Posts Tagged rtp
Asterisk 1.8.8.0 Now Available
Asterisk The Open Source PBX & Telephony Platform
The Asterisk Development Team is pleased to announce the release of Asterisk 1.8.8.0. This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/
The release of Asterisk 1.8.8.0 resolves several issues reported by the community and would have not been possible without your participation.
Thank you!
The following is a sample of the issues resolved in this release:
- Updated SIP 484 handling; added Incomplete control frame
When a SIP phone uses the dial application and receives a 484 Address Incomplete response, if overlapped dialing is enabled for SIP, then the 484 Address Incomplete is forwarded back to the SIP phone and the HANGUPCAUSE channel variable is set to 28. Previously, the Incomplete application dialplan logic was automatically triggered; now, explicit dialplan usage of the application is required.
(Closes ASTERISK-17288. Reported by: Mikael Carlsson Tested by: Matthew Jordan Review: https://reviewboard.asterisk.org/r/1416/) - Prevent IAX2 from getting IPv6 addresses via DNS IAX2 does not support IPv6 and getting such addresses from DNS can cause error messages on the remote end involving bad IPv4 address casts in the presence of IPv6/IPv4 tunnels.
(Closes issue ASTERISK-18090. Patched by Kinsey Moore) - Fix bad RTP media bridges in directmedia calls on peers separated by multiple Asterisk nodes.
(Closes issue ASTERISK-18340. Reported by: Thomas Arimont. Closes issue ASTERISK-17725. Reported by: kwk. Tested by: twilson, jrose) - Fix crashes in ast_rtcp_write()
(Closes issue ASTERISK-18570)
Related issues that look like they are the same problem:
(Issue ASTERISK-17560, ASTERISK-15406, ASTERISK-15257, ASTERISK-13334, ASTERISK-9977, ASTERISK-9716)
Review: https://reviewboard.asterisk.org/r/1444/
Patched by: Russell Bryant - Fix for incorrect voicemail duration in external notifications.
This patch fixes an issue where the voicemail duration was being reported with a duration significantly less than the actual sound file duration.
(Closes ASTERISK-16981. Reported by: Mary Ciuciu, Byron Clark, Brad House, Karsten Wemheuer, KevinH Tested by: Matt Jordan
Review: https://reviewboard.asterisk.org/r/1443) - Prevent segfault if call arrives before Asterisk is fully booted.
(Patched by alecdavis. https://reviewboard.asterisk.org/r/1407/) - Fix remote Crash Vulnerability in SIP channel driver (AST-2011-012)
http://downloads.asterisk.org/pub/security/AST-2011-012.pdf
- Fix locking order in app_queue.c which caused deadlocks
(Closes issue ASTERISK-18101. Reported by Paul Rolfe, patched by Gregory Nietsky)
(Closes issue ASTERISK-18487. Reported by Jason Legault, patched by Gregory Nietsky) - Fix regression in configure script for libpri capability checks
(Closes issue ASTERISK-18687. Reported by norbert, patched by Richard Mudgett) - Prevent BLF subscriptions from causing deadlocks.
(Closes issue ASTERISK-18663)
Review: https://reviewboard.asterisk.org/r/1563/ - Fix deadlock if peer is destroyed while sending MWI notice.
(Closes issue ASTERISK-18747)
Reported by: Gregory Hinton Nietsky - Fix issue with setting defaultenabled on categories that are already enabled by default.
(Closes issue ASTERISK-18738)
Reported by: Paul Belanger - Don’t crash on INFO automon request with no channel AST-2011-014. When automon was enabled in features.conf, it was possible to crash Asterisk by sending an INFO request if no channel had been created yet.
- Fixed crash from orphaned MWI subscriptions in chan_sip This patch resolves the issue where MWI subscriptions are orphaned by subsequent SIP SUBSCRIBE messages.
- Default to nat=yes; warn when nat in general and peer differ AST-2011-013. It is possible to enumerate SIP usernames when the general and user/peer nat settings differ in whether to respond to the port a request is sent from or the port listed for responses in the Via header. In 1.4 and
For a full list of changes in this release, please see the ChangeLog:
Thank you for your continued support of Asterisk!
Asterisk 1.8.8.0-rc1 Now Available
Posted by admin in asterisk, Release Candidates, sip on October 6, 2011
Asterisk The Open Source PBX & Telephony Platform
The Asterisk Development Team announces the first release candidate of Asterisk 1.8.8.0. This release candidate is available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/
The release of Asterisk 1.8.8.0-rc1 resolves several issues reported by the community and would have not been possible without your participation.
Thank you!
The following is a sample of the issues resolved in this release candidate:
- Updated SIP 484 handling; added Incomplete control frame When a SIP phone uses the dial application and receives a 484 Address
Incomplete response, if overlapped dialing is enabled for SIP, then the 484 Address Incomplete is forwarded back to the SIP phone and the HANGUPCAUSE channel variable is set to 28. Previously, the Incomplete application dialplan logic was automatically triggered; now, explicit dialplan usage of the application is required.
(Closes ASTERISK-17288. Reported by: Mikael Carlsson Tested by: Matthew Jordan Review: https://reviewboard.asterisk.org/r/1416/) - Prevent IAX2 from getting IPv6 addresses via DNS IAX2 does not support IPv6 and getting such addresses from DNS can cause error messages on the remote end involving bad IPv4 address casts in the presence of IPv6/IPv4 tunnels.
(Closes issue ASTERISK-18090. Patched by Kinsey Moore) - Fix bad RTP media bridges in directmedia calls on peers separated by multiple Asterisk nodes.
(Closes issue ASTERISK-18340. Reported by: Thomas Arimont. Closes issue ASTERISK-17725. Reported by: kwk. Tested by: twilson, jrose) - Fix crashes in ast_rtcp_write()
(Closes issue ASTERISK-18570)
Related issues that look like they are the same problem:
(Issue ASTERISK-17560, ASTERISK-15406, ASTERISK-15257, ASTERISK-13334, ASTERISK-9977, ASTERISK-9716)
Review: https://reviewboard.asterisk.org/r/1444/
Patched by: Russell Bryant - Fix for incorrect voicemail duration in external notifications. This patch fixes an issue where the voicemail duration was being reported with a duration significantly less than the actual sound file duration.
(Closes ASTERISK-16981. Reported by: Mary Ciuciu, Byron Clark, Brad House, Karsten Wemheuer, KevinH Tested by: Matt Jordan
Review: https://reviewboard.asterisk.org/r/1443) - Prevent segfault if call arrives before Asterisk is fully booted.
(Patched by alecdavis. https://reviewboard.asterisk.org/r/1407/)
For a full list of changes in this release candidate, please see the ChangeLog:
Thank you for your continued support of Asterisk!
Asterisk 1.8.0-Beta2 Now Available
Posted by admin in asterisk, Release Candidates on July 27, 2010
Asterisk The Open Source PBX & Telephony Platform
The Asterisk Development Team has announced the release of Asterisk 1.8.0-beta2.
This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/
All interested users of Asterisk are encouraged to participate in the 1.8 testing process. Please report any issues found to the issue tracker, http://issues.asterisk.org/. It is also very useful to see successful test reports. Please post those to the asterisk-dev mailing list.
Asterisk 1.8 is the next major release series of Asterisk. It will be a Long Term Support (LTS) release, similar to Asterisk 1.4. For more information about support time lines for Asterisk releases, see the Asterisk versions page.
http://www.asterisk.org/asterisk-versions
This release contains fixes since the last beta release as reported by the community. Some of the changes include:
- Remove duplicate -c flag when using $(INSTALL)
(Closes issue #17695. Reported, patched by pabelanger) - Don’t re-register CDR module on reload.
(Closes issue #17304. Reported, tested by jnemeth. Patched by tilghman) - Don’t assume qlog is open.
(Closes issue #17704. Reported, tested by vrban. Patched by pabelanger) - Expand the correct value within AST_OPTION_ONLY.
(Closes issue #17703. Reported by stuarth. Patched by seanbright) - Allow for systems without locale support to be usable.
(Closes issue #17697. Reported, patched by pprindeville. Tested by mmichelson) - Fixes for sounds/Makefile to install on systems using older GNU make.
(Closes issue #17716. Reported by farisraouf. Patched by tilghman, qwell, seanbright) - Update logger.conf.sample to include documentation about new ‘fax’ logger level.
(Closes issue #17715. Reported, tested by vrban. Patched by pabelanger)
Asterisk 1.8 contains many new features over previous releases of Asterisk.
A short list of included features includes:
- Secure RTP
- IPv6 Support
- Connected Party Identification Support
- Calendaring Integration
- A new call logging system, Channel Event Logging (CEL)
- Distributed Device State using Jabber/XMPP PubSub
- Call Completion Supplementary Services support
- Advice of Charge support
- Much, much more!
A full list of new features can be found in the CHANGES file.
http://svn.digium.com/view/asterisk/branches/1.8/CHANGES?view=checkout
For a full list of changes in the current release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.0-beta2
Thank you for your continued support of Asterisk!
Asterisk 1.6.2.8 Now Available
Asterisk The Open Source PBX & Telephony Platform
The Asterisk Development Team has announced the release of Asterisk 1.6.2.8. This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/
The release of Asterisk 1.6.2.8 resolves several issues reported by the community, and would have not been possible without your participation.
Thank you!
The following are a few of the issues resolved by community developers:
- Enable auto complete for CLI command ‘logger set level’.
(Closes issue #17152. Reported, patched by pabelanger) - Make the mixmonitor thread process audio frames faster.
(Closes issue #17078. Reported, tested by geoff2010. Patched by dhubbard) - Add missing ‘useragent’ field to sip-friends.sql file.
(Closes issue #17171. Reported, patched by thehar) - Add example dialplan for dialing ISN numbers (http://www.freenum.org)
(Closes issue #17058. Reported, patched by pprindeville) - Fix issue with double “sip:” in header field.
(Closes issue #15847. Reported, patched by ebroad) - Add ability to generate ASCII documentation from the TeX files by running ‘make asterisk.txt’.
(Closes issue #17220. Reported by lmadsen. Tested, patched by pabelanger) - When StopMonitor() is called, ensure that it will not be restarted by a channel event.
- Small error in the T.140 RTP port verbose log.
(Closes issue #16998. Reported, patched by frawd. Tested by russell)
(Closes issue #16590. Reported, patched by kkm)
For a full list of changes in the current release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.8
Thank you for your continued support of Asterisk!
Asterisk Security Advisory – AST-2009-004
Posted by admin in asterisk, Asterisk Security Advisories, Security Advisories on August 3, 2009
Asterisk The Open Source PBX & Telephony Platform
Asterisk Project Security Advisory – AST-2009-004
An attacker can cause Asterisk to crash remotely by sending malformed RTP text frames. While the attacker can cause Asterisk to crash, he cannot execute arbitrary remote code with this exploit.
Users should upgrade to a version listed in the “Corrected In” section below.
|
Product |
Asterisk |
|
Summary |
Remote Crash Vulnerability in RTP stack |
|
Nature of Advisory |
Exploitable Crash |
|
Susceptibility |
Remote unauthenticated sessions |
|
Severity |
Critical |
|
Exploits Known |
No |
|
Reported On |
July 27, 2009 |
|
Reported By |
Marcus Hunger <hunger AT sipgate DOT de> |
|
Posted On |
August 2, 2009 |
|
Last Updated On |
August 2, 2009 |
|
Advisory Contact |
Mark Michelson <mmichelson AT digium DOT com> |
|
CVE Name |
Asterisk 1.6.0.11-rc2, 1.6.1.2, 1.6.1.3-rc1, and 1.6.2.0-beta4 Release Announcement
Posted by admin in asterisk, Asterisk Security Advisories, Release Candidates, Releases, Security Advisories, t.38 on August 3, 2009
Asterisk The Open Source PBX & Telephony Platform
The Asterisk Development Team is pleased to announce the the second release candidate of 1.6.0.11, the release of 1.6.1.2, the first release candidate of 1.6.1.3, and the fourth beta of 1.6.2.0. These releases are available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/.
The release of 1.6.1.2 fixes a remote crash security vulnerability in the RTP stack. The related security advisory AST-2009-004 has been released along with this announcement. Please read that advisory for more information.
The release candidates and betas, in addition to other fixes, contain a major re-work of the T.38 support in Asterisk. If you’ve been having trouble with T.38 in the 1.6 series, you are strongly encouraged to try one of these release candidates to determine if these changes fixed your T.38 issues.
