Rilasciato Asterisk 1.8.3-rc3
Il giorno 16 febbraio, il Team di Sviluppo di Asterisk ha annunciato il rilascio della versione Asterisk 1.8.3-rc3.
Dal post originale:
The release of Asterisk 1.8.3-rc3 resolves the following issues in addition to
those included in 1.8.3-rc1 and 1.8.3-rc2:
- Fix regression that changed behavior of queues when ringing a queue member.
(Closes issue #18747, #18733. Reported by vrban. Patched by qwell.) - Resolve deadlock involving REFER.
(Closes issue #18403. Reported, tested by jthurman. Patched by jpeeler.)
For a full list of changes in this release candidate, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.3-rc3
Rilasciato Asterisk 1.6.2.17-rc3
Il giorno 16 febbraio, il Team di Sviluppo di Asterisk ha annunciato il rilascio della versione Asterisk 1.6.2.17-rc3.
Dal post originale:
The release of Asterisk 1.6.2.17-rc3 resolves the following issues in addition
to those included in 1.6.2.17-rc1 and 1.6.2.17-rc2:
- Fix regression that changed behavior of queues when ringing a queue member.
(Closes issue #18747, #18733. Reported by vrban. Patched by qwell.)
For a full list of changes in this release candidate, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.17-rc3
Rilasciato Asterisk 1.4.40-rc3
Il giorno 16 febbraio, il Team di Sviluppo di Asterisk ha annunciato il rilascio della versione Asterisk 1.4.40-rc3.
Dal post originale:
The release of Asterisk 1.4.40-rc3 resolves the following issues in addition to
those included in 1.4.40-rc1 and 1.4.40-rc2:
- Fix regression that changed behavior of queues when ringing a queue member.
(Closes issue #18747, #18733. Reported by vrban. Patched by qwell.)
For a full list of changes in this release candidate, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.4.40-rc3
Asterisk 1.8 e fail2ban
www.asterweb.org
Per la corretta protezione di Asterisk 1.8 da parte di iptables/fail2ban è necessario utilizzare un "nuovo" file asterisk.conf. Questa la procedura di installazione:
# cd /etc/fail2ban/filter.d# wget http://pbxinaflash.net/source/fail2ban/asterisk18.conf# mv asterisk.conf asterisk14.conf# mv asterisk18.conf asterisk.conf# service fail2ban restart
Rilasciato Asterisk 1.8.2.3
Il giorno 26 gennaio, il Team di Sviluppo di Asterisk ha annunciato il rilascio della versione Asterisk 1.8.2.3.
Dal post originale:
The release of Asterisk 1.8.2.3 resolves the following issue:
- Reimplemented fax session reservation to reverse the ABI breakage introduced
in r297486.
(Reported by Jeremy Kister on the asterisk-users mailing list. Patched by
mnicholson)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.2.3
Thank you for your continued support of Asterisk!
Rilasciato Asterisk 1.8.3-rc2
Il giorno 26 gennaio, il Team di Sviluppo di Asterisk ha annunciato il rilascio della versione Asterisk 1.8.3-rc2.
Dal post originale:
The release of Asterisk 1.8.3-rc2 resolves the following issues in addition to
those included in 1.8.3-rc1:
- Resolve issue where no Music On Hold may be triggered when using
res_timing_dahdi.
(Closes issues #18262. Reported by francesco_r. Patched by cjacobson. Tested
by francesco_r, rfrantik, one47) - Resolve a memory leak when the Asterisk Manager Interface is disabled.
(Reported internally by kmorgan. Patched by russellb) - Reimplemented fax session reservation to reverse the ABI breakage introduced
in r297486.
(Reported internally. Patched by mnicholson)
For a full list of changes in this release candidate, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.3-rc2
Thank you for your continued support of Asterisk!
Rilasciato Asterisk 1.6.2.17-rc2
Il giorno 26 gennaio, il Team di Sviluppo di Asterisk ha annunciato il rilascio della versione Asterisk 1.6.2.17-rc2.
Dal post originale:
The release of Asterisk 1.6.2.17-rc2 resolves the following issues in addition
to those included in 1.6.2.17-rc1:
- Resolve several issues with DTMF based attended transfers.
(Closes issues #17999, #17096, #18395, #17273. Reported by iskatel, gelo,
shihchaun, grecco. Patched by rmudgett).
NOTE: Be sure to read the ChangeLog for more information about these changes. - Resolve issue where no Music On Hold may be triggered when using
res_timing_dahdi.
(Closes issues #18262. Reported by francesco_r. Patched by cjacobson. Tested
by francesco_r, rfrantik, one47)
For a full list of changes in this release candidate, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.17-rc2
Thank you for your continued support of Asterisk!
Rilasciato Asterisk 1.4.40-rc2
Il giorno 26 gennaio, il Team di Sviluppo di Asterisk ha annunciato il rilascio della versione Asterisk 1.4.40-rc2.
Dal post originale:
The release of Asterisk 1.4.40-rc2 resolves the following issues in addition to
those included in 1.4.40-rc1:
- Resolve several issues with DTMF based attended transfers.
(Closes issues #17999, #17096, #18395, #17273. Reported by iskatel, gelo,
shihchaun, grecco. Patched by rmudgett).
NOTE: Be sure to read the ChangeLog for more information about these changes.
For a full list of changes in this release candidate, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.4.40-rc2
Thank you for your continued support of Asterisk!
Rilasciato Asterisk 1.8.2.2 (Security Release)
Il giorno 20 gennaio, il Team di Sviluppo di Asterisk ha annunciato il rilascio della versione Asterisk 1.8.2.2.
Dal post originale:
The Asterisk Development Team has announced a release for the security issue
described in AST-2011-001.
Due to a failed merge, Asterisk 1.8.2.1 which should have included the security
fix did not. Asterisk 1.8.2.2 contains the the changes which should have been
included in Asterisk 1.8.2.1.
This releases is available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk/releases
The releases of Asterisk 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1, 1.6.2.16.2,
1.8.1.2, and 1.8.2.2 resolve an issue when forming an outgoing SIP request while
in pedantic mode, which can cause a stack buffer to be made to overflow if
supplied with carefully crafted caller ID information. The issue and resolution
are described in the AST-2011-001 security advisory.
For more information about the details of this vulnerability, please read the
security advisory AST-2011-001, which was released at the same time as this
announcement.
For a full list of changes in the current release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-...
Security advisory AST-2011-001 is available at:
http://downloads.asterisk.org/pub/security/AST-2011-001.pdf
Rilasciato Asterisk 1.8.3-rc1
Il giorno 19 gennaio, il Team di Sviluppo di Asterisk ha annunciato il rilascio della versione Asterisk 1.8.3-rc1.
Dal post originale:
The release of Asterisk 1.8.3-rc1 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following is a sample of the issues resolved in this release candidate:
- Resolve duplicated data in the AstDB when using DIALGROUP()
(Closes issue #18091. Reported by bunny. Patched by tilghman) - Ensure the ipaddr field in realtime is large enough to handle IPv6 addresses.
(Closes issue #18464. Reported, patched by IgorG) - Reworking parsing of mwi => lines to resolve a segfault. Also add a set of
unit tests for the function that does the parsing.
(Closes issue #18350. Reported by gbour. Patched by Marquis) - When using cdr_pgsql the billsec field was not populated correctly on
unanswered calls.
(Closes issue #18406. Reported by joscas. Patched by tilghman) - Resolve memory leak in iCalendar and Exchange calendaring modules.
(Closes issue #18521. Reported, patched by pitel. Tested by cervajs) - This version of Asterisk includes the new Compiler Flags option
BETTER_BACKTRACES which uses libbfd to search for better symbol information
within both the Asterisk binary, as well as loaded modules, to assist when
using inline backtraces to track down problems.
(Patched by tilghman)
For a full list of changes in this release candidate, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.3-rc1
Rilasciato Asterisk 1.6.2.17-rc1
Il giorno 19 gennaio, il Team di Sviluppo di Asterisk ha annunciato il rilascio della versione Asterisk 1.6.2.17-rc1.
Dal post originale:
The release of Asterisk 1.6.2.17-rc1 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following is a sample of the issues resolved in this release candidate:
- Resolve duplicated data in the AstDB when using DIALGROUP()
(Closes issue #18091. Reported by bunny. Patched by tilghman) - Correct issue where res_config_odbc could populate fields with invalid data.
(Closes issue #18251, #18279. Reported by bcnit, zerohalo. Tested by trev,
jthurman, elguero, zerohalo. Patched by tilghman) - When using cdr_pgsql the billsec field was not populated correctly on
unanswered calls.
(Closes issue #18406. Reported by joscas. Patched by tilghman) - Resolve issue where re-transmissions of SUBSCRIBE could break presence.
(Closes issue #18075. Reported by mdu113. Patched by twilson) - Fix regression causing forwarding voicemails to not work with file storage.
(Closes issue #18358. Reported by cabal95. Patched by jpeeler) - This version of Asterisk includes the new Compiler Flags option
BETTER_BACKTRACES which uses libbfd to search for better symbol information
within both the Asterisk binary, as well as loaded modules, to assist when
using inline backtraces to track down problems.
(Patched by tilghman)
For a full list of changes in this release candidate, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.17-rc1
Rilasciato Asterisk 1.4.40-rc1
Il giorno 19 gennaio, il Team di Sviluppo di Asterisk ha annunciato il rilascio della versione Asterisk 1.4.40-rc1.
Dal post originale:
The release of Asterisk 1.4.40-rc1 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following is a sample of the issues resolved in this release candidate:
- Correct issue where res_config_odbc could populate fields with invalid data.
(Closes issue #18251, #18279. Reported by bcnit, zerohalo. Tested by trev,
jthurman, elguero, zerohalo. Patched by tilghman) - Resolve issue where re-transmissions of SUBSCRIBE could break presence.
(Closes issue #18075. Reported by mdu113. Patched by twilson) - Resolve issue in res_odbc where it may crash when a query fails.
(Closes issue #18243. Reported, patched by ks3) - Fix CPU spike when pressing DTMF after agent login.
(Closes issue #18130. Reported by rgj. Patched by jpeeler) - Fix cross-compiling issue.
(Closes issue #18301. Reported, patched by abelbeck) - This version of Asterisk includes the new Compiler Flags option
BETTER_BACKTRACES which uses libbfd to search for better symbol information
within both the Asterisk binary, as well as loaded modules, to assist when
using inline backtraces to track down problems.
(Patched by tilghman)
For a full list of changes in this release candidate, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.4.40-rc1
Sicurezza: AST-2011-001 – Stack buffer overflow in SIP channel driver
Ecco un estratto del documento sulla sicurezza AST-2011-001:
Description When forming an outgoing SIP request while in pedantic mode, a stack buffer can
be made to overflow if supplied with carefully crafted caller ID information. This
vulnerability also affects the URIENCODE dialplan function and in some versions
of asterisk, the AGI dialplan application as well. The ast_uri_encode function does
not properly respect the size of its output buffer and can write past the end of it
when encoding URIs.
Resolution The size of the output buffer passed to the ast_uri_encode function is now
properly respected.
In asterisk versions not containing the fix for this issue, limiting strings originating
from remote sources that will be URI encoded to a length of 40 characters will
protect against this vulnerability.
exten => s,1,Set(CALLERID(num)=${CALLERID(num):0:40})
exten => s,n,Set(CALLERID(name)=${CALLERID(name):0:40})
exten => s,n,Dial(SIP/channel)
The CALLERID(num) and CALLERID(name) channel values, and any strings passed
to the URIENCODE dialplan function should be limited in this manner.
Asterisk 1.8.2 Now Available
Il giorno 14 gennaio, il Team di Sviluppo di Asterisk ha annunciato il rilascio della versione Asterisk 1.8.2 (il post ufficiale titola "1.8.3" ma si tratta sicuramente di un errore "di battitura").
Dal post originale:
The following is a sample of the issues resolved in this release:
* 'sip notify clear-mwi' needs terminating CRLF.
(Closes issue #18275. Reported, patched by klaus3000)
* Patch for deadlock from ordering issue between channel/queue locks in
app_queue (set_queue_variables).
(Closes issue #18031. Reported by rain. Patched by bbryant)
* Fix cache of device state changes for multiple servers.
(Closes issue #18284, #18280. Reported, tested by klaus3000. Patched, tested
by russellb)
* Resolve issue where channel redirect function (CLI or AMI) hangs up the call
instead of redirecting the call.
(Closes issue #18171. Reported by: SantaFox)
(Closes issue #18185. Reported by: kwemheuer)
(Closes issue #18211. Reported by: zahir_koradia)
(Closes issue #18230. Reported by: vmarrone)
(Closes issue #18299. Reported by: mbrevda)
(Closes issue #18322. Reported by: nerbos)
* Fix reloading of peer when a user is requested. Prevent peer reloading from
causing multiple MWI subscriptions to be created when using realtime.
(Closes issue #18342. Reported, patched by nivek.)
* Fix XMPP PubSub-based distributed device state. Initialize pubsubflags to 0
so res_jabber doesn't think there is already an XMPP connection sending
device state. Also clean up CLI commands a bit.
(Closes issue #18272. Reported by klaus3000. Patched by Marquis42)
* Don't crash after Set(CDR(userfield)=...) in ast_bridge_call. Instead of
setting peer->cdr = NULL, set it to not post.
(Closes issue #18415. Reported by macbrody. Patched, tested by jsolares)
* Fixes issue with outbound google voice calls not working. Thanks to az1234
and nevermind_quack for their input in helping debug the issue.
(Closes issue #18412. Reported by nevermind_quack. Patched by dvossel)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.2
Asterisk 1.6.2.16 Now Available
Il giorno 14 gennaio, il Team di Sviluppo di Asterisk ha annunciato il rilascio della versione Asterisk 1.6.2.16
Dal post originale:
The following is a sample of the issues resolved in this release:
* Fix cache of device state changes for multiple servers.
(Closes issue #18284, #18280. Reported, tested by klaus3000. Patched, tested
by russellb)
* Resolve issue where channel redirect function (CLI or AMI) hangs up the call
instead of redirecting the call.
(Closes issue #18171. Reported by: SantaFox)
(Closes issue #18185. Reported by: kwemheuer)
(Closes issue #18211. Reported by: zahir_koradia)
(Closes issue #18230. Reported by: vmarrone)
(Closes issue #18299. Reported by: mbrevda)
(Closes issue #18322. Reported by: nerbos)
* Linux and *BSD disagree on the elements within the ucred structure. Detect
which one is in use on the system.
(Closes issue #18384. Reported, patched, tested by bjm, tilghman)
* app_followme: Don't create a Local channel if the target extension does not
exist.
(Closes issue #18126. Reported, patched by junky)
* Revert code that changed SSRC for DTMF.
(Closes issue #17404, #18189, #18352. Reported by sdolloff, marcbou. rsw686.
Tested by cmbaker82)
* Resolve issue where REGISTER request with a Call-ID matching an existing
transaction is received it was possible that the REGISTER request would
overwrite the initreq of the private structure.
(Closes issue #18051. Reported by eeman. Patched, tested by twilson)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.16