Posts Tagged 1.6.1
Asterisk 1.6.0.22, Asterisk 1.6.1.14, Asterisk 1.6.2.2 Released
Posted by admin in Asterisk Security Advisories, Releases, Security Advisories, asterisk, sip, t.38 on February 2, 2010
Asterisk The Open Source PBX & Telephony Platform
The Asterisk Development Team has announced security releases for Asterisk as the following versions:
These releases are available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/
The releases of Asterisk 1.6.0.22, 1.6.1.14, and 1.6.2.2 include the fix described in security advisory AST-2010-001.
The issue is that an attacker attempting to negotiate T.38 over SIP can remotely crash Asterisk by modifying the FaxMaxDatagram field of the SDP to contain either a negative or exceptionally large value. The same crash will occur when the FaxMaxDatagram field is omitted from the SDP, as well.
For more information about the details of this vulnerability, please read the security advisory AST-2010-001, which was released at the same time as this announcement.
For a full list of changes in the current releases, please see the ChangeLog:
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.0.22
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.1.14
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.2
Security advisory AST-2010-001 is available at:
http://asterisk.net.ru/en/2010/02/03/asterisk-security-advisory-ast-2010-001-t-38-remote-crash-vulnerability/
Thank you for your continued support of Asterisk!
Asterisk 1.6.1.13 Now Available
Asterisk The Open Source PBX & Telephony Platform
The Asterisk Development Team has announced the release of Asterisk 1.6.1.13.
This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/
The release of Asterisk 1.6.1.13 resolved several issues reported by the community, and would have not been possible without your participation. Thank you!
- Restarts busydetector (if enabled) when DTMF is received after call is bridged
(Closes issue #16389. Reported, Tested, Patched by alecdavis.) - Send parking lot announcement to the channel which parked the call, not the park-ee.
(Closes issue #16234. Reported, Tested by yeshuawatso. Patched by tilghman.) - When the field is blank, don’t warn about the field being unable to be coerced just skip the column.
(Closes http://lists.digium.com/pipermail/asterisk-dev/2009-December/041362.html)
Reported by Nic Colledge on the -dev list.) - Don’t queue frames to channels that have no means to process them.
(Closes issue #15609. Reported, Tested by aragon. Patched by tilghman.) - Fixes holdtime playback issue in app_queue.
(Closes issue #16168. Reported, Patched by nickilo. Tested by wonderg, nickilo.)
A summary of changes in this release can be found in the release summary:
http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-1.6.1.13-summary.txt
For a full list of changes in this releases, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.1.13
Thank you for your continued support of Asterisk!
Read the rest of this entry »
Asterisk 1.4.29-rc1, Asterisk 1.6.0.21-rc1, Asterisk 1.6.1.13-rc1, Asterisk 1.6.2.1-rc1 Released
Posted by admin in Release Candidates, asterisk on January 11, 2010
Asterisk The Open Source PBX & Telephony Platform
The Asterisk Development Team has announced release candidates (RC1) for Asterisk versions 1.4.29, 1.6.0.21, 1.6.1.13, and 1.6.2.1. These release candidates are available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/
The release candidates address issues that were reported by the community and resolved since the last round of bug fix releases.
For a full list of changes in the current release candidates, please see the ChangeLogs:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.4.29-rc1
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.0.21-rc1
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.1.13-rc1
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.1-rc1
For a summary of the issues found in these release candidates, please see the summary files:
http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-1.4.29-rc1-summary.html
http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-1.6.0.21-rc1-summary.html
http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-1.6.1.13-rc1-summary.html
http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-1.6.2.1-rc1-summary.html
Issues found in any of these release candidates should be reported to the Asterisk issue tracker at http://issues.asterisk.org
Thank you for your continued support of Asterisk!
Read the rest of this entry »
Asterisk 1.4.27, Asterisk 1.6.0.18 and Asterisk 1.6.1.10 released
Asterisk The Open Source PBX & Telephony Platform
The Asterisk Development Team is pleased to announce the release of Asterisk 1.4.27, 1.6.0.18, and 1.6.1.10. These releases are available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/
These releases resolve a large assortment of issues reported by the community.
For a summary of the changes in these releases, please see the release summaries:
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/asterisk-1.4.27-summary.html
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/asterisk-1.6.0.18-summary.html
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/asterisk-1.6.1.10-summary.html
For a full list of changes in these releases, please see the ChangeLogs:
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.4.27
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.0.18
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.1.10
The following non-exhaustive list of issues were resolved with the participation of the community, and this release would not have been possible without your help!
- Seg fault in chan_local – local_pvt_destroy
(closes issue #15314. Reported by sroberts. Tested by davidw, lottc. Patch by davidw.) - T.38 reinvite started from Asterisk
(closes issue #15373. Reported by dcolombo. Tested by dcolombo, mbrancaleoni. Patch by mbrancaleoni.) - manager keeps creating /tmp/ast-ami-XXXXXX files (without deleting) when a single manager client remains logged in
(closes issue #15730. Reported by zmehmood. Tested by zmehmood. Patch by junky.) - BASE64_DECODE() adds garbage end end of decoded string
(closes issue #15271. Reported by chappell. Tested by kobaz. Patch by chappell.) - Fix ExternalIVR Documentation in 1.4
(closes issue #16220. Reported and patched by thedavidfactor.)
Thank you for your continued support of Asterisk!
Read the rest of this entry »
Asterisk 1.4.27-rc3, Asterisk 1.6.0.18-rc1, Asterisk 1.6.1.10-rc1, and Asterisk 1.6.2.0-rc4 released
Asterisk The Open Source PBX & Telephony Platform
The Asterisk Development Team has announced the next set of Asterisk release candidates for versions 1.4.27, 1.6.0.18, 1.6.1.10, and 1.6.2.0. These release candidates are available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/
The release candidates address issues that were reported by the community and resolved since the last round of bug fix releases. The currently available release candidate versions are 1.4.27-rc3, 1.6.0.18-rc1, 1.6.1.10-rc1, and 1.6.2.0-rc4.
Please note that that 1.6.0.18-rc1 is a continuation of bug fixes since 1.6.0.16-rc2. 1.6.0.17 was released as a security release based on 1.6.0.15.
Asterisk 1.6.1.10-rc1 is a continuation of bug fixes since 1.6.1.7-rc2 as versions 1.6.1.8 and 1.6.1.9 were security releases for the 1.6.1 branch.
These release candidates include bug fixes along with the recently released security fixes.
Read the rest of this entry »
Asterisk 1.6.0.14-rc1 and Asterisk 1.6.1.5-rc1 released
Posted by admin in Release Candidates, asterisk, t.38 on August 20, 2009
Asterisk The Open Source PBX & Telephony Platform
The Asterisk Development Team has announced release candidates for Asterisk versions 1.6.0.14 and 1.6.1.5. The release candidates 1.6.0.14-rc1 and 1.6.1.5-rc1 are available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/
This release fixes several community reported issues, including those related to T.38 (issues #15649, #15610).
For a full list of changes in this release candidate, please see the ChangeLogs:
http://svn.asterisk.org/svn/asterisk/tags/1.6.0.14-rc1/ChangeLog
http://svn.asterisk.org/svn/asterisk/tags/1.6.1.5-rc1/ChangeLog
Issues found in any release candidate can be reported at https://issues.asterisk.org
Thank you for your continued support of Asterisk!
Asterisk 1.2.34, Asterisk 1.4.26.1, Asterisk 1.6.0.13, and Asterisk 1.6.1.4 released
Posted by admin in Asterisk Security Advisories, Releases, Security Advisories, asterisk on August 11, 2009
Asterisk The Open Source PBX & Telephony Platform
The Asterisk Development Team is pleased to announce the releases of 1.2.34, 1.4.26.1, 1.6.0.13, and 1.6.1.4. These releases are available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/
The release of 1.6.1.4 fixes a remote crash security vulnerability in the SIP stack. Although this crash was not demonstrated in any other version, the details of the vulnerability suggested the possibility that related attacks might be possible in the future. We therefore opted to release new versions of all current releases with these fixes applied. For more information about the details of this vulnerability, please read the security advisory AST-2009-005, which was released at the same time as this announcement.
In addition, Asterisk users may notice that we skipped the version numbers 1.6.0.11 and 1.6.1.3. This was intentional, in an effort to avoid confusion about what a particular release contains. Both of those version numbers had candidates for releases made, so backtracking on those changes in a release with the same version number might be confusing. Those release candidates will be reissued with additional bugfixes, as 1.6.0.14-rc1 and 1.6.1.5-rc1, respectively.
For a full list of changes in the current releases, please see the ChangeLogs:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.2.34
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.4.26.1
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.0.13
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.1.4
Thank you for your continued support of Asterisk!
Asterisk 1.6.0.11-rc2, 1.6.1.2, 1.6.1.3-rc1, and 1.6.2.0-beta4 Release Announcement
Posted by admin in Asterisk Security Advisories, Release Candidates, Releases, Security Advisories, asterisk, t.38 on August 3, 2009
Asterisk The Open Source PBX & Telephony Platform
The Asterisk Development Team is pleased to announce the the second release candidate of 1.6.0.11, the release of 1.6.1.2, the first release candidate of 1.6.1.3, and the fourth beta of 1.6.2.0. These releases are available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/.
The release of 1.6.1.2 fixes a remote crash security vulnerability in the RTP stack. The related security advisory AST-2009-004 has been released along with this announcement. Please read that advisory for more information.
The release candidates and betas, in addition to other fixes, contain a major re-work of the T.38 support in Asterisk. If you’ve been having trouble with T.38 in the 1.6 series, you are strongly encouraged to try one of these release candidates to determine if these changes fixed your T.38 issues.
Asterisk-Addons 1.4.9, 1.6.0.3, and 1.6.1.1 released
Posted by admin in Releases, asterisk addons on July 24, 2009
The Asterisk Development Team has announced several Asterisk-Addons releases, including Asterisk-Addons 1.4.9, 1.6.0.3, and 1.6.1.1. These releases are available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/
These releases are an incremental release after some community reported issues were resolved, primarily in the MySQL and chan_mobile realms.
- Using chan_local with chan_mobile (issue #15299, affects all 1.6.x versions)
- Don’t reset a reconnect time unless a reconnect really occurred (issue #15375, affects all versions)
For a full list of changes in these releases, please see the ChangeLogs:
http://svn.asterisk.org/svn/asterisk-addons/tags/1.4.9/ChangeLog
http://svn.asterisk.org/svn/asterisk-addons/tags/1.6.0.3/ChangeLog
http://svn.asterisk.org/svn/asterisk-addons/tags/1.6.1.1/ChangeLog
Thank you for your continued support of Asterisk!
Asterisk-Addons 1.4.9-rc1, 1.6.0.3-rc2, 1.6.1.1-rc2, and 1.6.2.0-rc1 released
Posted by admin in asterisk addons on July 14, 2009
The Asterisk Development Team has announced several Asterisk-Addons release candidates, including Asterisk-Addons 1.4.9-rc1, 1.6.0.3-rc2, 1.6.1.1-rc2, and 1.6.2.0-rc1. The release candidates are available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/
These releases are an incremental release after some community reported issues were resolved, primarily in the MySQL and chan_mobile realms.
- Using chan_local with chan_mobile (issue #15299, affects all 1.6.x versions)
- Don’t reset a reconnect time unless a reconnect really occurred (issue #15375, affects all versions)
For a full list of changes in this release candidate, please see the ChangeLogs:
http://svn.asterisk.org/svn/asterisk-addons/tags/1.4.9-rc1/ChangeLog
http://svn.asterisk.org/svn/asterisk-addons/tags/1.4.9-rc1/ChangeLog
http://svn.asterisk.org/svn/asterisk-addons/tags/1.6.1.1-rc2/ChangeLog
http://svn.asterisk.org/svn/asterisk-addons/tags/1.6.2.0-rc1/ChangeLog
Issues found in any release candidate can be reported at:
https://issues.asterisk.org
Thank you for your continued support of Asterisk!
