SICUREZZA: AST-2012-013: ACL rules ignored when placing outbound calls by certain IAX2 users

Questo il link per scaricare il PDF


SICUREZZA: AST-2012-012: Asterisk Manager User Unauthorized Shell Access

Questo il link per scaricare il PDF


Rilasciato Asterisk 11.0.0-beta1

Il giorno 10 agosto, il Team di Sviluppo di Asterisk ha annunciato il rilascio della versione Asterisk 11.0.0-beta1

Dal post originale:
All interested users of Asterisk are encouraged to participate in the
Asterisk 11 testing process. Please report any issues found to the issue
tracker, It is also very useful to see
successful test reports. Please post those to the asterisk-dev mailing list.
All Asterisk users are invited to participate in the #asterisk-testing channel
on IRC to work together in testing the many parts of Asterisk.

Asterisk 11 is the next major release series of Asterisk. It will be a Long
Term Support (LTS) release, similar to Asterisk 1.8. For more information about
support time lines for Asterisk releases, see the Asterisk versions page:

For important information regarding upgrading to Asterisk 11, please see the
Asterisk wiki:

A short list of new features includes:

A new channel driver named chan_motif has been added which provides support
for Google Talk and Jingle in a single channel driver. This new channel
driver includes support for both audio and video, RFC2833 DTMF, all codecs
supported by Asterisk, hold, unhold, and ringing notification. It is also
compliant with the current Jingle specification, current Google Jingle
specification, and the original Google Talk protocol.
Support for the WebSocket transport for chan_sip.
SIP peers can now be configured to support negotiation of ICE candidates.
The app_page application now no longer depends on DAHDI or app_meetme. It
has been re-architected to use app_confbridge internally.
Hangup handlers can be attached to channels using the CHANNEL() function.
Hangup handlers will run when the channel is hung up similar to the h
extension; however, unlike an h extension, a hangup handler is associated with
the actual channel and will execute anytime that channel is hung up,
regardless of where it is in the dialplan.
Added pre-dial handlers for the Dial and Follow-Me applications. Pre-dial
allows you to execute a dialplan subroutine on a channel before a call is
placed but after the application performing a dial action is invoked. This
means that the handlers are executed after the creation of the caller/callee
channels, but before any actions have been taken to actually dial the callee
Log messages can now be easily associated with a certain call by looking at
a new unique identifier, "Call Id". Call ids are attached to log messages for
just about any case where it can be determined that the message is related
to a particular call.
Introduced Named ACLs as a new way to define Access Control Lists (ACLs) in
Asterisk. Unlike traditional ACLs defined in specific module configuration
files, Named ACLs can be shared across multiple modules.
The Hangup Cause family of functions and dialplan applications allow for
inspection of the hangup cause codes for each channel involved in a call.
This allows a dialplan writer to determine, for each channel, who hung up and
for what reason(s).
Two new functions have been added: FEATURE() and FEATUREMAP(). FEATURE()
lets you set some of the configuration options from the general section
of features.conf on a per-channel basis. FEATUREMAP() lets you customize
the key sequence used to activate built-in features, such as blindxfer,
and automon.
Support for named pickupgroups/callgroups, allowing any number of pickupgroups
and callgroups to be defined for several channel drivers.
IPv6 Support for AMI, AGI, ExternalIVR, and the SIP Security Event Framework.
More information about the new features can be found on the Asterisk wiki:

A full list of all new features can also be found in the CHANGES file.

For a full list of changes in the current release, please see the ChangeLog.

Inserito in: Asterisk Nessun commento