
- * Fix voicemail sequencing for file based storage.
- (Closes issue #18498, #18486. Reported by JJCinAZ, bluefox. Patched by
- jpeeler)
-
- * Set hangup cause in local_hangup so the proper return code of 486 instead of
- 503 when using Local channels when the far sides returns a busy. Also affects
- CCSS in Asterisk 1.8+.
- (Patched by twilson)
-
- * Fix issues with verbose messages not being output to the console.
- (Closes issue #18580. Reported by pabelanger. Patched by qwell)
-
- * Fix Deadlock with attended transfer of SIP call
- (Closes issue #18837. Reported, patched by alecdavis. Tested by
- alecdavid, Irontec, ZX81, cmaj)
-
- Includes changes per AST-2011-005 and AST-2011-006
- For a full list of changes in this release candidate, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.4
-
- Information about the security releases are available at:
-
- http://downloads.asterisk.org/pub/security/AST-2011-005.pdf
- http://downloads.asterisk.org/pub/security/AST-2011-006.pdf
* Thu Apr 21 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.3.3-1
- The Asterisk Development Team has announced security releases for Asterisk
- branches 1.4, 1.6.1, 1.6.2, and 1.8. The available security releases are
- released as versions 1.4.40.1, 1.6.1.25, 1.6.2.17.3, and 1.8.3.3.
-
- These releases are available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/releases
-
- The releases of Asterisk 1.4.40.1, 1.6.1.25, 1.6.2.17.3, and 1.8.3.3 resolve two
- issues:
-
- * File Descriptor Resource Exhaustion (AST-2011-005)
- * Asterisk Manager User Shell Access (AST-2011-006)
-
- The issues and resolutions are described in the AST-2011-005 and AST-2011-006
- security advisories.
-
- For more information about the details of these vulnerabilities, please read the
- security advisories AST-2011-005 and AST-2011-006, which were released at the
- same time as this announcement.
-
- For a full list of changes in the current releases, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.4.40.1
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.1.25
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.17.3
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.3.3
-
- Security advisory AST-2011-005 and AST-2011-006 are available at:
-
- http://downloads.asterisk.org/pub/security/AST-2011-005.pdf
- http://downloads.asterisk.org/pub/security/AST-2011-006.pdf
* Wed Mar 23 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.3.2-2
- Bump release and rebuild for mysql 5.5.10 soname change.
* Thu Mar 17 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.3.2-1
- The Asterisk Development Team has announced security releases for Asterisk
- branches 1.6.1, 1.6.2, and 1.8. The available security releases are
- released as versions 1.6.1.24, 1.6.2.17.2, and 1.8.3.2.
-
- These releases are available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/releases
-
- ** This is a re-release of Asterisk 1.6.1.23, 1.6.2.17.1 and 1.8.3.1 which
- contained a bug which caused duplicate manager entries (issue #18987).
-
- The releases of Asterisk 1.6.1.24, 1.6.2.17.2, and 1.8.3.2 resolve two issues:
-
- * Resource exhaustion in Asterisk Manager Interface (AST-2011-003)
- * Remote crash vulnerability in TCP/TLS server (AST-2011-004)
-
- The issues and resolutions are described in the AST-2011-003 and AST-2011-004
- security advisories.
-
- For more information about the details of these vulnerabilities, please read the
- security advisories AST-2011-003 and AST-2011-004, which were released at the
- same time as this announcement.
-
- For a full list of changes in the current releases, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.1.24
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.17.2
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.3.2
-
- Security advisory AST-2011-003 and AST-2011-004 are available at:
-
- http://downloads.asterisk.org/pub/security/AST-2011-003.pdf
- http://downloads.asterisk.org/pub/security/AST-2011-004.pdf
* Thu Mar 17 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.3.1-1
- The Asterisk Development Team has announced security releases for Asterisk
- branches 1.6.1, 1.6.2, and 1.8. The available security releases are
- released as versions 1.6.1.23, 1.6.2.17.1, and 1.8.3.1.
-
- These releases are available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/releases
-
- The releases of Asterisk 1.6.1.23, 1.6.2.17.1, and 1.8.3.1 resolve two issues:
-
- * Resource exhaustion in Asterisk Manager Interface (AST-2011-003)
- * Remote crash vulnerability in TCP/TLS server (AST-2011-004)
-
- The issues and resolutions are described in the AST-2011-003 and AST-2011-004
- security advisories.
-
- For more information about the details of these vulnerabilities, please read the
- security advisories AST-2011-003 and AST-2011-004, which were released at the
- same time as this announcement.
-
- For a full list of changes in the current releases, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.1.23
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.17.1
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.3.1
-
- Security advisory AST-2011-003 and AST-2011-004 are available at:
-
- http://downloads.asterisk.org/pub/security/AST-2011-003.pdf
- http://downloads.asterisk.org/pub/security/AST-2011-004.pdf
* Mon Feb 28 2011 <jeff@ocjtech.us> - 1.8.3-1
- The Asterisk Development Team has announced the release of Asterisk 1.8.3. This
- release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/
-
- The release of Asterisk 1.8.3 resolves several issues reported by the community
- and would have not been possible without your participation. Thank you!
-
- The following is a sample of the issues resolved in this release:
-
- * Resolve duplicated data in the AstDB when using DIALGROUP()
- (Closes issue #18091. Reported by bunny. Patched by tilghman)
-
- * Ensure the ipaddr field in realtime is large enough to handle IPv6 addresses.
- (Closes issue #18464. Reported, patched by IgorG)
-
- * Reworking parsing of mwi => lines to resolve a segfault. Also add a set of
- unit tests for the function that does the parsing.
- (Closes issue #18350. Reported by gbour. Patched by Marquis)
-
- * When using cdr_pgsql the billsec field was not populated correctly on
- unanswered calls.
- (Closes issue #18406. Reported by joscas. Patched by tilghman)
-
- * Resolve memory leak in iCalendar and Exchange calendaring modules.
- (Closes issue #18521. Reported, patched by pitel. Tested by cervajs)
-
- * This version of Asterisk includes the new Compiler Flags option
- BETTER_BACKTRACES which uses libbfd to search for better symbol information
- within both the Asterisk binary, as well as loaded modules, to assist when
- using inline backtraces to track down problems.
- (Patched by tilghman)
-
- * Resolve issue where no Music On Hold may be triggered when using
- res_timing_dahdi.
- (Closes issues #18262. Reported by francesco_r. Patched by cjacobson. Tested
- by francesco_r, rfrantik, one47)
-
- * Resolve a memory leak when the Asterisk Manager Interface is disabled.
- (Reported internally by kmorgan. Patched by russellb)
-
- * Reimplemented fax session reservation to reverse the ABI breakage introduced
- in r297486.
- (Reported internally. Patched by mnicholson)
-
- * Fix regression that changed behavior of queues when ringing a queue member.
- (Closes issue #18747, #18733. Reported by vrban. Patched by qwell.)
-
- * Resolve deadlock involving REFER.
- (Closes issue #18403. Reported, tested by jthurman. Patched by jpeeler.)
-
- Additionally, this release has the changes related to security bulletin
- AST-2011-002 which can be found at
- http://downloads.asterisk.org/pub/security/AST-2011-002.pdf
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.3
* Wed Feb 16 2011 <jeff@ocjtech.us> - 1.8.3-0.7.rc3
-
- The Asterisk Development Team has announced the third release candidate of
- Asterisk 1.8.3. This release candidate is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/
-
- The release of Asterisk 1.8.3-rc3 resolves the following issues in addition to
- those included in 1.8.3-rc1 and 1.8.3-rc2:
-
- * Fix regression that changed behavior of queues when ringing a queue member.
- (Closes issue #18747, #18733. Reported by vrban. Patched by qwell.)
-
- * Resolve deadlock involving REFER.
- (Closes issue #18403. Reported, tested by jthurman. Patched by jpeeler.)
-
- For a full list of changes in this release candidate, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.3-rc3
* Fri Feb 11 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.3-0.6.rc2
- Bump release to build for F15
* Wed Feb 09 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.3-0.5.rc2
- Remove isa macros
* Wed Feb 09 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.3-0.4.rc2
- Make library dependencies architecture specific
* Mon Feb 07 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.8.3-0.3.rc2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Wed Jan 26 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.3-0.2.rc2
The Asterisk Development Team has announced the second release candidate of
Asterisk 1.8.3. This release candidate is available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk/
The release of Asterisk 1.8.3-rc2 resolves the following issues in addition to
those included in 1.8.3-rc1:
* Resolve issue where no Music On Hold may be triggered when using
res_timing_dahdi.
(Closes issues #18262. Reported by francesco_r. Patched by cjacobson. Tested
by francesco_r, rfrantik, one47)
* Resolve a memory leak when the Asterisk Manager Interface is disabled.
(Reported internally by kmorgan. Patched by russellb)
* Reimplemented fax session reservation to reverse the ABI breakage introduced
in r297486.
(Reported internally. Patched by mnicholson)
For a full list of changes in this release candidate, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.3-rc2
* Wed Jan 26 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.3-0.1.rc1
-
- The Asterisk Development Team has announced the first release candidate of
- Asterisk 1.8.3. This release candidate is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/
-
- The release of Asterisk 1.8.3-rc1 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is a sample of the issues resolved in this release candidate:
-
- * Resolve duplicated data in the AstDB when using DIALGROUP()
- (Closes issue #18091. Reported by bunny. Patched by tilghman)
-
- * Ensure the ipaddr field in realtime is large enough to handle IPv6 addresses.
- (Closes issue #18464. Reported, patched by IgorG)
-
- * Reworking parsing of mwi => lines to resolve a segfault. Also add a set of
- unit tests for the function that does the parsing.
- (Closes issue #18350. Reported by gbour. Patched by Marquis)
-
- * When using cdr_pgsql the billsec field was not populated correctly on
- unanswered calls.
- (Closes issue #18406. Reported by joscas. Patched by tilghman)
-
- * Resolve memory leak in iCalendar and Exchange calendaring modules.
- (Closes issue #18521. Reported, patched by pitel. Tested by cervajs)
-
- * This version of Asterisk includes the new Compiler Flags option
- BETTER_BACKTRACES which uses libbfd to search for better symbol information
- within both the Asterisk binary, as well as loaded modules, to assist when
- using inline backtraces to track down problems.
- (Patched by tilghman)
* Wed Jan 26 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.2.3-1
-
- The Asterisk Development Team has announced the release of Asterisk 1.8.2.3.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/
-
- The release of Asterisk 1.8.2.3 resolves the following issue:
-
- * Reimplemented fax session reservation to reverse the ABI breakage introduced
- in r297486.
- (Reported by Jeremy Kister on the asterisk-users mailing list. Patched by
- mnicholson)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.2.3
* Mon Jan 24 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.2.2-2
- Build with SRTP support
* Mon Jan 24 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.2.2-1
-
- The Asterisk Development Team has announced a release for the security issue
- described in AST-2011-001.
-
- Due to a failed merge, Asterisk 1.8.2.1 which should have included the security
- fix did not. Asterisk 1.8.2.2 contains the the changes which should have been
- included in Asterisk 1.8.2.1.
-
- This releases is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/releases
-
- The releases of Asterisk 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1, 1.6.2.16.2,
- 1.8.1.2, and 1.8.2.2 resolve an issue when forming an outgoing SIP request while
- in pedantic mode, which can cause a stack buffer to be made to overflow if
- supplied with carefully crafted caller ID information. The issue and resolution
- are described in the AST-2011-001 security advisory.
-
- For more information about the details of this vulnerability, please read the
- security advisory AST-2011-001, which was released at the same time as this
- announcement.
-
- For a full list of changes in the current release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.2.2
-
- Security advisory AST-2011-001 is available at:
-
- http://downloads.asterisk.org/pub/security/AST-2011-001.pdf
* Mon Jan 24 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.2.1-1
-
- The Asterisk Development Team has announced security releases for the following
- versions of Asterisk:
-
- * 1.4.38.1
- * 1.4.39.1
- * 1.6.1.21
- * 1.6.2.15.1
- * 1.6.2.16.1
- * 1.8.1.2
- * 1.8.2.1
-
- These releases are available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/releases
-
- The releases of Asterisk 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1, 1.6.2.16.2,
- 1.8.1.2, and 1.8.2.1 resolve an issue when forming an outgoing SIP request while
- in pedantic mode, which can cause a stack buffer to be made to overflow if
- supplied with carefully crafted caller ID information. The issue and resolution
- are described in the AST-2011-001 security advisory.
-
- For more information about the details of this vulnerability, please read the
- security advisory AST-2011-001, which was released at the same time as this
- announcement.
-
- For a full list of changes in the current releases, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.4.38.1
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.4.39.1
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.1.21
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.15.1
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.16.1
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.1.2
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.2.1
-
- Security advisory AST-2011-001 is available at:
-
- http://downloads.asterisk.org/pub/security/AST-2011-001.pdf
* Mon Jan 24 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.2-1
-
- The Asterisk Development Team has announced the release of Asterisk 1.8.2. This
- release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/
-
- The release of Asterisk 1.8.2 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is a sample of the issues resolved in this release:
-
- * 'sip notify clear-mwi' needs terminating CRLF.
- (Closes issue #18275. Reported, patched by klaus3000)
-
- * Patch for deadlock from ordering issue between channel/queue locks in
- app_queue (set_queue_variables).
- (Closes issue #18031. Reported by rain. Patched by bbryant)
-
- * Fix cache of device state changes for multiple servers.
- (Closes issue #18284, #18280. Reported, tested by klaus3000. Patched, tested
- by russellb)
-
- * Resolve issue where channel redirect function (CLI or AMI) hangs up the call
- instead of redirecting the call.
- (Closes issue #18171. Reported by: SantaFox)
- (Closes issue #18185. Reported by: kwemheuer)
- (Closes issue #18211. Reported by: zahir_koradia)
- (Closes issue #18230. Reported by: vmarrone)
- (Closes issue #18299. Reported by: mbrevda)
- (Closes issue #18322. Reported by: nerbos)
-
- * Fix reloading of peer when a user is requested. Prevent peer reloading from
- causing multiple MWI subscriptions to be created when using realtime.
- (Closes issue #18342. Reported, patched by nivek.)
-
- * Fix XMPP PubSub-based distributed device state. Initialize pubsubflags to 0
- so res_jabber doesn't think there is already an XMPP connection sending
- device state. Also clean up CLI commands a bit.
- (Closes issue #18272. Reported by klaus3000. Patched by Marquis42)
-
- * Don't crash after Set(CDR(userfield)=...) in ast_bridge_call. Instead of
- setting peer->cdr = NULL, set it to not post.
- (Closes issue #18415. Reported by macbrody. Patched, tested by jsolares)
-
- * Fixes issue with outbound google voice calls not working. Thanks to az1234
- and nevermind_quack for their input in helping debug the issue.
- (Closes issue #18412. Reported by nevermind_quack. Patched by dvossel)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.2
* Mon Jan 24 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.1.1-1
-
- The Asterisk Development Team has announced the release of Asterisk 1.8.1.1.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/
-
- The release of Asterisk 1.8.1.1 resolves two issues reported by the community
- since the release of Asterisk 1.8.1.
-
- * Don't crash after Set(CDR(userfield)=...) in ast_bridge_call. Instead of
- setting peer->cdr = NULL, set it to not post.
- (Closes issue #18415. Reported by macbrody. Patched, tested by jsolares)
-
- * Fixes issue with outbound google voice calls not working. Thanks to az1234
- and nevermind_quack for their input in helping debug the issue.
- (Closes issue #18412. Reported by nevermind_quack. Patched by dvossel)
-
- For a full list of changes in this release candidate, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.1.1
* Mon Jan 24 2011 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.1-1
-
- The Asterisk Development Team has announced the release of Asterisk 1.8.1. This
- release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/
-
- The release of Asterisk 1.8.1 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is a sample of the issues resolved in this release:
-
- * Fix issue when using directmedia. Asterisk needs to limit the codecs offered
- to just the ones that both sides recognize, otherwise they may end up sending
- audio that the other side doesn't understand.
- (Closes issue #17403. Reported, patched by one47. Tested by one47, falves11)
-
- * Resolve issue where Party A in an analog 3-way call would continue to hear
- ringback after party C answers.
- (Patched by rmudgett)
-
- * Fix playback failure when using IAX with the timerfd module.
- (Closes issue #18110. Reported, tested by tpanton. Patched by jpeeler)
-
- * Fix problem with qualify option packets for realtime peers never stopping.
- The option packets not only never stopped, but if a realtime peer was not in
- the peer list multiple options dialogs could accumulate over time.
- (Closes issue #16382. Reported by lftsy. Tested by zerohalo. Patched by
- jpeeler)
-
- * Fix issue where it is possible to crash Asterisk by feeding the curl engine
- invalid data.
- (Closes issue #18161. Reported by wdoekes. Patched by tilghman)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.1
* Tue Jan 18 2011 Dennis Gilmore <dennis@ausil.us> - 1.8.0-6
- dont package up the ices bits on el the client doesnt exist for us
* Tue Jan 18 2011 Dennis Gilmore <dennis@ausil.us> - 1.8.0-5
- dont build the 389 directory server package its not available on rhel6
* Fri Dec 10 2010 Dennis Gilmore <dennis@ausil.us> - 1.8.0-4
- dont always build AIS modules we dont have the BuildRequires on epel
* Fri Oct 29 2010 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.0-3
- Rebuild for new net-snmp.
* Tue Oct 26 2010 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.0-2
- Always build AIS modules
* Thu Oct 21 2010 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.0-1
- The Asterisk Development Team is proud to announce the release of Asterisk
- 1.8.0. This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/
-
- Asterisk 1.8 is the next major release series of Asterisk. It will be a Long
- Term Support (LTS) release, similar to Asterisk 1.4. For more information about
- support time lines for Asterisk releases, see the Asterisk versions page.
-
- http://www.asterisk.org/asterisk-versions
-
- The release of Asterisk 1.8.0 would not have been possible without the support
- and contributions of the community. Since Asterisk 1.6.2, we've had over 500
- reporters, more than 300 testers and greater than 200 developers contributed to
- this release.
-
- You can find a summary of the work involved with the 1.8.0 release in the
- sumary:
-
- http://svn.asterisk.org/svn/asterisk/tags/1.8.0/asterisk-1.8.0-summary.txt
-
- A short list of available features includes:
-
- * Secure RTP
- * IPv6 Support in the SIP channel driver
- * Connected Party Identification Support
- * Calendaring Integration
- * A new call logging system, Channel Event Logging (CEL)
- * Distributed Device State using Jabber/XMPP PubSub
- * Call Completion Supplementary Services support
- * Advice of Charge support
- * Much, much more!
-
- A full list of new features can be found in the CHANGES file.
-
- http://svn.digium.com/view/asterisk/branches/1.8/CHANGES?view=markup
-
- For a full list of changes in the current release candidate, please see the
- ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.0
-
- Thank you for your continued support of Asterisk!
* Mon Oct 18 2010 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.0-0.8.rc5:
-
- The release of Asterisk 1.8.0-rc5 was triggered by some last minute platform
- compatibility IPv6 changes. In addition, the availability of the English sound
- prompts with Australian accents has been added.
-
- A full list of new features can be found in the CHANGES file.
-
- http://svn.digium.com/view/asterisk/branches/1.8/CHANGES?view=markup
-
- For a full list of changes in the current release candidate, please see the
- ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.0-rc5
-
- This release candidate contains fixes since the last release candidate as
- reported by the community. A sampling of the changes in this release candidate
- include:
-
- * Additional fixups in chan_gtalk that allow outbound calls to both Google
- Talk and Google Voice recipients. Adds new chan_gtalk enhancements externip
- and stunaddr.
- (Closes issue #13971. Patched by dvossel)
-
- * Resolve manager crash issue.
- (Closes issue #17994. Reported by vrban. Patchd by dvossel)
-
- * Documentation updates for sample configuration files.
- (Closes issues #18107, #18101. Reported, patched by lathama, lmadsen)
-
- * Resolve issue where faxdetect would only detect the first fax call in
- chan_dahdi.
- (Closes issue #18116. Reported by seandarcy. Patched by rmudgett)
-
- * Resolve issue where a channel that is setup and torn down *very* quickly may
- not have the right call disposition or ${DIALSTATUS}.
- (Closes issue #16946. Reported by davidw. Review
- https://reviewboard.asterisk.org/r/740/)
-
- * Set TCLASS field of IPv6 header when SIP QoS options are set.
- (Closes issue #18099. Reported by jamesnet. Patched by dvossel)
-
- * Resolve issue where Asterisk could crash on shutdown when using SRTP.
- (Closes issue #18085. Reported by st. Patched by twilson)
-
- * Fix issue where peers host port would be lost on a SIP reload.
- (Closes issue #18135. Reported, tested by lmadsen. Patched by dvossel)
-
- A short list of available features includes:
-
- * Secure RTP
- * IPv6 Support in the SIP channel driver
- * Connected Party Identification Support
- * Calendaring Integration
- * A new call logging system, Channel Event Logging (CEL)
- * Distributed Device State using Jabber/XMPP PubSub
- * Call Completion Supplementary Services support
- * Advice of Charge support
- * Much, much more!
-
- A full list of new features can be found in the CHANGES file.
-
- http://svn.digium.com/view/asterisk/branches/1.8/CHANGES?view=markup
-
- For a full list of changes in the current release candidate, please see the
- ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.0-rc4
* Fri Oct 08 2010 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.0-0.7.rc3
- This release candidate contains fixes since the release candidate as reported by
- the community. A sampling of the changes in this release candidate include:
-
- * Still build chan_sip even if res_crypto cannot be built (use, but not depend)
- (Reported by a user on the mailing list. Patched by tilghman)
-
- * Get notifications for call files only when a file is closed, not when created
- (Closes issue #17924. Reported by mkeuter. Patched by abeldeck)
-
- * Fixes to chan_gtalk to allow outbound DTMF support to work correctly. Gtalk
- expects the DTMF to arrive on the RTP stream and not via jingle DTMF
- signalling.
- (Patched by dvossel. Tested by malcolmd)
-
- * Fixes to allow chan_gtalk to communicate with the Gmail web client.
- (Patched by phsultan and dvossel)
-
- * Fix to GET DATA to allow audio to be streamed via an AGI.
- (Closes issue #18001. Reported by jamicque. Patched by tilghman)
-
- * Resolve dnsmgr memory corruption in chan_iax2.
- (Closes issue #17902. Reported by afried. Patched by russell, dvossel)
-
- A short list of available features includes:
-
- * Secure RTP
- * IPv6 Support in the SIP channel driver
- * Connected Party Identification Support
- * Calendaring Integration
- * A new call logging system, Channel Event Logging (CEL)
- * Distributed Device State using Jabber/XMPP PubSub
- * Call Completion Supplementary Services support
- * Advice of Charge support
- * Much, much more!
-
- A full list of new features can be found in the CHANGES file.
-
- http://svn.digium.com/view/asterisk/branches/1.8/CHANGES?view=checkout
-
- For a full list of changes in the current release candidate, please see the
- ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.0-rc3
* Wed Oct 06 2010 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.0-0.6.rc2
- This release candidate contains fixes since the last beta release as reported by
- the community. A sampling of the changes in this release candidate include:
-
- * Add slin16 support for format_wav (new wav16 file extension)
- (Closes issue #15029. Reported, patched by andrew. Tested by Qwell)
-
- * Fixes a bug in manager.c where the default configuration values weren't reset
- when the manager configuration was reloaded.
- (Closes issue #17917. Reported by lmadsen. Patched by bbryant)
-
- * Various fixes for the calendar modules.
- (Patched by Jan Kalab.
- Reviewboard: https://reviewboard.asterisk.org/r/880/
- Closes issue #17877. Review: https://reviewboard.asterisk.org/r/916/
- Closes issue #17776. Review: https://reviewboard.asterisk.org/r/921/)
-
- * Add CHANNEL(checkhangup) to check whether a channel is in the process of
- being hung up.
- (Closes issue #17652. Reported, patched by kobaz)
-
- * Fix a bug with MeetMe where after announcing the amount of time left in a
- conference, if music on hold was playing, it doesn't restart.
- (Closes issue #17408, Reported, patched by sysreq)
-
- * Fix interoperability problems with session timer behavior in Asterisk.
- (Closes issue #17005. Reported by alexcarey. Patched by dvossel)
-
- * Rate limit calls to fsync() to 1 per second after astdb updates. Astdb was
- determined to be one of the most significant bottlenecks in SIP registration
- processing. This patch improved the speed of an astdb load test by 50000%
- (yes, Fifty-Thousand Percent). On this particular load test setup, this
- doubled the number of SIP registrations the server could handle.
- (Review: https://reviewboard.asterisk.org/r/825/)
-
- * Don't clear the username from a realtime database when a registration
- expires. Non-realtime chan_sip does not clear the username from memory when a
- registration expiries so realtime probably shouldn't either.
- (Closes issue #17551. Reported, patched by: ricardolandim. Patched by
- mnicholson)
-
- * Don't hang up a call on an SRTP unprotect failure. Also make it more obvious
- when there is an issue en/decrypting.
- (Closes issue #17563. Reported by Alexcr. Patched by sfritsch. Tested by
- twilson)
-
- * Many more issues. This is a significant upgrade over Asterisk 1.8.0 beta 5!
-
- A short list of available features includes:
-
- * Secure RTP
- * IPv6 Support in the SIP channel driver
- * Connected Party Identification Support
- * Calendaring Integration
- * A new call logging system, Channel Event Logging (CEL)
- * Distributed Device State using Jabber/XMPP PubSub
- * Call Completion Supplementary Services support
- * Advice of Charge support
- * Much, much more!
-
- A full list of new features can be found in the CHANGES file.
-
- http://svn.digium.com/view/asterisk/branches/1.8/CHANGES?view=checkout
-
- For a full list of changes in the current release candidate, please see the
- ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.0-rc2
* Thu Sep 09 2010 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.0-0.5.beta5
- This release contains fixes since the last beta release as reported by the
- community. A sampling of the changes in this release include:
-
- * Fix issue where TOS is no longer set on RTP packets.
- (Closes issue #17890. Reported, patched by elguero)
-
- * Change pedantic default value in chan_sip from 'no' to 'yes'
-
- * Asterisk now dynamically builds the "Supported" header depending on what is
- enabled/disabled in sip.conf. Session timers used to always be advertised as
- being supported even when they were disabled in the configuration.
- (Related to issue #17005. Patched by dvossel)
-
- * Convert MOH to use generic timers.
- (Closes issue #17726. Reported by lmadsen. Patched by tilghman)
-
- * Fix SRTP for changing SSRC and multiple a=crypto SDP lines. Adding code to
- Asterisk that changed the SSRC during bridges and masquerades broke SRTP
- functionality. Also broken was handling the situation where an incoming
- INVITE had more than one crypto offer.
- (Closes issue #17563. Reported by Alexcr. Patched by twilson)
-
- Asterisk 1.8 contains many new features over previous releases of Asterisk.
- A short list of included features includes:
-
- * Secure RTP
- * IPv6 Support in the SIP Channel
- * Connected Party Identification Support
- * Calendaring Integration
- * A new call logging system, Channel Event Logging (CEL)
- * Distributed Device State using Jabber/XMPP PubSub
- * Call Completion Supplementary Services support
- * Advice of Charge support
- * Much, much more!
-
- A full list of new features can be found in the CHANGES file.
-
- http://svn.digium.com/view/asterisk/branches/1.8/CHANGES?view=checkout
-
- For a full list of changes in the current release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.0-beta5
* Tue Aug 24 2010 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.0-0.4.beta4
- This release contains fixes since the last beta release as reported by the
- community. A sampling of the changes in this release include:
-
- * Fix parsing of IPv6 address literals in outboundproxy
- (Closes issue #17757. Reported by oej. Patched by sperreault)
-
- * Change the default value for alwaysauthreject in sip.conf to "yes".
- (Closes issue #17756. Reported by oej)
-
- * Remove current STUN support from chan_sip.c. This change removes the current
- broken/useless STUN support from chan_sip.
- (Closes issue #17622. Reported by philipp2.
- Review: https://reviewboard.asterisk.org/r/855/)
-
- * PRI CCSS may use a stale dial string for the recall dial string. If an
- outgoing call negotiates a different B channel than initially requested, the
- saved original dial string was not transferred to the new B channel. CCSS
- uses that dial string to generate the recall dial string.
- (Patched by rmudgett)
-
- * Split _all_ arguments before parsing them. This fixes multicast RTP paging
- using linksys mode.
- (Patched by russellb)
-
- * Expand cel_custom.conf.sample. Include the usage of CSV_QUOTE() to ensure
- data has valid CSV formatting. Also list the special CEL variables that are
- available for use in the mapping. There are also several other CEL fixes in
- this release.
- (Patched by russellb)
-
- Asterisk 1.8 contains many new features over previous releases of Asterisk.
- A short list of included features includes:
-
- * Secure RTP
- * IPv6 Support in the SIP Channel
- * Connected Party Identification Support
- * Calendaring Integration
- * A new call logging system, Channel Event Logging (CEL)
- * Distributed Device State using Jabber/XMPP PubSub
- * Call Completion Supplementary Services support
- * Advice of Charge support
- * Much, much more!
-
- A full list of new features can be found in the CHANGES file.
-
- http://svn.digium.com/view/asterisk/branches/1.8/CHANGES?view=checkout
-
- For a full list of changes in the current release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.0-beta4
* Wed Aug 11 2010 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.0-0.3.beta3
-
- This release contains fixes since the last beta release as reported by the
- community. A sampling of the changes in this release include:
-
- * Fix a regression where HTTP would always be enabled regardless of setting.
- (Closes issue #17708. Reported, patched by pabelanger)
-
- * ACL errors displayed on screen when using dynamic_exclude_static in sip.conf
- (Closes issue #17717. Reported by Dennis DeDonatis. Patched by mmichelson)
-
- * Support "channels" in addition to "channel" in chan_dahdi.conf.
- (https://reviewboard.asterisk.org/r/804)
-
- * Fix parsing error in sip_sipredirect(). The code was written in a way that
- did a bad job of parsing the port out of a URI. Specifically, it would do
- badly when dealing with an IPv6 address.
- (Closes issue #17661. Reported by oej. Patched by mmichelson)
-
- * Fix inband DTMF detection on outgoing ISDN calls.
- (Patched by russellb and rmudgett)
-
- * Fixes issue with translator frame not getting freed. This issue prevented
- g729 licenses from being freed up.
- (Closes issue #17630. Reported by manvirr. Patched by dvossel)
-
- * Fixed IPv6-related SIP parsing bugs and updated documention.
- (Reported by oej. Patched by sperreault)
-
- * Add new, self-contained feature FIELDNUM(). Returns a 1-based index into a
- list of a specified item. Matches up with FIELDQTY() and CUT().
- (Closes #17713. Reported, patched by gareth. Tested by tilghman)
-
- Asterisk 1.8 contains many new features over previous releases of Asterisk.
- A short list of included features includes:
-
- * Secure RTP
- * IPv6 Support
- * Connected Party Identification Support
- * Calendaring Integration
- * A new call logging system, Channel Event Logging (CEL)
- * Distributed Device State using Jabber/XMPP PubSub
- * Call Completion Supplementary Services support
- * Advice of Charge support
- * Much, much more!
-
- A full list of new features can be found in the CHANGES file.
-
- http://svn.digium.com/view/asterisk/branches/1.8/CHANGES?view=checkout
-
- For a full list of changes in the current release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.0-beta3
* Mon Aug 02 2010 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.0-0.2.beta2
- Rebuild against libpri 1.4.12
* Mon Aug 02 2010 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.8.0-0.1.beta2
- Update to 1.8.0-beta2
- Disable building chan_misdn until compilation errors are figured out (https://issues.asterisk.org/view.php?id=14333)
- Start stripping tarballs again because Digium added MP3 code :(
* Sat Jul 31 2010 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.2.10-1
-
- The following are a few of the issues resolved by community developers:
-
- * Allow users to specify a port for DUNDI peers.
- (Closes issue #17056. Reported, patched by klaus3000)
-
- * Decrease the module ref count in sip_hangup when SIP_DEFER_BYE_ON_TRANSFER is
- set.
- (Closes issue #16815. Reported, patched by rain)
-
- * If there is realtime configuration, it does not get re-read on reload unless
- the config file also changes.
- (Closes issue #16982. Reported, patched by dmitri)
-
- * Send AgentComplete manager event for attended transfers.
- (Closes issue #16819. Reported, patched by elbriga)
-
- * Correct manager variable 'EventList' case.
- (Closes issue #17520. Reported, patched by kobaz)
-
- In addition, changes to res_timing_pthread that should make it more stable have
- also been implemented.
-
- For a full list of changes in the current release, please see the
- ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.10
* Wed Jul 14 2010 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.2.8-0.3.rc1
- Add patch to remove requirement on latex2html
* Tue Jun 01 2010 Marcela Maslanova <mmaslano@redhat.com> - 1.6.2.8-0.2.rc1
- Mass rebuild with perl-5.12.0
* Tue May 04 2010 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.2.7-1
- * Fix building CDR and CEL SQLite3 modules.
- (Closes issue #17017. Reported by alephlg. Patched by seanbright)
-
- * Resolve crash in SLAtrunk when the specified trunk doesn't exist.
- (Reported in #asterisk-dev by philipp64. Patched by seanbright)
-
- * Include an extra newline after "Aliased CLI command" to get back the prompt.
- (Issue #16978. Reported by jw-asterisk. Tested, patched by seanbright)
-
- * Prevent segfault if bad magic number is encountered.
- (Issue #17037. Reported, patched by alecdavis)
-
- * Update code to reflect that handle_speechset has 4 arguments.
- (Closes issue #17093. Reported, patched by gpatri. Tested by pabelanger,
- mmichelson)
-
- * Resolve a deadlock in chan_local.
- (Closes issue #16840. Reported, patched by bzing2, russell. Tested by bzing2)
* Mon May 03 2010 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.2.7-0.2.rc3
- Update to 1.6.2.7-rc3
* Thu Apr 15 2010 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.2.7-0.1.rc2
- Update to 1.6.2.7-rc2
* Fri Mar 12 2010 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.2.6-1
- Update to final 1.6.2.6
-
- The following are a few of the issues resolved by community developers:
-
- * Make sure to clear red alarm after polarity reversal.
- (Closes issue #14163. Reported, patched by jedi98. Tested by mattbrown,
- Chainsaw, mikeeccleston)
-
- * Fix problem with duplicate TXREQ packets in chan_iax2
- (Closes issue #16904. Reported, patched by rain. Tested by rain, dvossel)
-
- * Fix crash in app_voicemail related to message counting.
- (Closes issue #16921. Reported, tested by whardier. Patched by seanbright)
-
- * Overlap receiving: Automatically send CALL PROCEEDING when dialplan starts
- (Reported, Patched, and Tested by alecdavis)
-
- * For T.38 reINVITEs treat a 606 the same as a 488.
- (Closes issue #16792. Reported, patched by vrban)
-
- * Fix ConfBridge crash when no timing module is loaded.
- (Closes issue #16471. Reported, tested by kjotte. Patched, tested by junky)
-
- For a full list of changes in this releases, please see the ChangeLog:
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.6
* Mon Mar 08 2010 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.2.6-0.1.rc2
- Update to 1.6.2.6-rc2
* Mon Mar 08 2010 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.2.5-2
- Add a patch that fixes CLI history when linking against external libedit.
* Thu Feb 25 2010 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.2.5-1
- Update to 1.6.2.5
-
- * AST-2010-002: Invalid parsing of ACL rules can compromise security
* Thu Feb 18 2010 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.2.4-1
- Update to 1.6.2.4
-
- * AST-2010-002: This security release is intended to raise awareness
- of how it is possible to insert malicious strings into dialplans,
- and to advise developers to read the best practices documents so
- that they may easily avoid these dangers.
* Wed Feb 03 2010 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.2.2-1
- Update to 1.6.2.2
-
- * AST-2010-001: An attacker attempting to negotiate T.38 over SIP can
- remotely crash Asterisk by modifying the FaxMaxDatagram field of
- the SDP to contain either a negative or exceptionally large value.
- The same crash occurs when the FaxMaxDatagram field is omitted from
- the SDP as well.
* Fri Jan 15 2010 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.2.1-1
- Update to 1.6.2.1 final:
-
- * CLI 'queue show' formatting fix.
- (Closes issue #16078. Reported by RoadKill. Tested by dvossel. Patched by
- ppyy.)
-
- * Fix misreverting from 177158.
- (Closes issue #15725. Reported, Tested by shanermn. Patched by dimas.)
-
- * Fixes subscriptions being lost after 'module reload'.
- (Closes issue #16093. Reported by jlaroff. Patched by dvossel.)
-
- * app_queue segfaults if realtime field uniqueid is NULL
- (Closes issue #16385. Reported, Tested, Patched by haakon.)
-
- * Fix to Monitor which previously assumed the file to write to did not contain
- pathing.
- (Closes issue #16377, #16376. Reported by bcnit. Patched by dant.
* Tue Jan 12 2010 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.2.1-0.1.rc1
- Update to 1.6.2.1-rc1
* Sat Dec 19 2009 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.2.0-1
- Released version of 1.6.2.0
* Wed Dec 09 2009 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.2.0-0.16.rc8
- Update to 1.6.2.0-rc8
* Wed Dec 02 2009 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.2.0-0.15.rc7
- Update to 1.6.2.0-rc7
* Tue Dec 01 2009 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.2.0-0.14.rc6
- Change the logrotate and the init scripts so that Asterisk doesn't
try and write to / or /root
* Thu Nov 19 2009 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.2.0-0.13.rc6
- Make dependency on uw-imap conditional and some other changes to
make building on RHEL5 easier.
* Fri Nov 13 2009 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.2.0-0.12.rc6
- Update to 1.6.2.0-rc6
* Mon Nov 09 2009 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.2.0-0.11.rc5
- Update to 1.6.2.0-rc5
* Fri Nov 06 2009 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.2.0-0.10.rc4
- Update to 1.6.2.0-rc4
* Tue Oct 27 2009 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.2.0-0.9.rc3
- Add patch from upstream to fix how res_http_post forms paths.
* Sat Oct 24 2009 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.2.0-0.8.rc3
- Add an AST_EXTRA_ARGS option to the init script
- have the init script to cd to /var/spool/asterisk to prevent annoying message
* Sat Oct 24 2009 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.2.0-0.7.rc3
- Compile against gmime 2.2 instead of gmime 2.4 because the patch to convert the API calls from 2.2 to 2.4 caused crashes.
* Fri Oct 09 2009 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.2.0-0.6.rc3
- Require latex2html used in static-http documents
* Wed Oct 07 2009 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.2.0-0.5.rc3
- Change ownership and permissions on config files to protect them.
* Tue Oct 06 2009 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.2.0-0.4.rc3
- Update to 1.6.2.0-rc3
* Wed Sep 30 2009 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.2.0-0.3.rc2
- Merge firmware subpackage back into the main package.
* Wed Sep 30 2009 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.2.0-0.2.rc2
- Package internal help.
- Fix up some more paths in the configs so that everything ends up where we want them.
* Wed Sep 30 2009 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.2.0-0.1.rc2
- Update to 1.6.2.0-rc2
- We no longer need to strip the tarball as it no longer includes non-free items.
* Wed Sep 09 2009 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.1.6-2
- Enable building of API docs.
- Depend on version 1.2 or newer of speex
* Sun Sep 06 2009 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.1.6-1
- Update to 1.6.1.6
- Drop patches that are too troublesome to maintain anymore or have been integrated upstream.
* Tue Sep 01 2009 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.1-0.26.rc1
- Add a patch from Quentin Armitage and rebuld.
* Fri Aug 21 2009 Tomas Mraz <tmraz@redhat.com> - 1.6.1-0.25.rc1
- rebuilt with new openssl
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.6.1-0.24.rc1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Thu Mar 05 2009 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.1-0.23.rc1
- Rebuild to pick up new AIS and ODBC deps.
- Update script that strips out bad content from tarball to do the
download and to check the GPG signature.
* Mon Feb 23 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.6.1-0.22.rc1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
* Sun Feb 08 2009 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.1-0.21.rc1
- Update to 1.6.1-rc1
- Add backport of conference bridging that is slated for 1.6.2
- Add patches to conference bridging that implement CLI apps
* Thu Jan 15 2009 Tomas Mraz <tmraz@redhat.com> - 1.6.1-0.13.beta4
- rebuild with new openssl
* Sun Jan 04 2009 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.1-0.12.beta4
- Fedora Directory Server compatibility patch/subpackage.
* Sun Jan 04 2009 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.1-0.10.beta4
- Fix up paths. BZ#477238
* Sat Jan 03 2009 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.1-0.9.beta4
- Update patches
* Sat Jan 03 2009 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.1-0.8.beta4
- Update to 1.6.1-beta4
* Tue Dec 09 2008 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.1-0.7.beta3
- Update to 1.6.1-beta3
* Tue Dec 09 2008 Alex Lancaster <alexlan[AT]fedoraproject org> - 1.6.1-0.6.beta2
- Rebuild for new gmime
* Fri Nov 07 2008 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.1-0.5.beta2
- Add patch to fix missing variable on PPC.
* Fri Nov 07 2008 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.1-0.4.beta2
- Update PPC systems don't have sys/io.h patch.
* Fri Nov 07 2008 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.1-0.3.beta2
- PPC systems don't have sys/io.h
* Fri Nov 07 2008 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.1-0.2.beta2
- Update to 1.6.1 beta 2
* Wed Nov 05 2008 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.0.1-3
- Fix issue with init script giving wrong path to config file.
* Thu Oct 16 2008 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.0.1-2
- Explicitly require dahdi-tools-libs to see if we can get this to build.
* Fri Oct 10 2008 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.0-1
- Update to final release.
* Thu Sep 11 2008 - Bastien Nocera <bnocera@redhat.com> - 1.6.0-0.22.beta9
- Rebuild
* Wed Jul 30 2008 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.0-0.21.beta9
- Replace app_rxfax/app_txfax with app_fax taken from upstream SVN.
* Tue Jul 29 2008 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.0-0.20.beta9
- Bump release and rebuild with new libpri and zaptel.
* Fri Jul 25 2008 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.0-0.19.beta9
- Add patch pulled from upstream SVN that fixes AST-2008-010 and AST-2008-011.
* Fri Jul 25 2008 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.0-0.18.beta9
- Add patch for LDAP extracted from upstream SVN (#442011)
* Wed Jul 02 2008 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.0-0.17.beta9
- Add patch that unbreaks cdr_tds with FreeTDS 0.82.
- Properly obsolete conference subpackage.
* Thu Jun 12 2008 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.0-0.16.beta9
- Disable building cdr_tds since new FreeTDS in rawhide no longer provides needed library.
* Wed Jun 11 2008 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.0-0.15.beta9
- Bump release and rebuild to fix libtds breakage.
* Mon May 19 2008 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.0-0.14.beta9
- Update to 1.6.0-beta9.
- Update patches so that they apply cleanly.
- Temporarily disable app_conference patch as it doesn't compile
- config/scripts/postgres_cdr.sql has been merged into realtime_pgsql.sql
- Re-add the asterisk-strip.sh script as a source file.
* Tue Apr 22 2008 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.0-0.13.beta8
- Update to 1.6.0-beta8
- Contains fixes for AST-2008-006 / CVE-2008-1897
* Wed Apr 02 2008 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.0-0.12.beta7.1
- Return to stripped tarballs since there's more non-free content in
the Asterisk tarballs than I thought.
* Sun Mar 30 2008 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.0-0.11.beta7.1
- Update to 1.6.0-beta7.1
- Update patches
- Back out some changes that were made because beta7 was tagged from
the wrong branch.
* Fri Mar 28 2008 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.0-0.10.beta7
- Update to 1.6.0-beta7
- The Asterisk tarball no longer contains the iLBC code, so we can
directly use the upstream tarball without having to modify it.
- Get rid of the asterisk-strip.sh script since it's no longer needed.
- Diable build of codec_ilbc and format_ilbc (these do not contain any
legally suspect code so they can be included in the tarball but it's
pointless building them).
- Update chan_mobile patch to fix API breakages.
- Add a patch to chan_usbradio to fix API breakages.
* Thu Mar 27 2008 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.0-0.9.beta6
- Add Postgresql schemas from contrib as documentation to the Postgresql subpackage.
* Tue Mar 25 2008 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.0-0.8.beta6
- Update patches.
- Add patch to compile against external libedit rather than using the
in-tree version.
- Add -Werror-implicit-function-declaration to optflags.
- Get rid of hashtest and hashtest2 binaries that link to unfortified
versions of *printf functions. They are compiled with -O0 which
somehow pulls in the wrong versions. These programs aren't
necessary to the operation of the package anyway.
* Wed Mar 19 2008 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.0-0.6.beta6
- Update to 1.6.0-beta6 to fix some security issues.
-
- AST-2008-002 details two buffer overflows that were discovered in
- RTP codec payload type handling.
- * http://downloads.digium.com/pub/security/AST-2008-002.pdf
- * All users of SIP in Asterisk 1.4 and 1.6 are affected.
-
- AST-2008-003 details a vulnerability which allows an attacker to
- bypass SIP authentication and to make a call into the context
- specified in the general section of sip.conf.
- * http://downloads.digium.com/pub/security/AST-2008-003.pdf
- * All users of SIP in Asterisk 1.0, 1.2, 1.4, or 1.6 are affected.
-
- AST-2008-004 Logging messages displayed using the ast_verbose
- logging API call are not displayed as a character string, they are
- displayed as a format string.
- * http://downloads.digium.com/pub/security/AST-2008-004.pdf
-
- AST-2008-005 details a problem in the way manager IDs are caculated.
- * http://downloads.digium.com/pub/security/AST-2008-005.pdf
* Tue Mar 18 2008 Tom "spot" Callaway <tcallawa@redhat.com> - 1.6.0-0.5.beta5
- add Requires for versioned perl (libperl.so)
* Wed Mar 05 2008 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.0-0.4.beta5
- Update to 1.6.0-beta5
- Remove upstreamed patches.
* Mon Mar 03 2008 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.0-0.3.beta4
- Package the directory used to store monitor recordings.
* Tue Feb 26 2008 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.0-0.2.beta4
- Add patch from David Woodhouse that fixes building on PPC64.
* Tue Feb 26 2008 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.6.0-0.1.beta4
- Update to 1.6.0 beta 4
* Wed Feb 13 2008 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.18-1
- Update to 1.4.18.
- Use -march=i486 on i386 builds for atomic operations (GCC 4.3
compatibility).
- Use "logger reload" instead of "logger rotate" in logrotate file
(#432197).
- Don't explicitly specify a group in in the init script to prevent
Zaptel breakage (#426629).
- Split app_ices out to a separate package so that the ices package
can be required.
- pbx_kdeconsole has been dropped, don't specifically exclude it from
the build anymore.
- Update app_conference patch.
- Drop upstreamed libcap patch.
* Wed Jan 02 2008 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.17-1
- Update to 1.4.17 to fix AST-2008-001.
* Fri Dec 28 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.16.2-1
- Update to 1.4.16.2
* Sat Dec 22 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.16.1-2
- Bump release and rebuild to fix broken dep on uw-imap.
* Wed Dec 19 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.16.1-1
- Update to the real 1.4.16.1.
* Wed Dec 19 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.16-2
- Add patch to bring source up to version 1.4.16.1 which will be
released shortly to fix some crasher bugs introduced by 1.4.16.
* Tue Dec 18 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.16-1
- Update to 1.4.16 to fix security bug.
* Sat Dec 15 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.15-7
- Really, really fix the build problems on devel.
* Sat Dec 15 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.15-6
- Tweaks to get to build on x86_64
* Wed Dec 12 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.15-5
- Exclude PPC64
* Wed Dec 12 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.15-4
- Don't build apidocs by default since there's a problem building on x86_64.
* Tue Dec 11 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.15-3
- Really get rid of zero length map files.
* Mon Dec 10 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.15-2
- Get rid of zero length map files.
- Shorten descriptions of voicemail subpackages
* Fri Nov 30 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.15-1
- Update to 1.4.15
* Tue Nov 20 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.14-2
- Fix license and other rpmlint warnings.
* Mon Nov 19 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.14-1
- Update to 1.4.14
* Fri Nov 16 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.13-7
- Add chan_mobile
* Tue Nov 13 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.13-6
- Don't build cdr_sqlite because sqlite2 has been orphaned.
- Rebase local patches to latest upstream SVN
- Update app_conference patch to latest from upstream SVN
- Apply post-1.4.13 patches from upstream SVN
* Wed Oct 10 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.13-1
- Update to 1.4.13
* Tue Oct 09 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.12.1-1
- Update to 1.4.12.1
* Wed Aug 22 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.11-1
- Update to 1.4.11
* Fri Aug 10 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.10.1-1
- Update to 1.4.10.1.
* Tue Aug 07 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.10-1
- Update to 1.4.10 (security update).
* Tue Aug 07 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.9-7
- Add a patch that allows alternate extensions to be defined in users.conf
* Mon Aug 06 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.9-6
- Update app_conference patch. Enter/leave sounds are now possible.
* Fri Jul 27 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.9-5
- Update patches so we don't need to run auto* tools, because autoconf
2.60 is required and FC-6 and RHEL5 only have autoconf 2.59.
* Thu Jul 26 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.9-4
- Don't build app_mp3
* Wed Jul 25 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.9-3
- Add app_conference
* Wed Jul 25 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.9-2
- Use plain useradd/groupadd rather than the fedora-usermgmt
- Clean up requirements
- Clean up build requirements by moving them to package sections
* Tue Jul 24 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.9-1
- Update to 1.4.9
* Tue Jul 17 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.8-1
- Update to 1.4.8
- Drop ixjuser patch.
* Tue Jul 10 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.7.1-1
- Update to 1.4.7.1
* Mon Jul 09 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.7-1
- Update to 1.4.7
- RxFAX/TxFAX applications
* Sun Jul 01 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.6-4
- It's "sbin", not "bin" silly.
* Sat Jun 30 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.6-3
- Add patch that lets us change TOS bits even when running non-root
* Fri Jun 29 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.6-2
- voicemail needs to require /usr/bin/sox and /usr/bin/sendmail
* Fri Jun 29 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.6-1
- Update to 1.4.6
- Remove upstreamed patch.
* Thu Jun 21 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.5-10
- Build the IMAP and ODBC storage options of voicemail and split
voicemail out into subpackages.
- Apply patch so that the system UW IMAP libray can be linked against.
- Patch modules.conf.sample so that alternal voicemail modules don't
get loaded simultaneously.
- Link against system GSM library rather than internal copy.
- Patch the Makefile so that it doesn't add redundant/wrong compiler
options.
- Force building with the standard RPM optimization flags.
- Install the Asterisk MIB in a location that net-snmp can find it.
- Only package docs in the main package that are relevant and that
haven't been packaged by a subpackage.
- Other minor cleanups.
* Mon Jun 18 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.5-9
- Move sounds
* Mon Jun 18 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.5-8
- Update some more ownership/permissions
* Mon Jun 18 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.5-7
- Fix some permissions.
* Mon Jun 18 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.5-6
- Update init script patch
- Move pid file to subdir of /var/run
* Mon Jun 18 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.5-5
- Update init script patch to run as non-root
* Sun Jun 17 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.5-4
- Build modules that depend on FreeTDS.
- Don't build voicemail with ODBC storage.
* Sun Jun 17 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.5-3
- Have the build output the commands executing, rather than covering them up.
* Fri Jun 15 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.5-1
- Update to 1.4.5
- Remove upstreamed patch.
* Wed May 09 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.4-2
- Add a patch to fix CVE-2007-2488/ASA-2007-013
* Fri Apr 27 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.4-1
- Update to 1.4.4
* Wed Mar 21 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.2-1
- Update to 1.4.2
* Tue Mar 06 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.1-2
- Package the IAXy firmware
- Minor clean-ups in files
* Mon Mar 05 2007 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.1-1
- Update to 1.4.1
- Don't build/package codec_zap (zaptel 1.4.0 doesn't support it)
* Fri Dec 15 2006 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.0-6.beta4
- Update to 1.4.0-beta4
- Various cleanups.
* Fri Oct 20 2006 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.0-5.beta3
- Don't package IAXy firmware because of license
- Don't build app_rpt
- Don't BR lm_sensors on PPC
- Better way to prevent download/installation of sound archives
- Redo tarball to eliminate non-free items
* Thu Oct 19 2006 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.0-4.beta3
- Remove explicit dependency on glibc-kernheaders.
- Build jabber modules on PPC
* Wed Oct 18 2006 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.0-3.beta3
- *Really* update to beta3
- chan_jingle has been taken out of 1.4
- Move misplaced binaries to where they should be
* Wed Oct 18 2006 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.0-2.beta3
- Remove requirement on asterisk-sounds-core until licensing can be
figured out.
* Wed Oct 18 2006 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.0-1.beta3
- Update to 1.4.0-beta3
* Sun Oct 15 2006 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.4.0-0.beta2
- Update to 1.4.0-beta2
* Tue Jul 25 2006 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.2.10-1
- Update to 1.2.10.
* Wed Jun 07 2006 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.2.9.1
- Update to 1.2.9.1
* Fri Jun 02 2006 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.2.8
- Update to 1.2.8
- Add misdn.conf to list of configs.
- Drop chan_bluetooth patch for now...
* Tue May 02 2006 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.2.7.1-6
- Zaptel subpackage shouldn't obsolete the sqlite subpackage.
- Remove mISDN until build issues can be figured out.
* Mon Apr 24 2006 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.2.7.1-5
- Build mISDN channel drivers, modelled after spec file from David Woodhouse
* Thu Apr 20 2006 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.2.7.1-4
- Update chan_bluetooth patch with some additional information as to
it's source and comment out more in the configuration file.
* Thu Apr 20 2006 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.2.7.1-3
- Add chan_bluetooth
* Wed Apr 19 2006 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.2.7.1-2
- Split off more stuff into subpackages.
* Wed Apr 12 2006 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.2.7-1
- Update to 1.2.7
* Mon Apr 10 2006 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.2.6-3
- Fix detection of libpri on 64 bit arches (taken from Matthias Saou's rpmforge package)
- Change sqlite subpackage name to sqlite2 (there are sqlite3 modules in development).
* Thu Apr 06 2006 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.2.6-2
- Don't build GTK 1.X console since GTK 1.X is being moved out of core...
* Mon Mar 27 2006 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.2.6-1
- Update to 1.2.6
* Mon Mar 06 2006 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.2.5-1
- Update to 1.2.5.
- Removed upstreamed MOH patch.
- Add full urls to the app_(r|t)xfax.c sources.
- Update spandsp patch.
* Mon Feb 13 2006 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.2.4-4
- Actually apply the patch.
* Mon Feb 13 2006 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.2.4-3
- Add patch to keep Asterisk from crashing when using MOH inside a MeetMe conference.
* Mon Feb 06 2006 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.2.4-2
- BR sqlite2-devel
* Tue Jan 31 2006 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.2.4-1
- Update to 1.2.4.
* Wed Jan 25 2006 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.2.3-4
- Took some tricks from Asterisk packages by Roy-Magne Mo.
- Enable gtk console module.
- BR gtk+-devel.
- Add logrotate script.
- BR sqlite2-devel and new sqlite subpackage.
- BR doxygen and graphviz for building duxygen documentation. (But don't build it yet.)
* Wed Jan 25 2006 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.2.3-3
- Completely eliminate the "asterisk" user from the spec file.
- Move more config files to subpackages.
- Consolidate two patches that patch the init script.
- BR curl-devel
- BR alsa-lib-devel
- alsa, curl, oss subpackages
* Wed Jan 25 2006 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.2.3-2
- Do not run as user "asterisk" as that prevents setting of IP TOS (which is bad for quality of service).
- Add patch for setting TOS separately for SIP and RTP packets.
* Wed Jan 25 2006 Jeffrey C. Ollie <jeff@ocjtech.us> - 1.2.3-1
- First version for Fedora Extras.
|
