Update for 18.2.1

.version

-18.2.0
\ No newline at end of file
+18.2.1
\ No newline at end of file

ChangeLog

+2021-02-18 16:50 +0000  Asterisk Development Team <asteriskteam@digium.com>
+
+	* asterisk 18.2.1 Released.
+
+2021-02-01 15:24 +0000 [2784c444a4]  Kevin Harwell <kharwell@sangoma.com>
+
+	* AST-2021-002: Remote crash possible when negotiating T.38
+
+	  When an endpoint requests to re-negotiate for fax and the incoming
+	  re-invite is received prior to Asterisk sending out the 200 OK for
+	  the initial invite the re-invite gets delayed. When Asterisk does
+	  finally send the re-inivite the SDP includes streams for both audio
+	  and T.38.
+
+	  This happens because when the pending topology and active topologies
+	  differ (pending stream is not in the active) in the delayed scenario
+	  the pending stream is appended to the active topology. However, in
+	  the fax case the pending stream should replace the active.
+
+	  This patch makes it so when a delay occurs during fax negotiation,
+	  to or from, the audio stream is replaced by the T.38 stream, or vice
+	  versa instead of being appended.
+
+	  Further when Asterisk sent the re-invite with both audio and T.38,
+	  and the endpoint responded with a declined T.38 stream then Asterisk
+	  would crash when attempting to change the T.38 state.
+
+	  This patch also puts in a check that ensures the media state has a
+	  valid fax session (associated udptl object) before changing the
+	  T.38 state internally.
+
+	  ASTERISK-29203 #close
+
+	  Change-Id: I407f4fa58651255b6a9030d34fd6578cf65ccf09
+
+2021-01-26 11:09 +0000 [0c25e4576f]  Alexander Traud <pabstraud@compuserve.com>
+
+	* rtp:  Enable srtp replay protection
+
+	  Add option "srtpreplayprotection" rtp.conf to enable srtp
+	  replay protection.
+
+	  ASTERISK-29260
+	  Reported by: Alexander Traud
+
+	  Change-Id: I5cd346e3c6b6812039d1901aa4b7be688173b458
+
+2020-12-28 06:43 +0000 [56bc4cf0a6]  Ivan Poddubnyi <ivan.poddubny@gmail.com>
+
+	* res_pjsip_diversion: Fix adding more than one histinfo to Supported
+
+	  New responses sent within a PJSIP sessions are based on those that were
+	  sent before. Therefore, adding/modifying a header once causes it to be
+	  sent on all responses that follow.
+
+	  Sending 181 Call Is Being Forwarded many times first adds "histinfo"
+	  duplicated more and more, and eventually overflows past the array
+	  boundary.
+
+	  This commit adds a check preventing adding "histinfo" more than once,
+	  and skipping it if there is no more space in the header.
+
+	  Similar overflow situations can also occur in res_pjsip_path and
+	  res_pjsip_outbound_registration so those were also modified to
+	  check the bounds and suppress duplicate Supported values.
+
+	  ASTERISK-29227
+	  Reported by: Ivan Poddubny
+
+	  Change-Id: Id43704a1f1a0293e35cc7f844026f0b04f2ac322
+
+2020-12-11 14:49 +0000 [076c18e7a2]  Sean Bright <sean.bright@gmail.com>
+
+	* res_rtp_asterisk.c: Fix signed mismatch that leads to overflow
+
+	  ASTERISK-29205 #close
+
+	  Change-Id: Ib7aa65644e8df76e2378d7613ee7cf751b9d0bea
+
+2021-02-05 05:26 +0000 [239573734a]  Joshua C. Colp <jcolp@sangoma.com>
+
+	* pjsip: Make modify_local_offer2 tolerate previous failed SDP.
+
+	  If a remote side is broken and sends an SDP that can not be
+	  negotiated the call will be torn down but there is a window
+	  where a second 183 Session Progress or 200 OK that is forked
+	  can be received that also attempts to negotiate SDP. Since
+	  the code marked the SDP negotiation as being done and complete
+	  prior to this it assumes that there is an active local and remote
+	  SDP which it can modify, while in fact there is not as the SDP
+	  did not successfully negotiate. Since there is no local or remote
+	  SDP a crash occurs.
+
+	  This patch changes the pjmedia_sdp_neg_modify_local_offer2
+	  function to no longer assume that a previous SDP negotiation
+	  was successful.
+
+	  ASTERISK-29196
+
+	  Change-Id: I22de45916d3b05fdc2a67da92b3a38271ee5949e
+
 2021-01-21 16:33 +0000  Asterisk Development Team <asteriskteam@digium.com>
 	* asterisk 18.2.0 Released.

asterisk-18.2.1-summary.html

+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><title>Release Summary - asterisk-18.2.1</title><h1 align="center"><a name="top">Release Summary</a></h1><h3 align="center">asterisk-18.2.1</h3><h3 align="center">Date: 2021-02-18</h3><h3 align="center">&lt;asteriskteam@digium.com&gt;</h3><hr><h2 align="center">Table of Contents</h2><ol>
+<li><a href="#summary">Summary</a></li>
+<li><a href="#contributors">Contributors</a></li>
+<li><a href="#closed_issues">Closed Issues</a></li>
+<li><a href="#diffstat">Diffstat</a></li>
+</ol><hr><a name="summary"><h2 align="center">Summary</h2></a><center><a href="#top">[Back to Top]</a></center><p>This release has been made to address one or more security vulnerabilities that have been identified. A security advisory document has been published for each vulnerability that includes additional information. Users of versions of Asterisk that are affected are strongly encouraged to review the advisories and determine what action they should take to protect their systems from these issues.</p><p>Security Advisories:</p><ul>
+<li><a href="http://downloads.asterisk.org/pub/security/AST-2021-001,AST-2021-002,AST-2021-003,AST-2021-004,AST-2021-005.html">AST-2021-001,AST-2021-002,AST-2021-003,AST-2021-004,AST-2021-005</a></li>
+</ul><p>The data in this summary reflects changes that have been made since the previous release, asterisk-18.2.0.</p><hr><a name="contributors"><h2 align="center">Contributors</h2></a><center><a href="#top">[Back to Top]</a></center><p>This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.</p><table width="100%" border="0">
+<tr><th width="33%">Coders</th><th width="33%">Testers</th><th width="33%">Reporters</th></tr>
+<tr valign="top"><td width="33%">1 Ivan Poddubnyi <ivan.poddubny@gmail.com><br/>1 Sean Bright <sean.bright@gmail.com><br/>1 Kevin Harwell <kharwell@sangoma.com><br/>1 Alexander Traud <pabstraud@compuserve.com><br/>1 Joshua C. Colp <jcolp@sangoma.com><br/></td><td width="33%"><td width="33%">1 Mauri de Souza Meneguzzo (3CPlus) <mauri.nunes@fluxoti.com><br/>1 Ivan Poddubny<br/>1 Ivan Poddubny <ivan.poddubny@gmail.com><br/>1 Edvin Vidmar <edvinvidmar@hotmail.com><br/>1 Alexander Traud <pabstraud@compuserve.com><br/>1 Gregory Massel <greg@csurf.co.za><br/>1 Alexander Traud<br/></td></tr>
+</table><hr><a name="closed_issues"><h2 align="center">Closed Issues</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all issues from the issue tracker that were closed by changes that went into this release.</p><h3>Security</h3><h4>Category: Resources/res_srtp</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29260">ASTERISK-29260</a>: sRTP Replay Protection ignored; even tears down long calls<br/>Reported by: Alexander Traud<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=0c25e4576fe6bfe47bc74839c10ed1870e0edd8f">[0c25e4576f]</a> Alexander Traud -- rtp:  Enable srtp replay protection</li>
+</ul><br><h4>Category: pjproject/pjsip</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29227">ASTERISK-29227</a>: res_pjsip_diversion: sending multiple 181 responses causes memory corruption and crash<br/>Reported by: Ivan Poddubny<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=56bc4cf0a6cf74ef14edcdcb80eb3d9cc0f30eda">[56bc4cf0a6]</a> Ivan Poddubnyi -- res_pjsip_diversion: Fix adding more than one histinfo to Supported</li>
+</ul><br><h3>Bug</h3><h4>Category: Resources/res_pjsip</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29196">ASTERISK-29196</a>: res_pjsip: Segmentation fault<br/>Reported by: Mauri de Souza Meneguzzo (3CPlus)<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=239573734a8a5f79c9ed1fabcdb330b3f275d7e1">[239573734a]</a> Joshua C. Colp -- pjsip: Make modify_local_offer2 tolerate previous failed SDP.</li>
+</ul><br><h4>Category: Resources/res_pjsip_session</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29203">ASTERISK-29203</a>: res_pjsip_t38: Crash when changing state<br/>Reported by: Gregory Massel<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=2784c444a408e130232778eb4bd945c0a6187acc">[2784c444a4]</a> Kevin Harwell -- AST-2021-002: Remote crash possible when negotiating T.38</li>
+</ul><br><h4>Category: Resources/res_pjsip_t38</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29203">ASTERISK-29203</a>: res_pjsip_t38: Crash when changing state<br/>Reported by: Gregory Massel<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=2784c444a408e130232778eb4bd945c0a6187acc">[2784c444a4]</a> Kevin Harwell -- AST-2021-002: Remote crash possible when negotiating T.38</li>
+</ul><br><h4>Category: Resources/res_rtp_asterisk</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29205">ASTERISK-29205</a>: res_rtp_asterisk: Asterisk crashes when making hold/unhold from webrtc client<br/>Reported by: Edvin Vidmar<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=076c18e7a2578806786e2e59a32a05f7f6d88619">[076c18e7a2]</a> Sean Bright -- res_rtp_asterisk.c: Fix signed mismatch that leads to overflow</li>
+</ul><br><hr><a name="diffstat"><h2 align="center">Diffstat Results</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.</p><pre>configs/samples/rtp.conf.sample                                         |   12 +++++++
+doc/CHANGES-staging/srtp_replay_protection.txt                          |    9 +++++
+doc/UPGRADE-staging/srtp_replay_protection.txt                          |    9 +++++
+res/res_pjsip_diversion.c                                               |   14 ++++++++
+res/res_pjsip_outbound_registration.c                                   |   12 +++++++
+res/res_pjsip_path.c                                                    |   12 +++++++
+res/res_pjsip_session.c                                                 |    9 +++++
+res/res_pjsip_t38.c                                                     |    9 +++++
+res/res_rtp_asterisk.c                                                  |   16 +++++++---
+res/res_srtp.c                                                          |    5 +--
+third-party/pjproject/patches/0080-fix-sdp-neg-modify-local-offer.patch |   14 ++++++++
+11 files changed, 114 insertions(+), 7 deletions(-)</pre><br></html>
\ No newline at end of file

asterisk-18.2.1-summary.txt

+                                Release Summary
+
+                                asterisk-18.2.1
+
+                                Date: 2021-02-18
+
+                           <asteriskteam@digium.com>
+
+     ----------------------------------------------------------------------
+
+                               Table of Contents
+
+    1. Summary
+    2. Contributors
+    3. Closed Issues
+    4. Diffstat
+
+     ----------------------------------------------------------------------
+
+                                    Summary
+
+                                 [Back to Top]
+
+   This release has been made to address one or more security vulnerabilities
+   that have been identified. A security advisory document has been published
+   for each vulnerability that includes additional information. Users of
+   versions of Asterisk that are affected are strongly encouraged to review
+   the advisories and determine what action they should take to protect their
+   systems from these issues.
+
+   Security Advisories:
+
+     * AST-2021-001,AST-2021-002,AST-2021-003,AST-2021-004,AST-2021-005
+
+   The data in this summary reflects changes that have been made since the
+   previous release, asterisk-18.2.0.
+
+     ----------------------------------------------------------------------
+
+                                  Contributors
+
+                                 [Back to Top]
+
+   This table lists the people who have submitted code, those that have
+   tested patches, as well as those that reported issues on the issue tracker
+   that were resolved in this release. For coders, the number is how many of
+   their patches (of any size) were committed into this release. For testers,
+   the number is the number of times their name was listed as assisting with
+   testing a patch. Finally, for reporters, the number is the number of
+   issues that they reported that were affected by commits that went into
+   this release.
+
+   Coders                   Testers       Reporters                           
+   1 Ivan Poddubnyi                       1 Mauri de Souza Meneguzzo (3CPlus) 
+   1 Sean Bright                          1 Ivan Poddubny                     
+   1 Kevin Harwell                        1 Ivan Poddubny                     
+   1 Alexander Traud                      1 Edvin Vidmar                      
+   1 Joshua C. Colp                       1 Alexander Traud                   
+                                          1 Gregory Massel                    
+                                          1 Alexander Traud                   
+
+     ----------------------------------------------------------------------
+
+                                 Closed Issues
+
+                                 [Back to Top]
+
+   This is a list of all issues from the issue tracker that were closed by
+   changes that went into this release.
+
+  Security
+
+    Category: Resources/res_srtp
+
+   ASTERISK-29260: sRTP Replay Protection ignored; even tears down long calls
+   Reported by: Alexander Traud
+     * [0c25e4576f] Alexander Traud -- rtp: Enable srtp replay protection
+
+    Category: pjproject/pjsip
+
+   ASTERISK-29227: res_pjsip_diversion: sending multiple 181 responses causes
+   memory corruption and crash
+   Reported by: Ivan Poddubny
+     * [56bc4cf0a6] Ivan Poddubnyi -- res_pjsip_diversion: Fix adding more
+       than one histinfo to Supported
+
+  Bug
+
+    Category: Resources/res_pjsip
+
+   ASTERISK-29196: res_pjsip: Segmentation fault
+   Reported by: Mauri de Souza Meneguzzo (3CPlus)
+     * [239573734a] Joshua C. Colp -- pjsip: Make modify_local_offer2
+       tolerate previous failed SDP.
+
+    Category: Resources/res_pjsip_session
+
+   ASTERISK-29203: res_pjsip_t38: Crash when changing state
+   Reported by: Gregory Massel
+     * [2784c444a4] Kevin Harwell -- AST-2021-002: Remote crash possible when
+       negotiating T.38
+
+    Category: Resources/res_pjsip_t38
+
+   ASTERISK-29203: res_pjsip_t38: Crash when changing state
+   Reported by: Gregory Massel
+     * [2784c444a4] Kevin Harwell -- AST-2021-002: Remote crash possible when
+       negotiating T.38
+
+    Category: Resources/res_rtp_asterisk
+
+   ASTERISK-29205: res_rtp_asterisk: Asterisk crashes when making hold/unhold
+   from webrtc client
+   Reported by: Edvin Vidmar
+     * [076c18e7a2] Sean Bright -- res_rtp_asterisk.c: Fix signed mismatch
+       that leads to overflow
+
+     ----------------------------------------------------------------------
+
+                                Diffstat Results
+
+                                 [Back to Top]
+
+   This is a summary of the changes to the source code that went into this
+   release that was generated using the diffstat utility.
+
+ configs/samples/rtp.conf.sample                                         |   12 +++++++
+ doc/CHANGES-staging/srtp_replay_protection.txt                          |    9 +++++
+ doc/UPGRADE-staging/srtp_replay_protection.txt                          |    9 +++++
+ res/res_pjsip_diversion.c                                               |   14 ++++++++
+ res/res_pjsip_outbound_registration.c                                   |   12 +++++++
+ res/res_pjsip_path.c                                                    |   12 +++++++
+ res/res_pjsip_session.c                                                 |    9 +++++
+ res/res_pjsip_t38.c                                                     |    9 +++++
+ res/res_rtp_asterisk.c                                                  |   16 +++++++---
+ res/res_srtp.c                                                          |    5 +--
+ third-party/pjproject/patches/0080-fix-sdp-neg-modify-local-offer.patch |   14 ++++++++
+ 11 files changed, 114 insertions(+), 7 deletions(-)