diff --git a/.version b/.version index d61534ca03c028a6560c5967ce9d213f533855fb..2f628a59e38e86accde58e78f6d72e1730fe4533 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -17.9.1 \ No newline at end of file +17.9.2 \ No newline at end of file diff --git a/ChangeLog b/ChangeLog index 11ffb9ebb8261020a9733c047825547b2f15551c..90b76f92a64d3ff75130271780fb74925f217dc5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,104 @@ +2021-02-18 16:49 +0000 Asterisk Development Team <asteriskteam@digium.com> + + * asterisk 17.9.2 Released. + +2021-02-01 15:24 +0000 [b8dccb9cbc] Kevin Harwell <kharwell@sangoma.com> + + * AST-2021-002: Remote crash possible when negotiating T.38 + + When an endpoint requests to re-negotiate for fax and the incoming + re-invite is received prior to Asterisk sending out the 200 OK for + the initial invite the re-invite gets delayed. When Asterisk does + finally send the re-inivite the SDP includes streams for both audio + and T.38. + + This happens because when the pending topology and active topologies + differ (pending stream is not in the active) in the delayed scenario + the pending stream is appended to the active topology. However, in + the fax case the pending stream should replace the active. + + This patch makes it so when a delay occurs during fax negotiation, + to or from, the audio stream is replaced by the T.38 stream, or vice + versa instead of being appended. + + Further when Asterisk sent the re-invite with both audio and T.38, + and the endpoint responded with a declined T.38 stream then Asterisk + would crash when attempting to change the T.38 state. + + This patch also puts in a check that ensures the media state has a + valid fax session (associated udptl object) before changing the + T.38 state internally. + + ASTERISK-29203 #close + + Change-Id: I407f4fa58651255b6a9030d34fd6578cf65ccf09 + +2021-01-26 11:09 +0000 [5cc639a934] Alexander Traud <pabstraud@compuserve.com> + + * rtp: Enable srtp replay protection + + Add option "srtpreplayprotection" rtp.conf to enable srtp + replay protection. + + ASTERISK-29260 + Reported by: Alexander Traud + + Change-Id: I5cd346e3c6b6812039d1901aa4b7be688173b458 + +2020-12-28 06:43 +0000 [814daf2152] Ivan Poddubnyi <ivan.poddubny@gmail.com> + + * res_pjsip_diversion: Fix adding more than one histinfo to Supported + + New responses sent within a PJSIP sessions are based on those that were + sent before. Therefore, adding/modifying a header once causes it to be + sent on all responses that follow. + + Sending 181 Call Is Being Forwarded many times first adds "histinfo" + duplicated more and more, and eventually overflows past the array + boundary. + + This commit adds a check preventing adding "histinfo" more than once, + and skipping it if there is no more space in the header. + + Similar overflow situations can also occur in res_pjsip_path and + res_pjsip_outbound_registration so those were also modified to + check the bounds and suppress duplicate Supported values. + + ASTERISK-29227 + Reported by: Ivan Poddubny + + Change-Id: Id43704a1f1a0293e35cc7f844026f0b04f2ac322 + +2020-12-11 14:49 +0000 [2cef4e34b6] Sean Bright <sean.bright@gmail.com> + + * res_rtp_asterisk.c: Fix signed mismatch that leads to overflow + + ASTERISK-29205 #close + + Change-Id: Ib7aa65644e8df76e2378d7613ee7cf751b9d0bea + +2021-02-05 05:26 +0000 [d6601e56e1] Joshua C. Colp <jcolp@sangoma.com> + + * pjsip: Make modify_local_offer2 tolerate previous failed SDP. + + If a remote side is broken and sends an SDP that can not be + negotiated the call will be torn down but there is a window + where a second 183 Session Progress or 200 OK that is forked + can be received that also attempts to negotiate SDP. Since + the code marked the SDP negotiation as being done and complete + prior to this it assumes that there is an active local and remote + SDP which it can modify, while in fact there is not as the SDP + did not successfully negotiate. Since there is no local or remote + SDP a crash occurs. + + This patch changes the pjmedia_sdp_neg_modify_local_offer2 + function to no longer assume that a previous SDP negotiation + was successful. + + ASTERISK-29196 + + Change-Id: I22de45916d3b05fdc2a67da92b3a38271ee5949e + 2020-12-22 21:04 +0000 Asterisk Development Team <asteriskteam@digium.com> * asterisk 17.9.1 Released. diff --git a/asterisk-17.9.1-summary.html b/asterisk-17.9.1-summary.html deleted file mode 100644 index 3cde74cbb2e5d4349526ad3ff06b7e470e683e76..0000000000000000000000000000000000000000 --- a/asterisk-17.9.1-summary.html +++ /dev/null @@ -1,27 +0,0 @@ -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><title>Release Summary - asterisk-17.9.1</title><h1 align="center"><a name="top">Release Summary</a></h1><h3 align="center">asterisk-17.9.1</h3><h3 align="center">Date: 2020-12-22</h3><h3 align="center"><asteriskteam@digium.com></h3><hr><h2 align="center">Table of Contents</h2><ol> -<li><a href="#summary">Summary</a></li> -<li><a href="#contributors">Contributors</a></li> -<li><a href="#open_issues">Open Issues</a></li> -<li><a href="#commits">Other Changes</a></li> -<li><a href="#diffstat">Diffstat</a></li> -</ol><hr><a name="summary"><h2 align="center">Summary</h2></a><center><a href="#top">[Back to Top]</a></center><p>This release has been made to address one or more security vulnerabilities that have been identified. A security advisory document has been published for each vulnerability that includes additional information. Users of versions of Asterisk that are affected are strongly encouraged to review the advisories and determine what action they should take to protect their systems from these issues.</p><p>Security Advisories:</p><ul> -<li><a href="http://downloads.asterisk.org/pub/security/AST-2020-003,AST-2020-004.html">AST-2020-003,AST-2020-004</a></li> -</ul><p>The data in this summary reflects changes that have been made since the previous release, asterisk-17.9.0.</p><hr><a name="contributors"><h2 align="center">Contributors</h2></a><center><a href="#top">[Back to Top]</a></center><p>This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.</p><table width="100%" border="0"> -<tr><th width="33%">Coders</th><th width="33%">Testers</th><th width="33%">Reporters</th></tr> -<tr valign="top"><td width="33%">1 Torrey Searle <tsearle@voxbone.com><br/>1 Asterisk Development Team <asteriskteam@digium.com><br/></td><td width="33%"><td width="33%">1 Mikhail Ivanov <mivanov@lanta-net.ru><br/>1 Torrey Searle <tsearle@gmail.com><br/></td></tr> -</table><hr><a name="open_issues"><h2 align="center">Open Issues</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all open issues from the issue tracker that were referenced by changes that went into this release.</p><h3>Security</h3><h4>Category: Resources/res_pjsip_diversion</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29219">ASTERISK-29219</a>: res_pjsip_diversion: Crash if Tel URI contains History-Info<br/>Reported by: Torrey Searle<ul> -<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=fbfc7ab43b229820a73f757e51f2dde46f86461d">[fbfc7ab43b]</a> Torrey Searle -- res/res_pjsip_diversion: prevent crash on tel: uri in History-Info</li> -</ul><br><h3>Bug</h3><h4>Category: Resources/res_pjsip_diversion</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29191">ASTERISK-29191</a>: tel: URI in Diversion header causes crash<br/>Reported by: Mikhail Ivanov<ul> -<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=fbfc7ab43b229820a73f757e51f2dde46f86461d">[fbfc7ab43b]</a> Torrey Searle -- res/res_pjsip_diversion: prevent crash on tel: uri in History-Info</li> -</ul><br><h4>Category: pjproject/pjsip</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29191">ASTERISK-29191</a>: tel: URI in Diversion header causes crash<br/>Reported by: Mikhail Ivanov<ul> -<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=fbfc7ab43b229820a73f757e51f2dde46f86461d">[fbfc7ab43b]</a> Torrey Searle -- res/res_pjsip_diversion: prevent crash on tel: uri in History-Info</li> -</ul><br><hr><a name="commits"><h2 align="center">Commits Not Associated with an Issue</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all changes that went into this release that did not reference a JIRA issue.</p><table width="100%" border="1"> -<tr><th>Revision</th><th>Author</th><th>Summary</th></tr> -<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=69895da26d7a5dad7f7cd9bdc293a543a06154ed">69895da26d</a></td><td>Asterisk Development Team</td><td>Update for 17.9.1</td></tr> -</table><hr><a name="diffstat"><h2 align="center">Diffstat Results</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.</p><pre>asterisk-17.9.0-summary.html | 136 -------------- -asterisk-17.9.0-summary.txt | 391 ----------------------------------------- -b/.version | 2 -b/ChangeLog | 16 + -b/asterisk-17.9.1-summary.html | 17 + -b/asterisk-17.9.1-summary.txt | 70 +++++++ -6 files changed, 104 insertions(+), 528 deletions(-)</pre><br></html> \ No newline at end of file diff --git a/asterisk-17.9.1-summary.txt b/asterisk-17.9.1-summary.txt deleted file mode 100644 index c23f8f79a3d2a64c2bd9e5461c3b072928f544f5..0000000000000000000000000000000000000000 --- a/asterisk-17.9.1-summary.txt +++ /dev/null @@ -1,123 +0,0 @@ - Release Summary - - asterisk-17.9.1 - - Date: 2020-12-22 - - <asteriskteam@digium.com> - - ---------------------------------------------------------------------- - - Table of Contents - - 1. Summary - 2. Contributors - 3. Open Issues - 4. Other Changes - 5. Diffstat - - ---------------------------------------------------------------------- - - Summary - - [Back to Top] - - This release has been made to address one or more security vulnerabilities - that have been identified. A security advisory document has been published - for each vulnerability that includes additional information. Users of - versions of Asterisk that are affected are strongly encouraged to review - the advisories and determine what action they should take to protect their - systems from these issues. - - Security Advisories: - - * AST-2020-003,AST-2020-004 - - The data in this summary reflects changes that have been made since the - previous release, asterisk-17.9.0. - - ---------------------------------------------------------------------- - - Contributors - - [Back to Top] - - This table lists the people who have submitted code, those that have - tested patches, as well as those that reported issues on the issue tracker - that were resolved in this release. For coders, the number is how many of - their patches (of any size) were committed into this release. For testers, - the number is the number of times their name was listed as assisting with - testing a patch. Finally, for reporters, the number is the number of - issues that they reported that were affected by commits that went into - this release. - - Coders Testers Reporters - 1 Torrey Searle 1 Mikhail Ivanov - 1 Asterisk Development Team 1 Torrey Searle - - ---------------------------------------------------------------------- - - Open Issues - - [Back to Top] - - This is a list of all open issues from the issue tracker that were - referenced by changes that went into this release. - - Security - - Category: Resources/res_pjsip_diversion - - ASTERISK-29219: res_pjsip_diversion: Crash if Tel URI contains - History-Info - Reported by: Torrey Searle - * [fbfc7ab43b] Torrey Searle -- res/res_pjsip_diversion: prevent crash - on tel: uri in History-Info - - Bug - - Category: Resources/res_pjsip_diversion - - ASTERISK-29191: tel: URI in Diversion header causes crash - Reported by: Mikhail Ivanov - * [fbfc7ab43b] Torrey Searle -- res/res_pjsip_diversion: prevent crash - on tel: uri in History-Info - - Category: pjproject/pjsip - - ASTERISK-29191: tel: URI in Diversion header causes crash - Reported by: Mikhail Ivanov - * [fbfc7ab43b] Torrey Searle -- res/res_pjsip_diversion: prevent crash - on tel: uri in History-Info - - ---------------------------------------------------------------------- - - Commits Not Associated with an Issue - - [Back to Top] - - This is a list of all changes that went into this release that did not - reference a JIRA issue. - - +------------------------------------------------------------------------+ - | Revision | Author | Summary | - |----------------+-------------------------------+-----------------------| - | 69895da26d | Asterisk Development Team | Update for 17.9.1 | - +------------------------------------------------------------------------+ - - ---------------------------------------------------------------------- - - Diffstat Results - - [Back to Top] - - This is a summary of the changes to the source code that went into this - release that was generated using the diffstat utility. - - asterisk-17.9.0-summary.html | 136 -------------- - asterisk-17.9.0-summary.txt | 391 ----------------------------------------- - b/.version | 2 - b/ChangeLog | 16 + - b/asterisk-17.9.1-summary.html | 17 + - b/asterisk-17.9.1-summary.txt | 70 +++++++ - 6 files changed, 104 insertions(+), 528 deletions(-) diff --git a/asterisk-17.9.2-summary.html b/asterisk-17.9.2-summary.html new file mode 100644 index 0000000000000000000000000000000000000000..4475536d5459a980e7e0ac55da7d9666fd30d196 --- /dev/null +++ b/asterisk-17.9.2-summary.html @@ -0,0 +1,34 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><title>Release Summary - asterisk-17.9.2</title><h1 align="center"><a name="top">Release Summary</a></h1><h3 align="center">asterisk-17.9.2</h3><h3 align="center">Date: 2021-02-18</h3><h3 align="center"><asteriskteam@digium.com></h3><hr><h2 align="center">Table of Contents</h2><ol> +<li><a href="#summary">Summary</a></li> +<li><a href="#contributors">Contributors</a></li> +<li><a href="#closed_issues">Closed Issues</a></li> +<li><a href="#diffstat">Diffstat</a></li> +</ol><hr><a name="summary"><h2 align="center">Summary</h2></a><center><a href="#top">[Back to Top]</a></center><p>This release has been made to address one or more security vulnerabilities that have been identified. A security advisory document has been published for each vulnerability that includes additional information. Users of versions of Asterisk that are affected are strongly encouraged to review the advisories and determine what action they should take to protect their systems from these issues.</p><p>Security Advisories:</p><ul> +<li><a href="http://downloads.asterisk.org/pub/security/AST-2021-001,AST-2021-002,AST-2021-003,AST-2021-004,AST-2021-005.html">AST-2021-001,AST-2021-002,AST-2021-003,AST-2021-004,AST-2021-005</a></li> +</ul><p>The data in this summary reflects changes that have been made since the previous release, asterisk-17.9.1.</p><hr><a name="contributors"><h2 align="center">Contributors</h2></a><center><a href="#top">[Back to Top]</a></center><p>This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.</p><table width="100%" border="0"> +<tr><th width="33%">Coders</th><th width="33%">Testers</th><th width="33%">Reporters</th></tr> +<tr valign="top"><td width="33%">1 Ivan Poddubnyi <ivan.poddubny@gmail.com><br/>1 Sean Bright <sean.bright@gmail.com><br/>1 Kevin Harwell <kharwell@sangoma.com><br/>1 Alexander Traud <pabstraud@compuserve.com><br/>1 Joshua C. Colp <jcolp@sangoma.com><br/></td><td width="33%"><td width="33%">1 Mauri de Souza Meneguzzo (3CPlus) <mauri.nunes@fluxoti.com><br/>1 Ivan Poddubny<br/>1 Ivan Poddubny <ivan.poddubny@gmail.com><br/>1 Edvin Vidmar <edvinvidmar@hotmail.com><br/>1 Alexander Traud <pabstraud@compuserve.com><br/>1 Gregory Massel <greg@csurf.co.za><br/>1 Alexander Traud<br/></td></tr> +</table><hr><a name="closed_issues"><h2 align="center">Closed Issues</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all issues from the issue tracker that were closed by changes that went into this release.</p><h3>Security</h3><h4>Category: Resources/res_srtp</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29260">ASTERISK-29260</a>: sRTP Replay Protection ignored; even tears down long calls<br/>Reported by: Alexander Traud<ul> +<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=5cc639a9343210c97d8b05f00fe451d6c697c852">[5cc639a934]</a> Alexander Traud -- rtp: Enable srtp replay protection</li> +</ul><br><h4>Category: pjproject/pjsip</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29227">ASTERISK-29227</a>: res_pjsip_diversion: sending multiple 181 responses causes memory corruption and crash<br/>Reported by: Ivan Poddubny<ul> +<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=814daf21526acc4aeba55084241067bbd8deed1b">[814daf2152]</a> Ivan Poddubnyi -- res_pjsip_diversion: Fix adding more than one histinfo to Supported</li> +</ul><br><h3>Bug</h3><h4>Category: Resources/res_pjsip</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29196">ASTERISK-29196</a>: res_pjsip: Segmentation fault<br/>Reported by: Mauri de Souza Meneguzzo (3CPlus)<ul> +<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=d6601e56e1013f9732bb709345cc8d04552393c1">[d6601e56e1]</a> Joshua C. Colp -- pjsip: Make modify_local_offer2 tolerate previous failed SDP.</li> +</ul><br><h4>Category: Resources/res_pjsip_session</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29203">ASTERISK-29203</a>: res_pjsip_t38: Crash when changing state<br/>Reported by: Gregory Massel<ul> +<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=b8dccb9cbc3e138f3a4d2a8eed80afcc1a72f732">[b8dccb9cbc]</a> Kevin Harwell -- AST-2021-002: Remote crash possible when negotiating T.38</li> +</ul><br><h4>Category: Resources/res_pjsip_t38</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29203">ASTERISK-29203</a>: res_pjsip_t38: Crash when changing state<br/>Reported by: Gregory Massel<ul> +<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=b8dccb9cbc3e138f3a4d2a8eed80afcc1a72f732">[b8dccb9cbc]</a> Kevin Harwell -- AST-2021-002: Remote crash possible when negotiating T.38</li> +</ul><br><h4>Category: Resources/res_rtp_asterisk</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29205">ASTERISK-29205</a>: res_rtp_asterisk: Asterisk crashes when making hold/unhold from webrtc client<br/>Reported by: Edvin Vidmar<ul> +<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=2cef4e34b604a70f17becf1994589c1f8a7353e5">[2cef4e34b6]</a> Sean Bright -- res_rtp_asterisk.c: Fix signed mismatch that leads to overflow</li> +</ul><br><hr><a name="diffstat"><h2 align="center">Diffstat Results</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.</p><pre>configs/samples/rtp.conf.sample | 12 +++++++ +doc/CHANGES-staging/srtp_replay_protection.txt | 9 +++++ +doc/UPGRADE-staging/srtp_replay_protection.txt | 9 +++++ +res/res_pjsip_diversion.c | 14 ++++++++ +res/res_pjsip_outbound_registration.c | 12 +++++++ +res/res_pjsip_path.c | 12 +++++++ +res/res_pjsip_session.c | 9 +++++ +res/res_pjsip_t38.c | 9 +++++ +res/res_rtp_asterisk.c | 16 +++++++--- +res/res_srtp.c | 5 +-- +third-party/pjproject/patches/0080-fix-sdp-neg-modify-local-offer.patch | 15 +++++++++ +11 files changed, 115 insertions(+), 7 deletions(-)</pre><br></html> \ No newline at end of file diff --git a/asterisk-17.9.2-summary.txt b/asterisk-17.9.2-summary.txt new file mode 100644 index 0000000000000000000000000000000000000000..4f67a5caf390ae7a9e99dd92cd7ccc2ea07b8814 --- /dev/null +++ b/asterisk-17.9.2-summary.txt @@ -0,0 +1,138 @@ + Release Summary + + asterisk-17.9.2 + + Date: 2021-02-18 + + <asteriskteam@digium.com> + + ---------------------------------------------------------------------- + + Table of Contents + + 1. Summary + 2. Contributors + 3. Closed Issues + 4. Diffstat + + ---------------------------------------------------------------------- + + Summary + + [Back to Top] + + This release has been made to address one or more security vulnerabilities + that have been identified. A security advisory document has been published + for each vulnerability that includes additional information. Users of + versions of Asterisk that are affected are strongly encouraged to review + the advisories and determine what action they should take to protect their + systems from these issues. + + Security Advisories: + + * AST-2021-001,AST-2021-002,AST-2021-003,AST-2021-004,AST-2021-005 + + The data in this summary reflects changes that have been made since the + previous release, asterisk-17.9.1. + + ---------------------------------------------------------------------- + + Contributors + + [Back to Top] + + This table lists the people who have submitted code, those that have + tested patches, as well as those that reported issues on the issue tracker + that were resolved in this release. For coders, the number is how many of + their patches (of any size) were committed into this release. For testers, + the number is the number of times their name was listed as assisting with + testing a patch. Finally, for reporters, the number is the number of + issues that they reported that were affected by commits that went into + this release. + + Coders Testers Reporters + 1 Ivan Poddubnyi 1 Mauri de Souza Meneguzzo (3CPlus) + 1 Sean Bright 1 Ivan Poddubny + 1 Kevin Harwell 1 Ivan Poddubny + 1 Alexander Traud 1 Edvin Vidmar + 1 Joshua C. Colp 1 Alexander Traud + 1 Gregory Massel + 1 Alexander Traud + + ---------------------------------------------------------------------- + + Closed Issues + + [Back to Top] + + This is a list of all issues from the issue tracker that were closed by + changes that went into this release. + + Security + + Category: Resources/res_srtp + + ASTERISK-29260: sRTP Replay Protection ignored; even tears down long calls + Reported by: Alexander Traud + * [5cc639a934] Alexander Traud -- rtp: Enable srtp replay protection + + Category: pjproject/pjsip + + ASTERISK-29227: res_pjsip_diversion: sending multiple 181 responses causes + memory corruption and crash + Reported by: Ivan Poddubny + * [814daf2152] Ivan Poddubnyi -- res_pjsip_diversion: Fix adding more + than one histinfo to Supported + + Bug + + Category: Resources/res_pjsip + + ASTERISK-29196: res_pjsip: Segmentation fault + Reported by: Mauri de Souza Meneguzzo (3CPlus) + * [d6601e56e1] Joshua C. Colp -- pjsip: Make modify_local_offer2 + tolerate previous failed SDP. + + Category: Resources/res_pjsip_session + + ASTERISK-29203: res_pjsip_t38: Crash when changing state + Reported by: Gregory Massel + * [b8dccb9cbc] Kevin Harwell -- AST-2021-002: Remote crash possible when + negotiating T.38 + + Category: Resources/res_pjsip_t38 + + ASTERISK-29203: res_pjsip_t38: Crash when changing state + Reported by: Gregory Massel + * [b8dccb9cbc] Kevin Harwell -- AST-2021-002: Remote crash possible when + negotiating T.38 + + Category: Resources/res_rtp_asterisk + + ASTERISK-29205: res_rtp_asterisk: Asterisk crashes when making hold/unhold + from webrtc client + Reported by: Edvin Vidmar + * [2cef4e34b6] Sean Bright -- res_rtp_asterisk.c: Fix signed mismatch + that leads to overflow + + ---------------------------------------------------------------------- + + Diffstat Results + + [Back to Top] + + This is a summary of the changes to the source code that went into this + release that was generated using the diffstat utility. + + configs/samples/rtp.conf.sample | 12 +++++++ + doc/CHANGES-staging/srtp_replay_protection.txt | 9 +++++ + doc/UPGRADE-staging/srtp_replay_protection.txt | 9 +++++ + res/res_pjsip_diversion.c | 14 ++++++++ + res/res_pjsip_outbound_registration.c | 12 +++++++ + res/res_pjsip_path.c | 12 +++++++ + res/res_pjsip_session.c | 9 +++++ + res/res_pjsip_t38.c | 9 +++++ + res/res_rtp_asterisk.c | 16 +++++++--- + res/res_srtp.c | 5 +-- + third-party/pjproject/patches/0080-fix-sdp-neg-modify-local-offer.patch | 15 +++++++++ + 11 files changed, 115 insertions(+), 7 deletions(-)