ASTERWEB Blog

13Apr/17Off

ISSABEL, il fork di Elastix per mantenere le versioni 2.5 e 4

ISSABEL è stato creato da diverse società con l'intento di mantenere, aggiornare e supportare tutti gli utenti di Elastix 2.5. e 4.

Questo il link del progetto: ISSABEL

ISSABEL, il fork di Elastix per mantenere le versioni 2.5 e 4

13Apr/17Off

OpenELX, il fork di Elastix per mantenere la versione 2.5

OpenELX - fork di Elastix per v. 2.5

OpenELX - fork di Elastix per v. 2.5

OpenELX è stato creato da diverse società con l'intento di mantenere, aggiornare e supportare tutti gli utenti di Elastix 2.5.

Questo il link del progetto: OpenELX

10Apr/17Off

Rilasciato Asterisk 14.4.0

Il giorno 7 aprile 2017, il Team di Sviluppo di Asterisk ha annunciato il rilascio di Asterisk 14.4.0.

Dal post originale:

The release of Asterisk 14.4.0 resolves several issues reported by the
community and would have not been possible without your participation.

*Thank you!*

The following issues are resolved in this release:

*New Features made in this release:*
-----------------------------------
- [ASTERISK-26878 ]
- func_channel: Add ability to get the callid so dialplan has access to it.
(Reported by Richard Mudgett)
- [ASTERISK-26863 ]
- res_pjsip: Add endpoint identification scheme based on a configured SIP
header/value
(Reported by Matt Jordan)
- [ASTERISK-17428 ]
- [patch] Allow "Comedian Mail" branding to be removed
(Reported by John Covert)

*Bugs fixed in this release:*
-----------------------------------
- [ASTERISK-26851 ]
- res_pjsip_sdp_rtp: RTP instance does not use same IP as explicit transport
(Reported by Richard Begg)
- [ASTERISK-26897 ]
- chan_sip: Security vulnerability with client code header
(Reported by Alex Villacís Lasso)
- [ASTERISK-26916 ]
- res_pjsip: Excessive refcount reached on transport ao2 object
(Reported by Ross Beer)
- [ASTERISK-26705 ]
- libasteriskssl.so not found when asterisk is installed for the 1st time
(Reported by George Joseph)
- [ASTERISK-26850 ]
- res_hep_pjsip: Asterisk insert wrong protocol name in "Protocol ID" field
in HEP packets
(Reported by Max Norba)
- [ASTERISK-26484 ]
- res_pjsip_messaging: Crash when using invalid URI in MessageSend 'from'
argument.
(Reported by Vinod Dharashive)
- [ASTERISK-26776 ]
- res_pjsip_pubsub: Crash when generating xpidf content
(Reported by Andrew Green)
- [ASTERISK-26880 ]
- Asterisk crashes when multiple speex users join confbridge with pp_vad
and dtx enabled
(Reported by Kirsty Tyerman)
- [ASTERISK-26862 ]
- app_queue: Queue stops calling members with local interface after
forwarding in previous call
(Reported by Robert Mordec)
- [ASTERISK-26732 ]
- res_rtp_asterisk: Implement RTCP Multiplexing - breaking WebRTC in Chrome
(Reported by Dan Jenkins)
- [ASTERISK-26879 ]
- PJSIP external_media_address ignored if no local_net options are provided
(Reported by Matt Jordan)
- [ASTERISK-26867 ]
- autochan: Locking in a function ast_autochan_destroy() on destroyed
channel (after masquerade).
(Reported by Krzysztof Trempala)
- [ASTERISK-26869 ]
- res_pjsip_refer: blind call transfer w/o a user name doesn't go to the s
extension
(Reported by Torrey Searle)
- [ASTERISK-26668 ]
- core: Malformed pattern matching extension (various factors) results in
crash
(Reported by xrobau)
- [ASTERISK-26865 ]
- chan_iax2: Reload of iax peer results in loss of host address/port
(Reported by Richard Begg)
- [ASTERISK-26872 ]
- Bundled pjproject fails to build when tarball downloaded with curl due to
md5 verification failure in Docker containers (or when there is no terminal)
(Reported by Matt Jordan)
- [ASTERISK-26717 ]
- Document the fact that Asterisk HEP support only works with the PJSIP
channel driver
(Reported by Olivier Krief)
- [ASTERISK-26643 ]
- Extra new line in Device field of DeviceStateChange AMI Event after
restart of Asterisk
(Reported by Roman Bedros)
- [ASTERISK-25237 ]
- stasis_cache.c:845 caching_topic_exec: - misleading ERROR message
(Reported by Smirnov Aleksey)
- [ASTERISK-26857 ]
- chan_pjsip: Dialplan function race condition
(Reported by Joshua Colp)
- [ASTERISK-26841 ]
- chan_sip: Call not cancelled after receiving a 422 response
(Reported by Jean Aunis - Prescom)
- [ASTERISK-26822 ]
- pjsip/cli_commands: pjsip show channelstats shows wrong codec
(Reported by Kevin Harwell)
- [ASTERISK-26353 ]
- res_musiconhold: musiconhold seems to think that the general section is a
class and issues warning
(Reported by Jonathan Harris)
- [ASTERISK-26685 ]
- res_pjsip: Crash when using IPv6 and Transport ws,wss
(Reported by Michael Balen)
- [ASTERISK-24562 ]
- app_voicemail: Cannot set fromstring on a per-mailbox basis
(Reported by Mark Scholten)
- [ASTERISK-26598 ]
- Saynumber is trying to get "and" from "digits/" subfolder
(Reported by Jonathan Harris)
- [ASTERISK-17067 ]
- Long lines in call files cause spurious syntax error
(Reported by Dave Olszewski)
- [ASTERISK-26796 ]
- res_pjsip_transport_websocket: Via header is 'WS' when it should be 'WSS'
(Reported by Jørgen H)
- [ASTERISK-25628 ]
- res_config_pgsql: should match the behavior of other drivers so that
queue_log can disable adaptive logging
(Reported by Dmitry Wagin)
- [ASTERISK-26774 ]
- core: Playback URL fails after some time
(Reported by Igor Gamayunov)
- [ASTERISK-26825 ]
- pjsip.conf.sample: user_agent: still refers to branch 12
(Reported by Tzafrir Cohen)
- [ASTERISK-26823 ]
- PJSIP: Persistent subscriptions can cause FRACKs if endpoint does not
exist
(Reported by Mark Michelson)
- [ASTERISK-26623 ]
- res_pjsip: Crash when calling PJSIPShowEndpoint
(Reported by Jørgen H)
- [ASTERISK-26808 ]
- res_pjsip_outbound_registration doesn't know about network change events
(Reported by George Joseph)
- [ASTERISK-26781 ]
- bridge: Passing the 'p' (play tone) flag to Bridge() application results
in garbled audio
(Reported by Sean Bright)
- [ASTERISK-26782 ]
- res_pjsip: URI requirement for fields is not consistently documented and
error does not provide indication
(Reported by Peter Sokolov)
- [ASTERISK-26812 ]
- [patch] Fix download_externals To Allow The Use Of curl Or wget
(Reported by Michael L. Young)
- [ASTERISK-18271 ]
- Pattern matching with res_config_mysql extensions does not behave as
expected
(Reported by Charlie Smurthwaite)
- [ASTERISK-26669 ]
- PJSIP Segfault 13.13.1 (Bundled PJSIP)
(Reported by Nic Colledge)
- [ASTERISK-18731 ]
- [patch] DUNDi weight parameter not processed correctly
(Reported by Peter Racz)
- [ASTERISK-26799 ]
- res_pjsip: Using an auth object for inbound and outbound authentication
fails.
(Reported by Richard Mudgett)
- [ASTERISK-26738 ]
- Frequent segfaults since activation of DNS SRV, in
pjsip_auth_clt_reinit_req at /pjsip/sip_auth_client.c, and
pj_atomic_inc_and_get at pj/os_core_unix.c
(Reported by Michael Maier)
- [ASTERISK-25893 ]
- Function vmauthenticate accesses uninitialized memory
(Reported by Filip Jenicek)
- [ASTERISK-26580 ]
- [patch] Error during LDAP modify action when user unregisters
(Reported by Nicholas John Koch)
- [ASTERISK-26802 ]
- [patch] Integrity Check Of PJSIP Download Fails
(Reported by Michael L. Young)
- [ASTERISK-15858 ]
- [patch] Fix query with double backslash in string literals and stop log
warnings
(Reported by Humberto Figuera)
- [ASTERISK-26057 ]
- res_config_sqlite3 uses incorrect query - unnecessary escape
(Reported by Stepan)
- [ASTERISK-23457 ]
- SQlite3: Realtime queue loading fails after PRAGMA query result
(Reported by Scott Griepentrog)
- [ASTERISK-26794 ]
- http: Crash on Reload Only in ast_tcptls_server_start
(Reported by Joshua Elson)
- [ASTERISK-26714 ]
- Phone default have not ringing on ARM
(Reported by Igor Goncharovsky)
- [ASTERISK-26696 ]
- pjsip_pubsub: PJSIP Subscription Persistence in AstDB Does not update on
subscription refresh
(Reported by Zach R)
- [ASTERISK-26756 ]
- res_pjsip_mwi: Asterisk does not terminate MWI subscription
(Reported by Carl Fortin)
- [ASTERISK-26109 ]
- Asterisk fails building with OpenSSL 1.1.0
(Reported by Tzafrir Cohen)
- [ASTERISK-26723 ]
- VoiceMailPlayMsg not playing messages via realtime
(Reported by Ryan Rittgarn)
- [ASTERISK-18286 ]
- [patch] 'Silence' is truncated in Record()
(Reported by var)
- [ASTERISK-26248 ]
- chan_pjsip: Error when calling PJSIP client with domain specified
(Reported by Norbert Varga)
- [ASTERISK-26788 ]
- core: Protect flags during ast_waitfor
(Reported by Joshua Colp)
- [ASTERISK-26115 ]
- pbx: AMI Originate ignore "failed" extension on call failure
(Reported by Nasir Iqbal)
- [ASTERISK-26785 ]
- configs/samples: The 'identify' entry is in the wrong section in
sorcery.conf.sample
(Reported by Torrey Searle)
- [ASTERISK-26772 ]
- Crash in srv.c on startup with pjsip
(Reported by nappsoft)
- [ASTERISK-26770 ]
- res_stasis_device_state: Duplicate subscriptions when multiple received
at same time
(Reported by Joshua Colp)

*Improvements made in this release:*
-----------------------------------
- [ASTERISK-26864 ]
- res_pjsip_session: Add support for overlap dialling
(Reported by Richard Begg)
- [ASTERISK-26846 ]
- chan_sip: Add rtcp-mux support
(Reported by Sean Bright)

For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-14.4.0

10Apr/17Off

Rilasciato Asterisk 13.15.0

Il giorno 7 aprile 2017, il Team di Sviluppo di Asterisk ha annunciato il rilascio di Asterisk 13.15.0.

Dal post originale:

The release of Asterisk 13.15.0 resolves several issues reported by the community and would have not been possible without your participation.

*Thank you!*

The following issues are resolved in this release:

*New Features made in this release:*
-----------------------------------
- [ASTERISK-26878 ]
- func_channel: Add ability to get the callid so dialplan has access to it.
(Reported by Richard Mudgett)
- [ASTERISK-26863 ]
- res_pjsip: Add endpoint identification scheme based on a configured SIP
header/value
(Reported by Matt Jordan)
- [ASTERISK-17428 ]
- [patch] Allow "Comedian Mail" branding to be removed
(Reported by John Covert)

*Bugs fixed in this release:*
-----------------------------------
- [ASTERISK-26851 ]
- res_pjsip_sdp_rtp: RTP instance does not use same IP as explicit transport
(Reported by Richard Begg)
- [ASTERISK-26897 ]
- chan_sip: Security vulnerability with client code header
(Reported by Alex Villacís Lasso)
- [ASTERISK-26916 ]
- res_pjsip: Excessive refcount reached on transport ao2 object
(Reported by Ross Beer)
- [ASTERISK-26705 ]
- libasteriskssl.so not found when asterisk is installed for the 1st time
(Reported by George Joseph)
- [ASTERISK-26850 ]
- res_hep_pjsip: Asterisk insert wrong protocol name in "Protocol ID" field
in HEP packets
(Reported by Max Norba)
- [ASTERISK-26484 ]
- res_pjsip_messaging: Crash when using invalid URI in MessageSend 'from'
argument.
(Reported by Vinod Dharashive)
- [ASTERISK-26776 ]
- res_pjsip_pubsub: Crash when generating xpidf content
(Reported by Andrew Green)
- [ASTERISK-26880 ]
- Asterisk crashes when multiple speex users join confbridge with pp_vad
and dtx enabled
(Reported by Kirsty Tyerman)
- [ASTERISK-26862 ]
- app_queue: Queue stops calling members with local interface after
forwarding in previous call
(Reported by Robert Mordec)
- [ASTERISK-26732 ]
- res_rtp_asterisk: Implement RTCP Multiplexing - breaking WebRTC in Chrome
(Reported by Dan Jenkins)
- [ASTERISK-26879 ]
- PJSIP external_media_address ignored if no local_net options are provided
(Reported by Matt Jordan)
- [ASTERISK-26867 ]
- autochan: Locking in a function ast_autochan_destroy() on destroyed
channel (after masquerade).
(Reported by Krzysztof Trempala)
- [ASTERISK-26869 ]
- res_pjsip_refer: blind call transfer w/o a user name doesn't go to the s
extension
(Reported by Torrey Searle)
- [ASTERISK-26668 ]
- core: Malformed pattern matching extension (various factors) results in
crash
(Reported by xrobau)
- [ASTERISK-26865 ]
- chan_iax2: Reload of iax peer results in loss of host address/port
(Reported by Richard Begg)
- [ASTERISK-26872 ]
- Bundled pjproject fails to build when tarball downloaded with curl due to
md5 verification failure in Docker containers (or when there is no terminal)
(Reported by Matt Jordan)
- [ASTERISK-26717 ]
- Document the fact that Asterisk HEP support only works with the PJSIP
channel driver
(Reported by Olivier Krief)
- [ASTERISK-26643 ]
- Extra new line in Device field of DeviceStateChange AMI Event after
restart of Asterisk
(Reported by Roman Bedros)
- [ASTERISK-25237 ]
- stasis_cache.c:845 caching_topic_exec: - misleading ERROR message
(Reported by Smirnov Aleksey)
- [ASTERISK-26857 ]
- chan_pjsip: Dialplan function race condition
(Reported by Joshua Colp)
- [ASTERISK-26841 ]
- chan_sip: Call not cancelled after receiving a 422 response
(Reported by Jean Aunis - Prescom)
- [ASTERISK-26822 ]
- pjsip/cli_commands: pjsip show channelstats shows wrong codec
(Reported by Kevin Harwell)
- [ASTERISK-26685 ]
- res_pjsip: Crash when using IPv6 and Transport ws,wss
(Reported by Michael Balen)
- [ASTERISK-24562 ]
- app_voicemail: Cannot set fromstring on a per-mailbox basis
(Reported by Mark Scholten)
- [ASTERISK-26598 ]
- Saynumber is trying to get "and" from "digits/" subfolder
(Reported by Jonathan Harris)
- [ASTERISK-17067 ]
- Long lines in call files cause spurious syntax error
(Reported by Dave Olszewski)
- [ASTERISK-26796 ]
- res_pjsip_transport_websocket: Via header is 'WS' when it should be 'WSS'
(Reported by Jørgen H)
- [ASTERISK-25628 ]
- res_config_pgsql: should match the behavior of other drivers so that
queue_log can disable adaptive logging
(Reported by Dmitry Wagin)
- [ASTERISK-26825 ]
- pjsip.conf.sample: user_agent: still refers to branch 12
(Reported by Tzafrir Cohen)
- [ASTERISK-26823 ]
- PJSIP: Persistent subscriptions can cause FRACKs if endpoint does not
exist
(Reported by Mark Michelson)
- [ASTERISK-26623 ]
- res_pjsip: Crash when calling PJSIPShowEndpoint
(Reported by Jørgen H)
- [ASTERISK-26808 ]
- res_pjsip_outbound_registration doesn't know about network change events
(Reported by George Joseph)
- [ASTERISK-26313 ]
- chan_sip : Asterisk restart seems to be required for changing encryption
option
(Reported by benasse)
- [ASTERISK-26781 ]
- bridge: Passing the 'p' (play tone) flag to Bridge() application results
in garbled audio
(Reported by Sean Bright)
- [ASTERISK-26782 ]
- res_pjsip: URI requirement for fields is not consistently documented and
error does not provide indication
(Reported by Peter Sokolov)
- [ASTERISK-26812 ]
- [patch] Fix download_externals To Allow The Use Of curl Or wget
(Reported by Michael L. Young)
- [ASTERISK-18271 ]
- Pattern matching with res_config_mysql extensions does not behave as
expected
(Reported by Charlie Smurthwaite)
- [ASTERISK-26669 ]
- PJSIP Segfault 13.13.1 (Bundled PJSIP)
(Reported by Nic Colledge)
- [ASTERISK-18731 ]
- [patch] DUNDi weight parameter not processed correctly
(Reported by Peter Racz)
- [ASTERISK-26580 ]
- [patch] Error during LDAP modify action when user unregisters
(Reported by Nicholas John Koch)
- [ASTERISK-26799 ]
- res_pjsip: Using an auth object for inbound and outbound authentication
fails.
(Reported by Richard Mudgett)
- [ASTERISK-26738 ]
- Frequent segfaults since activation of DNS SRV, in
pjsip_auth_clt_reinit_req at /pjsip/sip_auth_client.c, and
pj_atomic_inc_and_get at pj/os_core_unix.c
(Reported by Michael Maier)
- [ASTERISK-25893 ]
- Function vmauthenticate accesses uninitialized memory
(Reported by Filip Jenicek)
- [ASTERISK-26802 ]
- [patch] Integrity Check Of PJSIP Download Fails
(Reported by Michael L. Young)
- [ASTERISK-15858 ]
- [patch] Fix query with double backslash in string literals and stop log
warnings
(Reported by Humberto Figuera)
- [ASTERISK-26057 ]
- res_config_sqlite3 uses incorrect query - unnecessary escape
(Reported by Stepan)
- [ASTERISK-23457 ]
- SQlite3: Realtime queue loading fails after PRAGMA query result
(Reported by Scott Griepentrog)
- [ASTERISK-26794 ]
- http: Crash on Reload Only in ast_tcptls_server_start
(Reported by Joshua Elson)
- [ASTERISK-26714 ]
- Phone default have not ringing on ARM
(Reported by Igor Goncharovsky)
- [ASTERISK-26696 ]
- pjsip_pubsub: PJSIP Subscription Persistence in AstDB Does not update on
subscription refresh
(Reported by Zach R)
- [ASTERISK-26756 ]
- res_pjsip_mwi: Asterisk does not terminate MWI subscription
(Reported by Carl Fortin)
- [ASTERISK-26109 ]
- Asterisk fails building with OpenSSL 1.1.0
(Reported by Tzafrir Cohen)
- [ASTERISK-26723 ]
- VoiceMailPlayMsg not playing messages via realtime
(Reported by Ryan Rittgarn)
- [ASTERISK-18286 ]
- [patch] 'Silence' is truncated in Record()
(Reported by var)
- [ASTERISK-26248 ]
- chan_pjsip: Error when calling PJSIP client with domain specified
(Reported by Norbert Varga)
- [ASTERISK-26788 ]
- core: Protect flags during ast_waitfor
(Reported by Joshua Colp)
- [ASTERISK-26115 ]
- pbx: AMI Originate ignore "failed" extension on call failure
(Reported by Nasir Iqbal)
- [ASTERISK-26785 ]
- configs/samples: The 'identify' entry is in the wrong section in
sorcery.conf.sample
(Reported by Torrey Searle)
- [ASTERISK-26772 ]
- Crash in srv.c on startup with pjsip
(Reported by nappsoft)
- [ASTERISK-26770 ]
- res_stasis_device_state: Duplicate subscriptions when multiple received
at same time
(Reported by Joshua Colp)

*Improvements made in this release:*
-----------------------------------
- [ASTERISK-26864 ]
- res_pjsip_session: Add support for overlap dialling
(Reported by Richard Begg)
- [ASTERISK-26846 ]
- chan_sip: Add rtcp-mux support
(Reported by Sean Bright)

For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-13.15.0

7Apr/17Off

AST-2017-001: Buffer overflow in CDR’s set user

               Asterisk Project Security Advisory - AST-2017-001

         Product        Asterisk                                              
         Summary        Buffer overflow in CDR's set user                     
    Nature of Advisory  Buffer Overflow                                       
      Susceptibility    Remote Authenticated Sessions                         
         Severity       Moderate                                              
      Exploits Known    No                                                    
       Reported On      March 27, 2017                                        
       Reported By      Alex Villacis Lasso                                   
        Posted On       
     Last Updated On    April 4, 2017                                         
     Advisory Contact   kharwell AT digium DOT com                            
         CVE Name       

    Description  No size checking is done when setting the user field on a    
                 CDR. Thus, it is possible for someone to use an arbitrarily  
                 large string and write past the end of the user field        
                 storage buffer. This allows the possibility of remote code   
                 injection.                                                   
                                                                              
                 This currently affects any system using CDR's that also      
                 make use of the following:                                   
                                                                              
                 * The 'X-ClientCode' header within a SIP INFO message when   
                 using chan_sip and                                           
                                                                              
                 the 'useclientcode' option is enabled (note, it's disabled   
                 by default).                                                 
                                                                              
                 * The CDR dialplan function executed from AMI when setting   
                 the user field.                                              
                                                                              
                 * The AMI Monitor action when using a long file name/path.   

    Resolution  The CDR engine now only copies up to the maximum allowed      
                characters into the user field. Any characters outside the    
                maximum are truncated.                                        

                               Affected Versions       
                         Product                       Release  
                                                       Series   
                  Asterisk Open Source                  13.x    All Releases  
                  Asterisk Open Source                  14.x    All Releases  
                   Certified Asterisk                   13.13   All Releases  

                                  Corrected In                
                            Product                              Release      
                      Asterisk Open Source                    13.14.1,14.3.1  
                       Certified Asterisk                      13.13-cert3    

                                     Patches                          
                                SVN URL                               Revision  
   http://downloads.asterisk.org/pub/security/AST-2017-001-13.diff    Asterisk  
                                                                      13        
   http://downloads.asterisk.org/pub/security/AST-2017-001-14.diff    Asterisk  
                                                                      14        
   http://downloads.asterisk.org/pub/security/AST-2017-001-13.13.diff Certified 
                                                                      Asterisk  
                                                                      13.13     

    Links  https://issues.asterisk.org/jira/browse/ASTERISK-26897             

    Asterisk Project Security Advisories are posted at                        
    http://www.asterisk.org/security                                          
                                                                              
    This document may be superseded by later versions; if so, the latest      
    version will be posted at                                                 
    http://downloads.digium.com/pub/security/AST-2017-001.pdf and             
    http://downloads.digium.com/pub/security/AST-2017-001.html                

                                Revision History
         Date           Editor                   Revisions Made               
    March, 27, 2017  Kevin Harwell  Initial Revision                          

               Asterisk Project Security Advisory - AST-2017-001
               Copyright © 2017 Digium, Inc. All Rights Reserved.
  Permission is hereby granted to distribute and publish this advisory in its
                           original, unaltered form.

25Mar/17Off

Rilasciato Asterisk 14.4.0-rc1

Il giorno 23 marzo 2017, il Team di Sviluppo di Asterisk ha annunciato il rilascio di Asterisk 14.4.0-rc1.

Dal post originale:

The release of Asterisk 14.4.0-rc1 resolves several issues reported by the community and would have not been possible without your participation.
Thank you!

The following are the issues resolved in this release:

New Features made in this release:
-----------------------------------
* ASTERISK-26878 - func_channel: Add ability to get the callid so dialplan has access to it. (Reported by Richard Mudgett)
* ASTERISK-26863 - res_pjsip: Add endpoint identification scheme based on a configured SIP header/value (Reported by Matt Jordan)
* ASTERISK-17428 - [patch] Allow "Comedian Mail" branding to be removed (Reported by John Covert)

Bugs fixed in this release:
-----------------------------------
* ASTERISK-26850 - res_hep_pjsip: Asterisk insert wrong protocol name in "Protocol ID" field in HEP packets (Reported by Max Norba)
* ASTERISK-26484 - res_pjsip_messaging: Crash when using invalid URI in MessageSend 'from' argument. (Reported by Vinod Dharashive)
* ASTERISK-26776 - res_pjsip_pubsub: Crash when generating xpidf content (Reported by Andrew Green)
* ASTERISK-26880 - Asterisk crashes when multiple speex users join confbridge with pp_vad and dtx enabled (Reported by Kirsty Tyerman)
* ASTERISK-26862 - app_queue: Queue stops calling members with local interface after forwarding in previous call (Reported by Robert Mordec)
* ASTERISK-26732 - res_rtp_asterisk: Implement RTCP Multiplexing - breaking WebRTC in Chrome (Reported by Dan Jenkins)
* ASTERISK-26879 - PJSIP external_media_address ignored if no local_net options are provided (Reported by Matt Jordan)
* ASTERISK-26851 - res_pjsip_sdp_rtp: RTP instance does not use same IP as explicit transport (Reported by Richard Begg)
* ASTERISK-26867 - autochan: Locking in a function ast_autochan_destroy() on destroyed channel (after masquerade). (Reported by Krzysztof Trempala)
* ASTERISK-26869 - res_pjsip_refer: blind call transfer w/o a user name doesn't go to the s extension (Reported by Torrey Searle)
* ASTERISK-26668 - core: Malformed pattern matching extension (various factors) results in crash (Reported by xrobau)
* ASTERISK-26865 - chan_iax2: Reload of iax peer results in loss of host address/port (Reported by Richard Begg)
* ASTERISK-26872 - Bundled pjproject fails to build when tarball downloaded with curl due to md5 verification failure in Docker containers (or when there is no terminal) (Reported by Matt Jordan)
* ASTERISK-26717 - Document the fact that Asterisk HEP support only works with the PJSIP channel driver (Reported by Olivier Krief)
* ASTERISK-26643 - Extra new line in Device field of DeviceStateChange AMI Event after restart of Asterisk (Reported by Roman Bedros)
* ASTERISK-25237 - stasis_cache.c:845 caching_topic_exec: - misleading ERROR message (Reported by Smirnov Aleksey)
* ASTERISK-26857 - chan_pjsip: Dialplan function race condition (Reported by Joshua Colp)
* ASTERISK-26841 - chan_sip: Call not cancelled after receiving a 422 response (Reported by Jean Aunis - Prescom)
* ASTERISK-26822 - pjsip/cli_commands: pjsip show channelstats shows wrong codec (Reported by Kevin Harwell)
* ASTERISK-26353 - res_musiconhold: musiconhold seems to think that the general section is a class and issues warning (Reported by Jonathan Harris)
* ASTERISK-26685 - res_pjsip: Crash when using IPv6 and Transport ws,wss (Reported by Michael Balen)
* ASTERISK-24562 - app_voicemail: Cannot set fromstring on a per-mailbox basis (Reported by Mark Scholten)
* ASTERISK-26598 - Saynumber is trying to get "and" from "digits/" subfolder (Reported by Jonathan Harris)
* ASTERISK-17067 - Long lines in call files cause spurious syntax error (Reported by Dave Olszewski)
* ASTERISK-26796 - res_pjsip_transport_websocket: Via header is 'WS' when it should be 'WSS' (Reported by Jørgen H)
* ASTERISK-25628 - res_config_pgsql: should match the behavior of other drivers so that queue_log can disable adaptive logging (Reported by Dmitry Wagin)
* ASTERISK-26774 - core: Playback URL fails after some time (Reported by Igor Gamayunov)
* ASTERISK-26825 - pjsip.conf.sample: user_agent: still refers to branch 12 (Reported by Tzafrir Cohen)
* ASTERISK-26823 - PJSIP: Persistent subscriptions can cause FRACKs if endpoint does not exist (Reported by Mark Michelson)
* ASTERISK-26623 - res_pjsip: Crash when calling PJSIPShowEndpoint (Reported by Jørgen H)
* ASTERISK-26808 - res_pjsip_outbound_registration doesn't know about network change events (Reported by George Joseph)
* ASTERISK-26705 - libasteriskssl.so not found when asterisk is installed for the 1st time (Reported by George Joseph)
* ASTERISK-26781 - bridge: Passing the 'p' (play tone) flag to Bridge() application results in garbled audio (Reported by Sean Bright)
* ASTERISK-26782 - res_pjsip: URI requirement for fields is not consistently documented and error does not provide indication (Reported by Peter Sokolov)
* ASTERISK-26812 - [patch] Fix download_externals To Allow The Use Of curl Or wget (Reported by Michael L. Young)
* ASTERISK-18271 - Pattern matching with res_config_mysql extensions does not behave as expected (Reported by Charlie Smurthwaite)
* ASTERISK-26669 - PJSIP Segfault 13.13.1 (Bundled PJSIP) (Reported by Nic Colledge)
* ASTERISK-18731 - [patch] DUNDi weight parameter not processed correctly (Reported by Peter Racz)
* ASTERISK-26799 - res_pjsip: Using an auth object for inbound and outbound authentication fails. (Reported by Richard Mudgett)
* ASTERISK-26738 - Frequent segfaults since activation of DNS SRV, in pjsip_auth_clt_reinit_req at /pjsip/sip_auth_client.c, and pj_atomic_inc_and_get at pj/os_core_unix.c (Reported by Michael Maier)
* ASTERISK-25893 - Function vmauthenticate accesses uninitialized memory (Reported by Filip Jenicek)
* ASTERISK-26580 - [patch] Error during LDAP modify action when user unregisters (Reported by Nicholas John Koch)
* ASTERISK-26802 - [patch] Integrity Check Of PJSIP Download Fails (Reported by Michael L. Young)
* ASTERISK-15858 - [patch] Fix query with double backslash in string literals and stop log warnings (Reported by Humberto Figuera)
* ASTERISK-26057 - res_config_sqlite3 uses incorrect query - unnecessary escape (Reported by Stepan)
* ASTERISK-23457 - SQlite3: Realtime queue loading fails after PRAGMA query result (Reported by Scott Griepentrog)
* ASTERISK-26794 - http: Crash on Reload Only in ast_tcptls_server_start (Reported by Joshua Elson)
* ASTERISK-26714 - Phone default have not ringing on ARM (Reported by Igor Goncharovsky)
* ASTERISK-26696 - pjsip_pubsub: PJSIP Subscription Persistence in AstDB Does not update on subscription refresh (Reported by Zach R)
* ASTERISK-26756 - res_pjsip_mwi: Asterisk does not terminate MWI subscription (Reported by Carl Fortin)
* ASTERISK-26109 - Asterisk fails building with OpenSSL 1.1.0 (Reported by Tzafrir Cohen)
* ASTERISK-26723 - VoiceMailPlayMsg not playing messages via realtime (Reported by Ryan Rittgarn)
* ASTERISK-18286 - [patch] 'Silence' is truncated in Record() (Reported by var)
* ASTERISK-26248 - chan_pjsip: Error when calling PJSIP client with domain specified (Reported by Norbert Varga)
* ASTERISK-26788 - core: Protect flags during ast_waitfor (Reported by Joshua Colp)
* ASTERISK-26115 - pbx: AMI Originate ignore "failed" extension on call failure (Reported by Nasir Iqbal)
* ASTERISK-26785 - configs/samples: The 'identify' entry is in the wrong section in sorcery.conf.sample (Reported by Torrey Searle)
* ASTERISK-26772 - Crash in srv.c on startup with pjsip (Reported by nappsoft)
* ASTERISK-26770 - res_stasis_device_state: Duplicate subscriptions when multiple received at same time (Reported by Joshua Colp)

Improvements made in this release:
-----------------------------------
* ASTERISK-26864 - res_pjsip_session: Add support for overlap dialling (Reported by Richard Begg)
* ASTERISK-26846 - chan_sip: Add rtcp-mux support (Reported by Sean Bright)

For a full list of changes in this release, please see the ChangeLog:

http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-14.4.0-rc1

25Mar/17Off

Rilasciato Asterisk 13.15.0-rc1

Il giorno 23 marzo 2017, il Team di Sviluppo di Asterisk ha annunciato il rilascio di Asterisk 13.15.0-rc1.

Dal post originale:

he release of Asterisk 13.15.0-rc1 resolves several issues reported by the community and would have not been possible without your participation.
Thank you!

The following are the issues resolved in this release:

New Features made in this release:
-----------------------------------
* ASTERISK-26878 - func_channel: Add ability to get the callid so dialplan has access to it. (Reported by Richard Mudgett)
* ASTERISK-26863 - res_pjsip: Add endpoint identification scheme based on a configured SIP header/value (Reported by Matt Jordan)
* ASTERISK-17428 - [patch] Allow "Comedian Mail" branding to be removed (Reported by John Covert)

Bugs fixed in this release:
-----------------------------------
* ASTERISK-26850 - res_hep_pjsip: Asterisk insert wrong protocol name in "Protocol ID" field in HEP packets (Reported by Max Norba)
* ASTERISK-26484 - res_pjsip_messaging: Crash when using invalid URI in MessageSend 'from' argument. (Reported by Vinod Dharashive)
* ASTERISK-26776 - res_pjsip_pubsub: Crash when generating xpidf content (Reported by Andrew Green)
* ASTERISK-26880 - Asterisk crashes when multiple speex users join confbridge with pp_vad and dtx enabled (Reported by Kirsty Tyerman)
* ASTERISK-26862 - app_queue: Queue stops calling members with local interface after forwarding in previous call (Reported by Robert Mordec)
* ASTERISK-26732 - res_rtp_asterisk: Implement RTCP Multiplexing - breaking WebRTC in Chrome (Reported by Dan Jenkins)
* ASTERISK-26879 - PJSIP external_media_address ignored if no local_net options are provided (Reported by Matt Jordan)
* ASTERISK-26851 - res_pjsip_sdp_rtp: RTP instance does not use same IP as explicit transport (Reported by Richard Begg)
* ASTERISK-26867 - autochan: Locking in a function ast_autochan_destroy() on destroyed channel (after masquerade). (Reported by Krzysztof Trempala)
* ASTERISK-26869 - res_pjsip_refer: blind call transfer w/o a user name doesn't go to the s extension (Reported by Torrey Searle)
* ASTERISK-26668 - core: Malformed pattern matching extension (various factors) results in crash (Reported by xrobau)
* ASTERISK-26865 - chan_iax2: Reload of iax peer results in loss of host address/port (Reported by Richard Begg)
* ASTERISK-26872 - Bundled pjproject fails to build when tarball downloaded with curl due to md5 verification failure in Docker containers (or when there is no terminal) (Reported by Matt Jordan)
* ASTERISK-26717 - Document the fact that Asterisk HEP support only works with the PJSIP channel driver (Reported by Olivier Krief)
* ASTERISK-26643 - Extra new line in Device field of DeviceStateChange AMI Event after restart of Asterisk (Reported by Roman Bedros)
* ASTERISK-25237 - stasis_cache.c:845 caching_topic_exec: - misleading ERROR message (Reported by Smirnov Aleksey)
* ASTERISK-26857 - chan_pjsip: Dialplan function race condition (Reported by Joshua Colp)
* ASTERISK-26841 - chan_sip: Call not cancelled after receiving a 422 response (Reported by Jean Aunis - Prescom)
* ASTERISK-26822 - pjsip/cli_commands: pjsip show channelstats shows wrong codec (Reported by Kevin Harwell)
* ASTERISK-26685 - res_pjsip: Crash when using IPv6 and Transport ws,wss (Reported by Michael Balen)
* ASTERISK-24562 - app_voicemail: Cannot set fromstring on a per-mailbox basis (Reported by Mark Scholten)
* ASTERISK-26598 - Saynumber is trying to get "and" from "digits/" subfolder (Reported by Jonathan Harris)
* ASTERISK-17067 - Long lines in call files cause spurious syntax error (Reported by Dave Olszewski)
* ASTERISK-26796 - res_pjsip_transport_websocket: Via header is 'WS' when it should be 'WSS' (Reported by Jørgen H)
* ASTERISK-25628 - res_config_pgsql: should match the behavior of other drivers so that queue_log can disable adaptive logging (Reported by Dmitry Wagin)
* ASTERISK-26825 - pjsip.conf.sample: user_agent: still refers to branch 12 (Reported by Tzafrir Cohen)
* ASTERISK-26823 - PJSIP: Persistent subscriptions can cause FRACKs if endpoint does not exist (Reported by Mark Michelson)
* ASTERISK-26623 - res_pjsip: Crash when calling PJSIPShowEndpoint (Reported by Jørgen H)
* ASTERISK-26808 - res_pjsip_outbound_registration doesn't know about network change events (Reported by George Joseph)
* ASTERISK-26313 - chan_sip : Asterisk restart seems to be required for changing encryption option (Reported by benasse)
* ASTERISK-26705 - libasteriskssl.so not found when asterisk is installed for the 1st time (Reported by George Joseph)
* ASTERISK-26781 - bridge: Passing the 'p' (play tone) flag to Bridge() application results in garbled audio (Reported by Sean Bright)
* ASTERISK-26782 - res_pjsip: URI requirement for fields is not consistently documented and error does not provide indication (Reported by Peter Sokolov)
* ASTERISK-26812 - [patch] Fix download_externals To Allow The Use Of curl Or wget (Reported by Michael L. Young)
* ASTERISK-18271 - Pattern matching with res_config_mysql extensions does not behave as expected (Reported by Charlie Smurthwaite)
* ASTERISK-26669 - PJSIP Segfault 13.13.1 (Bundled PJSIP) (Reported by Nic Colledge)
* ASTERISK-18731 - [patch] DUNDi weight parameter not processed correctly (Reported by Peter Racz)
* ASTERISK-26580 - [patch] Error during LDAP modify action when user unregisters (Reported by Nicholas John Koch)
* ASTERISK-26799 - res_pjsip: Using an auth object for inbound and outbound authentication fails. (Reported by Richard Mudgett)
* ASTERISK-26738 - Frequent segfaults since activation of DNS SRV, in pjsip_auth_clt_reinit_req at /pjsip/sip_auth_client.c, and pj_atomic_inc_and_get at pj/os_core_unix.c (Reported by Michael Maier)
* ASTERISK-25893 - Function vmauthenticate accesses uninitialized memory (Reported by Filip Jenicek)
* ASTERISK-26802 - [patch] Integrity Check Of PJSIP Download Fails (Reported by Michael L. Young)
* ASTERISK-15858 - [patch] Fix query with double backslash in string literals and stop log warnings (Reported by Humberto Figuera)
* ASTERISK-26057 - res_config_sqlite3 uses incorrect query - unnecessary escape (Reported by Stepan)
* ASTERISK-23457 - SQlite3: Realtime queue loading fails after PRAGMA query result (Reported by Scott Griepentrog)
* ASTERISK-26794 - http: Crash on Reload Only in ast_tcptls_server_start (Reported by Joshua Elson)
* ASTERISK-26714 - Phone default have not ringing on ARM (Reported by Igor Goncharovsky)
* ASTERISK-26696 - pjsip_pubsub: PJSIP Subscription Persistence in AstDB Does not update on subscription refresh (Reported by Zach R)
* ASTERISK-26756 - res_pjsip_mwi: Asterisk does not terminate MWI subscription (Reported by Carl Fortin)
* ASTERISK-26109 - Asterisk fails building with OpenSSL 1.1.0 (Reported by Tzafrir Cohen)
* ASTERISK-26723 - VoiceMailPlayMsg not playing messages via realtime (Reported by Ryan Rittgarn)
* ASTERISK-18286 - [patch] 'Silence' is truncated in Record() (Reported by var)
* ASTERISK-26248 - chan_pjsip: Error when calling PJSIP client with domain specified (Reported by Norbert Varga)
* ASTERISK-26788 - core: Protect flags during ast_waitfor (Reported by Joshua Colp)
* ASTERISK-26115 - pbx: AMI Originate ignore "failed" extension on call failure (Reported by Nasir Iqbal)
* ASTERISK-26785 - configs/samples: The 'identify' entry is in the wrong section in sorcery.conf.sample (Reported by Torrey Searle)
* ASTERISK-26772 - Crash in srv.c on startup with pjsip (Reported by nappsoft)
* ASTERISK-26770 - res_stasis_device_state: Duplicate subscriptions when multiple received at same time (Reported by Joshua Colp)

Improvements made in this release:
-----------------------------------
* ASTERISK-26864 - res_pjsip_session: Add support for overlap dialling (Reported by Richard Begg)
* ASTERISK-26846 - chan_sip: Add rtcp-mux support (Reported by Sean Bright)

For a full list of changes in this release, please see the ChangeLog:

http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-13.15.0-rc1

3Mar/17Off

Dal 1 gennaio 2017 il codec g. 729 utilizzato per il VoIP è gratuito

logo-asterweb

Dal 1° gennaio 2017, la maggior parte dei brevetti del codec g. 729 sono scaduti; quindi, possiamo dire che il codec g. 729 è gratuito.

Il codec g. 729 è famoso nel mondo del VoIP per diversi motivi primo tra tutti che è uno dei codec con il miglior rapporto qualità/larghezza di banda

SiproLAB, la società responsabile per la gestione delle licenze del g. 729 ha reso pubblico che i brevetti del codec g. 729 non sono più validi.

2Mar/17Off

Rilasciato Kamailio 5.0.0

kamailio-logo-nuovo

Kamailio ha appena presentato (February 27, 2017) la sua ultima versione 5.0 Kamailio, versione che include non solo miglioramenti ma anche nuove funzionalità che lo rendono ancora più "interessante".

In particolare:
- Tutto il codice sorgente è stato ristrutturato.
- Presentazione del nuovo sistema di KEMI - un framework che consente di scrivere le configurazioni in:
-- LUA
-- Python
-- JavaScript
-- linguaggio nativo di Kamailio
- Una unica interfaccia di gestione (interfaccia RPC)

15Feb/17Off

Rilasciato Asterisk 13.14.0

Il giorno 13 febbraio 2017, il Team di Sviluppo di Asterisk ha annunciato il rilascio di Asterisk 13.14.0.

Dal post originale:

The release of Asterisk 13.14.0 resolves several issues reported by the community and would have not been possible without your participation.
Thank you!

The following are the issues resolved in this release:

New Features made in this release:
-----------------------------------
* ASTERISK-26630 - Make logging PJPROJECT messages a bit easier (Reported by Richard Mudgett)

Bugs fixed in this release:
-----------------------------------
* ASTERISK-26772 - Crash in srv.c on startup with pjsip (Reported by nappsoft)
* ASTERISK-26704 - res_odbc.conf contains deprecated configuration: 'pooling', 'shared_connections', 'limit', and
'idlecheck' options were replaced by 'max_connections'. (Reported by Anthony Messina)
* ASTERISK-21094 - MixMonitorMute mutes through stream if already slinear (e.g. Originate) (Reported by David Woolley)
* ASTERISK-26716 - ari: Channels with pre-dial handlers cannot be hung up via ARI (Reported by Tom Pawelek)
* ASTERISK-26632 - core: Possibility of a frame "imbalance" leading to stuck channels. (Reported by Mark ichelson)
* ASTERISK-25951 - res_agi: run_agi eats frames it shouldn't (Reported by George Joseph)
* ASTERISK-26343 - ASTERISK-25951 causes issues for callerid manipulation through agi (Reported by Morten Tryfoss)
* ASTERISK-26679 - Crash on invalid contact domain (pjsip aor) (Reported by Dmitriy)
* ASTERISK-26699 - res_pjsip: Assertion when sending OPTIONS request to endpoint (Reported by Ross Beer)
* ASTERISK-24858 - [patch]Asterisk 13 PJSIP sends RTP packets in wrong byte order on Intel platform when using slin codec (Reported by Frankie Chin)
* ASTERISK-26754 - build_tools: make_build_h does not handle \ in user name (Reported by Kirill Katsnelson)
* ASTERISK-26753 - AMI disconnect causes "ast_careful_fwrite: fwrite() returned error: Broken pipe" (Reported by Kirill Katsnelson)
* ASTERISK-26755 - app_queue: Random queues disappear on "core reload queue all" (Reported by Kirill Katsnelson)
* ASTERISK-26735 - res_pjsip_endpoint_identifier_ip: "srv_lookups" after match in .conf has no effect (Reported by Michael Maier)
* ASTERISK-26693 - res_pjsip_endpoint_identifier_ip: Add support for SRV (Reported by Joshua Colp)
* ASTERISK-26743 - PJPROJECT: Detecting compiled max log level does not work. (Reported by Richard Mudgett)
* ASTERISK-26740 - voicemail API test: uses varlibdir instead of datadir for a sound file (Reported by Tzafrir Cohen)
* ASTERISK-26739 - voicemail API test: confuses expected and actual values (Reported by Tzafrir Cohen)
* ASTERISK-26731 - res_sorcery_memory_cache: memory leak on every sorcery memory cache populate (Reported by Ustinov Artem)
* ASTERISK-26710 - [patch] res_rtp_asterisk: CHANNEL arguments, (rtcp,all_rtt),(rtcp,all_loss),(rtcp,all_jitter) always return 0 (Reported by Aaron An)
* ASTERISK-26672 - Crash when setting remote address on RTP instance (Reported by Richard Mudgett)
* ASTERISK-26670 - [patch] Outgoing SIP-URI Dialing via PJSIP (Reported by Alexander Traud)
* ASTERISK-26691 - Remember SDP negotiation on SIP_CODEC_INBOUND. (Reported by Alexander Traud)
* ASTERISK-26673 - chan_pjsip: Crash when using CHANNEL dialplan function around masquerade (Reported by Joshua Colp)
* ASTERISK-26684 - res_pjsip: Various issues with compact SIP headers (Reported by Joshua Elson)
* ASTERISK-26655 - [patch]pjsip: Transfers Broken with Compact Headers Enabled (Reported by JoshE)
* ASTERISK-26621 - app_queue: Queue application does not ring members with Local interface (Reported by Jonas Kellens)
* ASTERISK-26586 - chan_sip: Segfaults upon reload if client with MWI wasn't registered (Reported by Michael Kuron)
* ASTERISK-25494 - build: GCC 5.1.x catches some new const, array bounds and missing paren issues (Reported by George Joseph)
* ASTERISK-24499 - Need more explicit debug when PJSIP dialstring is invalid (Reported by Rusty Newton)
* ASTERISK-25083 - Message.c: Message channel becomes saturated with frames leading to spammy log messages
Reported by Jonathan Rose)
* ASTERISK-26653 - pjproject_bundled doesn't verify already downloaded tarballs (Reported by George Joseph)
* ASTERISK-26433 - chan_sip: Allows To-tag checks to be bypassed, setting up new calls (Reported by Walter Doekes)
* ASTERISK-26579 - codec_opus: Recursiveness when parsing fmtp line (Reported by Jørgen H)
* ASTERISK-26644 - PJSIPShowRegistrationsInbound just dumps all aors (Reported by George Joseph)
* ASTERISK-26490 - res_pjsip: sends 481 Call/Transaction Does Not Exist when transaction branch parameter contains "_" (Reported by Juris Breicis)
* ASTERISK-26617 - res_rtp_asterisk: Can't bind on systems without IPv6 (Reported by Guido Falsi)
* ASTERISK-24330 - Requirement for 'wss' value in Contact header transport parameter on inbound traffic violates RFC7118 (Reported by Marek Cervenka)
* ASTERISK-26546 - mips64el and x32 - undefined reference to symbol 'dlopen@@GLIBC_2.2' (Reported by Tzafrir Cohen)
* ASTERISK-26566 - res_rtp_asterisk: RTT miscalculation in RTCP (Reported by Hector Royo Concepcion)
* ASTERISK-26604 - chan_sip: sip reload doesn't apply changes to tlscertfile, tlsciphers, etc. (Reported by Michael Kuron)
* ASTERISK-26603 - [patch] chan_pjsip: not switching sending codec to receiving codec when asymmetric_rtp_codec=no (Reported by Alexei Gradinari)
* ASTERISK-26523 - chan_sip: Asterisk 13.12.1 disconnects incoming calls after 2 minutes - rtptimeout behaving badly - regression (Reported by Michael Keuter)
* ASTERISK-26503 - app_voicemail: Asterisk crashes when MailboxExists is used (Reported by Doug Lytle)

Improvements made in this release:
-----------------------------------
* ASTERISK-23828 - pjsip - Need a command to list active SIP subscriptions (Reported by Rusty Newton)
* ASTERISK-26527 - Testsuite: increase timeout to check "core fullybooted wait" up to 30 sec (Reported by Badalian Vyacheslav)
* ASTERISK-26624 - res_calendar_caldav: Add support for gmail (Reported by Eduardo Scudeller Libardi)
* ASTERISK-26562 - app_controlplayback: Transmit Silence on ControlPlayback pause (Reported by Mikheili Dautashvili)

For a full list of changes in this release, please see the ChangeLog:

http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-13.14.0

15Feb/17Off

Rilasciato Asterisk 13.13-cert-1

Il giorno 13 febbraio 2017, il Team di Sviluppo di Asterisk ha annunciato il rilascio di Asterisk 13.13-cert-1.

Dal post originale:

The release of Certified Asterisk 13.13-cert1 resolves several issues reported by the community and would have not been possible without your participation.
Thank you!

The following are the issues resolved in this release:

Improvements made in this release:
-----------------------------------
* ASTERISK-25063 - [patch]add X.509 subject alternative name upport to Asterisk TLS support (Reported by Maciej Szmigiero)
* ASTERISK-26558 - app_queue: add variable to know if the call is not answered after a queue (Reported by scgm11)
* ASTERISK-26176 - chan_sip: Add AccountCode to AMI PeerEntry (Reported by scgm11)
* ASTERISK-26538 - codec_opus: Add sample to configs/samples/codecs.conf.sample (Reported by Kevin Harwell)
* ASTERISK-26488 - ARI: Add 'ari show app', 'ari show apps', and 'ari set debug' CLI commands (Reported by Matt Jordan)
* ASTERISK-26418 - res_rtp_asterisk: Speed up ICE resolution by blacklisting host subnets that are not involved in RTP (Reported by Michael Walton)
* ASTERISK-26409 - codec_opus: Update Asterisk to support the translation codec. (Reported by Kevin Harwell)
* ASTERISK-26289 - Announcer channels in ConfBridges cause inefficiencies (Reported by Mark Michelson)
* ASTERISK-25980 - [patch]res_fax: set FAXMODE variable to let dialplan know what fax transport was used (Reported by Alexei Gradinari)
* ASTERISK-26220 - Add support for noreturn function attributes. (Reported by Corey Farrell)
* ASTERISK-22131 - Update the make dependencies script to pull, build, and install the correct pjproject (Reported by Matt Jordan)
* ASTERISK-25471 - [patch]Add subscribe_context to res_pjsip (Reported by JoshE)
* ASTERISK-26159 - res_hep: enabled by default and information sent to default address (Reported by Ross Beer)
* ASTERISK-26088 - Investigate heavy memory utilization by res_pjsip_pubsub (Reported by Richard Mudgett)
* ASTERISK-26059 - [patch]core: New channel variable FORWARDERNAME (Reported by Alexei Gradinari)
* ASTERISK-26011 - [patch]PJSIP: add "via_addr", "via_port", "call_id" to contacts (Reported by Alexei Gradinari)
* ASTERISK-26055 - [patch]res_pjsip: chatty verbose messages (Reported by Alexei Gradinari)
* ASTERISK-26010 - [patch]func_odbc: single database connection should be optional (Reported by Alexei Gradinari)
* ASTERISK-25994 - [patch]res_pjsip: module load priority (Reported by Alexei Gradinari)
* ASTERISK-25931 - PJSIP: add "reg_server" to contacts. (Reported by Alexei Gradinari)
* ASTERISK-25835 - Authentication using 'Username' field from Digest (Reported by Ross Beer)
* ASTERISK-25930 - PJSIP: disable multi domain to improve realtime performace (Reported by Alexei Gradinari)
* ASTERISK-25865 - Message-Account Missing From PJSIP MWI (Reported by Ross Beer)
* ASTERISK-25444 - [patch]Music On Hold Warning misleading (Reported by Conrad de Wet)

Bugs fixed in this release:
-----------------------------------
* ASTERISK-26716 - ari: Channels with pre-dial handlers cannot be hung up via ARI (Reported by Tom Pawelek)
* ASTERISK-26632 - core: Possibility of a frame "imbalance" leading to stuck channels. (Reported by Mark Michelson)
* ASTERISK-25951 - res_agi: run_agi eats frames it shouldn't (Reported by George Joseph)
* ASTERISK-26343 - ASTERISK-25951 causes issues for callerid manipulation through agi (Reported by Morten Tryfoss)
* ASTERISK-26679 - Crash on invalid contact domain (pjsip aor) (Reported by Dmitriy)
* ASTERISK-26699 - res_pjsip: Assertion when sending OPTIONS request to endpoint (Reported by Ross Beer)
* ASTERISK-26621 - app_queue: Queue application does not ring members with Local interface (Reported by Jonas Kellens)
* ASTERISK-26743 - PJPROJECT: Detecting compiled max log level does not work. (Reported by Richard Mudgett)
* ASTERISK-26673 - chan_pjsip: Crash when using CHANNEL dialplan function around masquerade (Reported by Joshua Colp)
* ASTERISK-26672 - Crash when setting remote address on RTP instance (Reported by Richard Mudgett)
* ASTERISK-25494 - build: GCC 5.1.x catches some new const, array bounds and missing paren issues (Reported by George Joseph)
* ASTERISK-24499 - Need more explicit debug when PJSIP dialstring is invalid (Reported by Rusty Newton)
* ASTERISK-25083 - Message.c: Message channel becomes saturated with frames leading to spammy log messages (Reported by Jonathan Rose)
* ASTERISK-26433 - chan_sip: Allows To-tag checks to be bypassed, setting up new calls (Reported by Walter Doekes)
* ASTERISK-26579 - codec_opus: Recursiveness when parsing fmtp line (Reported by Jørgen H)
* ASTERISK-26644 - PJSIPShowRegistrationsInbound just dumps all aors (Reported by George Joseph)
* ASTERISK-26490 - res_pjsip: sends 481 Call/Transaction Does Not Exist when transaction branch parameter contains "_" (Reported by Juris Breicis)
* ASTERISK-26608 - Compile and link failures on OpenBSD (Reported by snuffy)
* ASTERISK-26520 - codec_opus: Generated fmtp line has no content (Reported by scgm11)
* ASTERISK-26605 - codec_opus: Spammed warning when Opus negotiated but codec_opus not loaded. (Reported by Richard Mudgett)
* ASTERISK-26516 - pjsip: Memory corruption with possible memory leak. (Reported by Richard Mudgett)
* ASTERISK-26592 - Latest libedit (3.1) defaults to unicode and makes asterisk CLI read garbage (Reported by George Joseph)
* ASTERISK-26565 - chan_unistim on 11, 13, 14 placing call on hold temporarily locks up set (Reported by Jason)
* ASTERISK-26575 - testsuite: Need to check PJSIP functionality when res_srtp is not loaded. (Reported by Joshua Colp)
* ASTERISK-24400 - ooh323 sends wrong hangup code (Reported by Dmitry Melekhov)
* ASTERISK-26555 - Multi-party Video: Fix some post Asterisk-11 regressions (Reported by Matt Jordan)
* ASTERISK-26412 - build: Prepare for gcc 6.2 (Reported by George Joseph)
* ASTERISK-26509 - A few non-critical deprecation warnings when building on Ubuntu 16.10 (Reported by Jonathan Harris)
* ASTERISK-26523 - chan_sip: Asterisk 13.12.1 disconnects incoming calls after 2 minutes - rtptimeout behaving badly - regression (Reported by Michael Keuter)
* ASTERISK-26468 - ari: Bridge events stop working after this sequence of ARI calls (Reported by Daniele Pallastrelli)
* ASTERISK-26311 - [patch] rtp_engine: Allow more than 32 dynamic payload types. (Reported by Alexander Traud)
* ASTERISK-26549 - app_dial: When PickupChan() is used some channels may have incorrect device state (Reported by Joshua Colp)
* ASTERISK-26541 - res_pjsip_sdp_rtp: Restrict number of formats to maximum (Reported by Joshua Colp)
* ASTERISK-25070 - Fix FTBFS on Hurd (Reported by Gabriele Giacone)
* ASTERISK-26476 - chan_sip: Incorrect display option "Outbound reg. retry 403" in "sip show settings" (Reported by Sergey Grachev)
* ASTERISK-26537 - AMI: NewConnectedLine event is not documented (Reported by Etienne Lessard)
* ASTERISK-26526 - [UBSAN] vector.h: null pointer can be passed as argument 2 to memcpy (Reported by Badalian Vyacheslav)
* ASTERISK-26524 - astobj2: data_size variable is wasted space when AO2_DEBUG is not enabled. (Reported by Corey Farrell)
* ASTERISK-26344 - Asterisk 13.11.0 + PJSIP crash (Reported by Ian Gilmour)
* ASTERISK-26387 - Asterisk segfaults shortly after starting even with no active calls. (Reported by Harley Peters)
* ASTERISK-26514 - Super Awesome Company: Don't specify transport in pjsip.conf (Reported by Rusty Newton)
* ASTERISK-26513 - tests/channels/pjsip/qualify/auth: Crashing enough to be a nuisance (Reported by Joshua Colp)
* ASTERISK-26510 - pjproject_bundled uses the --strip-components ption of tar which isn't supported in older versions (Reported by George Joseph)
* ASTERISK-22480 - Embedded pjproject: build.mak contains hardcoded full path to version.mak (Reported by Matt Jordan)
* ASTERISK-26307 - res_pjsip_caller_id: Crash on outgoing change (Reported by Bill Brigden)
* ASTERISK-26503 - app_voicemail: Asterisk crashes when MailboxExists is used (Reported by Doug Lytle)
* ASTERISK-26423 - res_pjsip_sdp_rtp: Asymmetric RTP codec can cause audio loss and wonkiness (Reported by Andreas Wetzel)
* ASTERISK-26309 - [patch] res_pjsip: Allow IPv4/IPv6 (Dual Stack) installations. (Reported by Alexander Traud)
* ASTERISK-26421 - Segmentation Fault with ARI originate into mixing bridge with 43 clients (Reported by Andrew Nagy)
* ASTERISK-26444 - 'features show' command in CLI does not return prompt. (Reported by John Kiniston)
* ASTERISK-26482 - [patch] chan_pjsip: segfault on already disconnected session (Reported by Alexei Gradinari)
* ASTERISK-26480 - [patch] CLI: core set debug: Auto-completes File not Module (Reported by Alexander Traud)
* ASTERISK-26356 - menuselect: invalid test for GTK2 (Reported by Tzafrir Cohen)
* ASTERISK-26477 - pjproject: SEGV during SSL operations (Reported by George Joseph)
* ASTERISK-26439 - chan_rtp: Crash when originating (Reported by Kayode)
* ASTERISK-17470 - [patch] - When videosupport=yes, asterisk llows one end peer to send video, even though the other end supports only audio. (Reported by effie mouzeli)
* ASTERISK-26462 - [patch] app_queue: While using queues with realtime, setting back to an empty context doesn't stop the exit key usage (Reported by Leandro Dardini)
* ASTERISK-26416 - pjproject-bundled: configure fails to check for all required utilities (Reported by Corey Farrell)
* ASTERISK-26466 - core: Be forgiving on external callerid that may be flawed so we don't drop events (Reported by Richard Mudgett)
* ASTERISK-26362 - res_config_mysql: Broken after 13.10 (Reported by Carlos Chavez)
* ASTERISK-26446 - app_dial: There's no way to override the hangupcause on unanswered channels (Reported by George Joseph)
* ASTERISK-26457 - [patch] force_rport,auto_comedia: No NAT detection triggered. (Reported by Alexander Traud)
* ASTERISK-26453 - res_pjsip_config_wizard: Memory leak in module_unload (Reported by Badalian Vyacheslav)
* ASTERISK-24311 - Populating database via Alembic fails when using same database for multiple schema sets (Reported by Dafi Ni)
* ASTERISK-26438 - [patch] chan_sip: auto_force_rport: No NAT = No Symmetric Response. (Reported by Alexander Traud)
* ASTERISK-26426 - format_ogg_opus: remove from source (Reported by Kevin Harwell)
* ASTERISK-18232 - Broken REGISTER sent to IPv4 server when bindaddr=[::] (Reported by Jacek)
* ASTERISK-25468 - Deadlock in chan_sip - core show locks shows do_monitor lock (Reported by Barry Flanagan)
* ASTERISK-26397 - manager: PresenceState action crashes Asterisk 14 (Reported by Andrew Nagy)
* ASTERISK-26389 - res_odbc: Clean up pooling options (Reported by Joshua Colp)
* ASTERISK-26359 - [patch] cdr_mysql: fails to use UTC if so instructed (Reported by Tzafrir Cohen)
* ASTERISK-26273 - core: Won't compile when LOW_MEMORY is enabled (Reported by Anthony Messina)
* ASTERISK-26352 - Astcanary dies when doing "core restart" (Reported by Walter Doekes)
* ASTERISK-19867 - asterisk fails to lower its priority when astcanary dies (Reported by Xavier Hienne)
* ASTERISK-26263 - SQL error when using realtime and registering extension / inserting into ps_contacts (Reported by Jeppe Ryskov Larsen)
* ASTERISK-26374 - res_pjsip_multihomed: Contact port is rewritten for connectionful protocols (Reported by Joshua Colp)
* ASTERISK-26367 - rtp: Timestamps broken when video frame is across multiple RTP packets (Reported by Joshua Colp)
* ASTERISK-26375 - res_pjsip_transport_management: Log message states seconds, but time value is milliseconds (Reported by Joshua Colp)
* ASTERISK-19968 - TCP Session-Timers not dropping call (Reported by Aaron Hamstra)
* ASTERISK-26360 - app_queue: "queue show" output gets "failed to extend from 240 to 327" msgs. (Reported by Richard Mudgett)
* ASTERISK-26358 - chan_sip: Contact is updated on re-200, but not on re-INVITE (Reported by Walter Doekes)
* ASTERISK-26316 - res_pjsip_callerid: Irregular URI causes nexpected callerid (Reported by Kevin Harwell)
* ASTERISK-26349 - 13.11.1 res_pjsip/pjsip_distributor.c: Request 'REGISTER' failed (Reported by Dmitry Melekhov)
* ASTERISK-26272 - chan_sip: File descriptors leak (UDP sockets) (Reported by Etienne Lessard)
* ASTERISK-26264 - res_pjsip: Crash when applying ACL from non-existent endpoint (Reported by nappsoft)
* ASTERISK-26288 - followme: fails to reset config items to default values on reload (Reported by Tzafrir Cohen)
* ASTERISK-23989 - [patch]SDP offer/answer fails if crypto keys added to non-crypto offer (Reported by Olle Johansson)
* ASTERISK-25691 - Crash occurs when screening mode (Dial's 'p' argument) is enabled and callee rejects a call or hangs up. (Reported by Etienne Lessard)
* ASTERISK-26331 - Crash on “core show channeltype Surrogate” in ast_format_cap_get_names (Reported by GI.NET)
* ASTERISK-26085 - app_mp3: results in timeout for streams (Reported by Jens Bürger)
* ASTERISK-26282 - AEL: macro-call in Dial application, macro "lacks 's' extension" (Reported by chris de rock)
* ASTERISK-26226 - pbx: Asterisk crash on AMI action "ShowDialplan" when there's a circular dependency between
contexts (Reported by Etienne Lessard) * ASTERISK-26279 - pjproject-bundled: Fails to compile on Debian 6 (Reported by George Joseph)
* ASTERISK-26306 - channel: Hang-up crashes, chan_pjsip not cleaning up properly (Reported by Alexander Traud)
* ASTERISK-26299 - app_queue: Queue application sometimes stops calling members with Local interface (Reported by Etienne Lessard)
* ASTERISK-26203 - res_fax: Deadlock when using FAXOPT(gateway)=yes with Local channels (Reported by Etienne Lessard)
* ASTERISK-24822 - Deadlock: Fax Gateway framehook creates locking inversion in T.38 query option with features bridging code (Reported by David Brillert)
* ASTERISK-22732 - Deadlock potential in res_fax and CCSS with local channels. (Reported by Richard Mudgett)
* ASTERISK-26269 - res_pjsip: Wrong state for aors without registered contacts after startup (Reported by nappsoft)
* ASTERISK-22374 - Finish mapping the sip.conf parameters to res_sip.conf parameters (Reported by Matt Jordan)
* ASTERISK-24425 - [patch] jabber/xmpp to use TLS instead of SSLv3, security fix POODLE (CVE-2014-3566) (Reported by abelbeck)
* ASTERISK-25472 - Swagger scripts are not replacing format variable in file brief (Reported by Corey Farrell)
* ASTERISK-26228 - res_pjsip_sdp_rtp: G729A does not include annexb=no attribute. (Reported by Ali Ghavidel)
* ASTERISK-25984 - res_odbc relies on res_odbc_transaction, but it's not mandatory to compile it (Reported by József Dudás)
* ASTERISK-26305 - Asterisk 14: Two resolver unbound testsuite tests fail (Reported by Richard Mudgett)
* ASTERISK-26303 - [patch] BuildSystem: ca_list_path capabilities not detected in PJProject. (Reported by Alexander Traud)
* ASTERISK-25492 - ARI: Path parameters are case sensitive (Reported by Joshua Colp)
* ASTERISK-26233 - pbx: Failure to remove inconsistent extension names (Reported by Corey Farrell)
* ASTERISK-26164 - XMPP no longer triggers NOTIFY to device via chan_pjsip (Reported by Ross Beer)
* ASTERISK-26246 - Security: Privilege escalation by AMI adding dialplan extensions. (Reported by Richard Mudgett)
* ASTERISK-26267 - ast_register_atexit callbacks should be run on failed startup. (Reported by Corey Farrell)
* ASTERISK-26241 - res_pjsip: When using compact headers, rpid and pai are incorrectly generated (Reported by George Joseph)
* ASTERISK-26239 - res_pjsip_logger: An empty global/debug option is treated as a "match all" hostname (Reported by George Joseph)
* ASTERISK-26238 - res_pjsip: Empty global default_from_user causes crash (Reported by Joshua Colp)
* ASTERISK-25797 - app_queue: Crash when calling a queue with a member with a forward to an nonexistent extension (Reported by Etienne Lessard)
* ASTERISK-26268 - alembic: 'auth_username' not in PJSIP 'identify_by' enum (Reported by Joshua Colp)
* ASTERISK-26145 - pjsip: Deadlock with suspend + masquerade + indicate (Reported by Ross Beer)
* ASTERISK-26183 - alembic: error when using sqlalchemy version 1.1.0b2 (Reported by Kevin Harwell)
* ASTERISK-26280 - DNS lookups can block channel media paths (Reported by Mark Michelson)
* ASTERISK-25217 - [patch]res_pjsip_outbound_publish.c needs a similar treatment for module unloading as res_pjsip_outbound_registration.c (Reported by Richard Mudgett)
* ASTERISK-26265 - Errors ignored from some parts of system initialization. (Reported by Corey Farrell)
* ASTERISK-26206 - [patch] res_pjsip: Use more compatible regex for get all (Reported by Dmitry Wagin)
* ASTERISK-26256 - [patch] SIP/SDP origin (o=) contains brackets with IP6 (Reported by Alexander Traud)
* ASTERISK-25996 - Remove "live_dangerously" requirement on DB(read) (Reported by Andrew Nagy)
* ASTERISK-26148 - pjsip: Cannot compile 13.10.0-rc1: "libasteriskpj.so: undefined reference to..." (Reported by Hans van Eijsden)
* ASTERISK-26237 - Fax is detected on regular calls. (Reported by Richard Mudgett)
* ASTERISK-26227 - sqlalchemy error due to long identifier name (Reported by Mark Michelson)
* ASTERISK-26214 - Allow arbitrary time for fax detection to end on a channel (Reported by Richard Mudgett)
* ASTERISK-23013 - [patch] Deadlock between 'sip show channels' command and attended transfer handling (Reported by Ben Smithurst)
* ASTERISK-26199 - PJSIP: tx_data_destroy called twice (Reported by Scott Griepentrog)
* ASTERISK-26166 - res_pjsip_pubsub: Crash when decrementing reference count of message (Reported by Ross Beer)
* ASTERISK-26174 - res_pjsip: Crash when freeing cloned message in distributor (Reported by Ross Beer)
* ASTERISK-26216 - res_fax: Deadlock when detect fax while channel executing Playback (Reported by Richard Mudgett)
* ASTERISK-26212 - [patch] Makefile: Retain XML Declaration and DTD in docs. (Reported by Alexander Traud)
* ASTERISK-26211 - Unit tests: AST_TEST_DEFINE should be used in conditional code. (Reported by Corey Farrell)
* ASTERISK-26207 - [patch] sRTP: Count a roll-over of the sequence number even on lost packets. (Reported by Alexander Traud)
* ASTERISK-26038 - 'make install' doesn't seem to install OS/X init files (Reported by Tzafrir Cohen)
* ASTERISK-26200 - [patch] res_pjsip_mwi: improve realtime performance - remove unneeded check on endpoint's contacts. (Reported by Alexei Gradinari)
* ASTERISK-26133 - app_queue: Queue members receive multiple calls (Reported by Richard Miller)
* ASTERISK-26196 - pbx: Time based includes can leak timezone string (Reported by Corey Farrell)
* ASTERISK-26193 - chan_sip: reference leak in mwi_event_cb (Reported by Corey Farrell)
* ASTERISK-25659 - res_rtp_asterisk: ECDH not negotiated causing DTLS failure occurred on RTP instance (Reported by Edwin Vandamme)
* ASTERISK-26191 - threadpool: Leak on duplicate taskprocessor for ast_threadpool_serializer_group (Reported by Corey Farrell)
* ASTERISK-26046 - [patch] Avoid obsolete warnings on autoconf. (Reported by Alexander Traud)
* ASTERISK-26160 - pjsip: Updated->Reachable during qualify (Reported by Matt Jordan)
* ASTERISK-25289 - Build System does not respect CFLAGS and CXXFLAGS when building menuselect (Reported by Jeffrey Walton)
* ASTERISK-26119 - [patch] fix: memory leaks, resource leaks, out of bounds and bugs (Reported by Alexei Gradinari)
* ASTERISK-26177 - func_odbc: Database handle is kept when it should be released (Reported by Leandro Dardini)
* ASTERISK-26184 - chan_sip: Reference leaks in error paths.(Reported by Corey Farrell)
* ASTERISK-26181 - REF_DEBUG: Node object incorrectly logged during duplicate replacement (Reported by Corey Farrell)
* ASTERISK-26180 - PJSIP: provide valid tcp nodelay option for reuse (Reported by Scott Griepentrog)
* ASTERISK-26179 - chan_sip: Second T.38 request fails (Reported by Joshua Colp)
* ASTERISK-26172 - res_sorcery_realtime: fix bug when successful sql UPDATE is treated as failed if there is no affected rows.(Reported by Alexei Gradinari)
* ASTERISK-25772 - res_pjsip: Unexpected two BYE when answered (Reported by Dmitriy Serov)
* ASTERISK-26099 - res_pjsip_pubsub: Crash when sending request due to server timeout (Reported by Ross Beer)
* ASTERISK-26144 - Crash on loading codecs g729/g723 (Reported by Alexei Gradinari)
* ASTERISK-26157 - Build: Fix errors highlighted by GCC 6.x (Reported by George Joseph)
* ASTERISK-26021 - Build codecs siren7 and siren14 for Asterisk 13 (Reported by Daniel Denson)
* ASTERISK-26141 - res_fax: fax_v21_session_new leaks reference to v21_details (Reported by Corey Farrell)
* ASTERISK-26140 - res_rtp_asterisk: gcc 6 caught a self-comparison (Reported by George Joseph)
* ASTERISK-26138 - chan_unistim: Under FreeBSD, chan_unistim generates a compile error (Reported by George Joseph)
* ASTERISK-26128 - Alembic scripts are failing (Reported by Mark Michelson)
* ASTERISK-26139 - test_res_pjsip_scheduler: Compile failure if pjproject isn't installed in a system location (Reported by George Joseph)
* ASTERISK-26061 - [patch] res_pjsip: improve realtime performance - remove updating all endpoints status on startup (Reported by Alexei Gradinari)
* ASTERISK-26129 - res_rtp_asterisk: Memory leak of CERT bio in DTLS implementation (Reported by Torrey Searle)
* ASTERISK-26130 - [patch] WebRTC: Should use latest DTLS version. (Reported by Alexander Traud)
* ASTERISK-26132 - PJSIP: provide transport type with received messages (Reported by Scott Griepentrog)
* ASTERISK-26127 - res_pjsip_session: Crash due to race condition between res_pjsip_session unload and timer (Reported by Joshua Colp)
* ASTERISK-26045 - [patch]app_voicemail: fix bugs, imap mm_status log change to debug (Reported by Alexei Gradinari)
* ASTERISK-26083 - ARI: Announcer channels staying around after playback to a bridge is finished (Reported by Per Jensen)
* ASTERISK-26126 - [patch] leverage 'bindaddr' for TLS in http.conf (Reported by Alexander Traud)
* ASTERISK-26069 - Asterisk truncates To: header, dropping the closing '>' (Reported by Vasil Kolev)
* ASTERISK-26097 - [patch] CLI: show maximum file descriptors (Reported by Alexander Traud)
* ASTERISK-25262 - Memory leak when a caller channel does multiple dials and CEL is enabled (Reported by Etienne Lessard)
* ASTERISK-26092 - [Segfault] in res_rtp_asterisk.c:4268 after Remotely bridged channels (Reported by Niklas Larsson)
* ASTERISK-26096 - res_hep: Crash when configuration file is missing (Reported by Niklas Larsson)
* ASTERISK-26089 - Invalid security events during boot using PJSIP Realtime (Reported by Scott Griepentrog)
* ASTERISK-26074 - res_odbc: Deadlock within UnixODBC (Reported by Ross Beer)
* ASTERISK-26054 - Asterisk crashes (core dump) (Reported by B. Davis)
* ASTERISK-24436 - Missing header in res/res_srtp.c when compiling against libsrtp-1.5.0 (Reported by Patrick Laimbock)
* ASTERISK-26091 - [patch] ar cru creates warning, instead use ar cr (Reported by Alexander Traud)
* ASTERISK-26070 - ari/channels: Creating a local channel without an originator adds all audio formats to it's capabilities (Reported by George Joseph)
* ASTERISK-26078 - core: Memory leak in logging (Reported by Etienne Lessard)
* ASTERISK-26065 - chan_pjsip: MWI NOTIFY contents not ordered properly (Reported by Ross Beer)
* ASTERISK-26063 - ${PJSIP_HEADER(read,Call-ID)} does not work - documentation needs clarification for when read/write is possible (Reported by Private Name)
* ASTERISK-25777 - data race in threadpool (Reported by Badalian Vyacheslav)
* ASTERISK-25669 - [patch]CURL incorrect trim for non ASCII characters (Reported by Jesper)
* ASTERISK-26029 - parking: ast_parking_park_call should return parking_space instead of parking_exten (Reported by Diederik de Groot)
* ASTERISK-25938 - res_odbc: MySQL/MariaDB statement LAST_INSERT_ID() always returns zero. (Reported by Edwin Vandamme)
* ASTERISK-25941 - chan_pjsip: Crash on an immediate SIP final response (Reported by Javier Riveros )
* ASTERISK-26014 - res_sorcery_astdb: Make tolerant of unknown fields (Reported by Joshua Colp)
* ASTERISK-24986 - keepalive INFO packages ignored by asterisk (Reported by Ilya Trikoz)
* ASTERISK-26034 - T.38 passthrough problem behind firewall due to early nosignal packet (Reported by George Joseph)
* ASTERISK-26030 - call cut because of double Session-Expires header in re-invite after proxy authentication is required (Reported by George Joseph)
* ASTERISK-25964 - Outbound registrations created via ARI/push configuration do not clean up outbound registrations currently in flight (Reported by Matt Jordan)
* ASTERISK-26005 - res_pjsip: Multiple SIP messages are combined into 1 TCP packet (Reported by Ross Beer)
* ASTERISK-25352 - res_hep_rtcp correlation_id is different then res_hep (Reported by Kevin Scott Adams)
* ASTERISK-26008 - app_followme does not delete recorded name prompt (Reported by Tzafrir Cohen)
* ASTERISK-26007 - res_pjsip: Endpoints deleting early after upgrade from 13.8.2 to 13.9 (Reported by Greg Siemon)
* ASTERISK-25990 - PJSIP TLS registration should respect client_uri scheme when generating Contact URI (Reported by Sebastian Damm)
* ASTERISK-25538 - [patch]Missing PID in syslog logger messages (Reported by Javier Acosta)
* ASTERISK-25978 - res_pjsip_authenticator_digest: Should not use source port in nonce verification (Reported by Mark Michelson)
* ASTERISK-26004 - res_pjsip: The transport/method parameter is ignored (Reported by George Joseph)
* ASTERISK-25993 - pjproject: Allow bundling to not require everything it does (Reported by Joshua Colp)
* ASTERISK-25956 - Compilation error in conditionally compiled code in config_options.c (Reported by Chris Trobridge)
* ASTERISK-25998 - file: Crash when using nativeformats (Reported by Joshua Colp)
* ASTERISK-25826 - PJSIP / Sorcery slow load from realtime (Reported by Ross Beer)
* ASTERISK-25982 - [patch]res_fax/t38_gateway: Peer V.21 session is created on wrong channel (Reported by Alexei Gradinari)
* ASTERISK-25968 - pjproject_bundled: Configure and make need to be re-tested (Reported by George Joseph)
* ASTERISK-24463 - Voicemail email address corrupt or not sent when message is in the process of being recorded during reload (Reported by John Campbell)
* ASTERISK-25970 - Segfault in pjsip_url_compare (Reported by Dmitriy Serov)
* ASTERISK-25963 - func_odbc requires reconnect checks for stale connections (Reported by Ross Beer)
* ASTERISK-25961 - tests/channels/SIP/sip_tls_call: Sporadic crash when running test (Reported by Joshua Colp)
* ASTERISK-16115 - [patch] problem with ringinuse=no, queue members receive sometimes two calls (Reported by nik600)
* ASTERISK-25917 - [patch]app_voicemail: passwordlocation=spooldir only works if you manually add secret.conf yourself (Reported by Jonathan R. Rose)
* ASTERISK-25950 - [patch]SIP channel does not send PeerStatus events for autocreated peers (Reported by Kirill Katsnelson)
* ASTERISK-25954 - Manager QueueSummary and QueueStatus Actions are case sensitive to QueueName (Reported by Javier Acosta)
* ASTERISK-25927 - Removed option "registertrying" is still documented in sip.conf.sample (Reported by Etienne Lessard)
* ASTERISK-25948 - ast_pthread_mutex_lock calling ast_reentrancy_lock with lt=0x0 (Reported by Diederik de Groot)
* ASTERISK-25947 - Protocol transfers to stasis applications are missing the StasisStart with the replace_channel object. (Reported by Richard Mudgett)
* ASTERISK-24649 - Pushing of channel into bridge fails; Stasis fails to get app name (Reported by John Bigelow)
* ASTERISK-24782 - StasisEnd event not present for channel that was swapped out for another after completing attended transfer (Reported by John Bigelow)
* ASTERISK-25942 - res_pjsip_caller_id: Transfer results in mixed ConnectedLine information (Reported by George Joseph)
* ASTERISK-25928 - res_pjsip: URI validation done outside of PJSIP thread (Reported by Joshua Colp)
* ASTERISK-25929 - res_pjsip_registrar: AOR_CONTACT_ADDED events not raised (Reported by Joshua Colp)
* ASTERISK-25934 - chan_sip should not require sipregs or updateable sippeers table unless rt (Reported by Jaco Kroon)
* ASTERISK-25888 - Frequent segfaults in function can_ring_entry() of app_queue.c (Reported by Sébastien Couture)
* ASTERISK-25796 - res_pjsip: DOS/Crash when TCP/TLS sockets exceed pjproject PJ_IOQUEUE_MAX_HANDLES (Reported by George Joseph)
* ASTERISK-25707 - Long contact URIs or hostnames can crash pjproject/Asterisk under certain conditions (Reported by George Joseph)
* ASTERISK-25123 - Bracketed IPv6 Contact header parameter unparsable with Asterisk/PJSIP (Reported by Anthony Messina)
* ASTERISK-25874 - app_voicemail: Stack buffer overflow in test_voicemail_notify_endl (Reported by Badalian Vyacheslav)
* ASTERISK-24927 - app_voicemail (IMAP support) function save_to_folder: creates wrong folder (Reported by Alexei Gradinari)
* ASTERISK-25914 - PJSIP: failed registration with wrong codec name on allow/disallow (Reported by Alexei Gradinari)
* ASTERISK-25912 - chan_local passes AST_CONTROL_PVT_CAUSE_CODE without adding them to the local hangupcauses via ast_channel_hangupcause_hash_set (Reported by Jaco Kroon)
* ASTERISK-25885 - res_pjsip: Race condition between adding contact and automatic expiration (Reported by Joshua Colp)
* ASTERISK-25910 - pjproject: Via headers are not parsed when "received" contains an IPv6 address (Reported by George Joseph)
* ASTERISK-25899 - IMAP access FATAL error: Out of memory (Reported by Alexei Gradinari)
* ASTERISK-25890 - Asterisk 13.8.0 alembic database update fails (Reported by Harley Peters)
* ASTERISK-25894 - [patch] webrtc video broken due to missing marker bits in RTP streams (Reported by Jacek Konieczny)
* ASTERISK-25854 - No audio after HOLD/RESUME - incorrect a=recvonly in SDP from Asterisk (Reported by Robert McGilvray)
* ASTERISK-25868 - Sorcery "append to category" should allow filters (Reported by Nick Repin)
* ASTERISK-25873 - res_pjsip: Bundled pjproject: compile error, cannot find -lasteriskpj (Reported by Hans van Eijsden)
* ASTERISK-25882 - ARI: Crash can occur due to race condition when attempting to operate on a hung up channel (Part 2) (Reported by Richard Mudgett)
* ASTERISK-25642 - res_rtp_asterisk: SRTCP broken with DTLS - bad video is one of the consequences (Reported by Stefan Engström)
* ASTERISK-25867 - [patch] Video delay on app_echo (Reported by Jacek Konieczny)
* ASTERISK-24605 - res_parking option parkeddynamic does not work with the core Features 'parkcall' (DTMF initiated parking) (Reported by Philip Correia)
* ASTERISK-24596 - Unclear how to use Park application with res_parking 'parkeddynamic' enabled. Documentation? (Reported by Philip Correia)
* ASTERISK-24543 - Asterisk 13 responds to SIP Invite with all possible codecs configured for peer as opposed to intersection of configured codecs and offered codecs (Reported by Taylor Hawkes)
* ASTERISK-25612 - Configuration parser handles unsigned integers as signed integers (Reported by Gianluca Merlo)
* ASTERISK-25825 - Crashes during shutdown when running CLI commands (Reported by Mark Michelson)
* ASTERISK-25407 - Asterisk fails to log to multiple syslog destinations (Reported by Elazar Broad)
* ASTERISK-25510 - [patch]Log to syslog failing (Reported by Michael Newton)
* ASTERISK-21301 - ERROR and failure to resolve socket address due to whitespace after port number in SIP Via header (Reported by Martin Vit)
* ASTERISK-25857 - func_aes: incorrect use of strlen() leads to data corruption (Reported by Gianluca Merlo)

New Features made in this release:
-----------------------------------
* ASTERISK-26630 - Make logging PJPROJECT messages a bit easier (Reported by Richard Mudgett)
* ASTERISK-26595 - ARI: Add the ability to control the source of video in a multi-party mixing bridge (Reported by Matt Jordan)
* ASTERISK-26470 - ARI: Add an 'asterisk_id' field to outgoing events (Reported by Matt Jordan)
* ASTERISK-26277 - Add dialplan function PJSIP_SEND_SESSION_REFRESH that sends a session refresh to
update formats on a channel after session establishment (Reported by Matt Jordan)
* ASTERISK-25904 - PJSIP: add contact.updated event (Reported by Alexei Gradinari)
* ASTERISK-25900 - PJSIP Endpoint IP Access Controls (Reported by Alexei Gradinari)
* ASTERISK-25989 - apps/confbridge: add regcontext feature (Reported by Jaco Kroon)
* ASTERISK-25903 - PJSIP AMI Event ContactStatus: add Useragent and RegExpire (Reported by Alexei Gradinari)
* ASTERISK-25901 - Add transport for outbound PUBLISH (Reported by Alexei Gradinari)

For a full list of changes in this release, please see the ChangeLog:

http://downloads.asterisk.org/pub/telephony/certified-asterisk/ChangeLog-certified-13.13-cert1

15Feb/17Off

Rilasciato Asterisk 14.3.0

Il giorno 13 febbraio 2017, il Team di Sviluppo di Asterisk ha annunciato il rilascio di Asterisk 14.3.0.

Dal post originale:

The release of Asterisk 14.3.0 resolves several issues reported by the community and would have not been possible without your participation.
Thank you!

The following are the issues resolved in this release:

New Features made in this release:
-----------------------------------
* ASTERISK-26630 - Make logging PJPROJECT messages a bit easier (Reported by Richard Mudgett)

Bugs fixed in this release:
-----------------------------------
* ASTERISK-26772 - Crash in srv.c on startup with pjsip (Reported by nappsoft)
* ASTERISK-26767 - ARI channelvars cause memory leak (Reported by Sébastien Duthil)
* ASTERISK-26716 - ari: Channels with pre-dial handlers cannot be hung up via ARI (Reported by Tom Pawelek)
* ASTERISK-26632 - core: Possibility of a frame "imbalance" leading to stuck channels. (Reported by Mark Michelson)
* ASTERISK-25951 - res_agi: run_agi eats frames it shouldn't (Reported by George Joseph)
* ASTERISK-26343 - ASTERISK-25951 causes issues for callerid manipulation through agi (Reported by Morten Tryfoss)
* ASTERISK-26704 - res_odbc.conf contains deprecated configuration: 'pooling', 'shared_connections', 'limit', and
'idlecheck' options were replaced by 'max_connections'. (Reported by Anthony Messina)
* ASTERISK-26765 - res_resolver_unbound: FRACK! Excessive ref count trap tripped. (Reported by Richard Mudgett)
* ASTERISK-21094 - MixMonitorMute mutes through stream if already slinear (e.g. Originate) (Reported by David Woolley)
* ASTERISK-26679 - Crash on invalid contact domain (pjsip aor) (Reported by Dmitriy)
* ASTERISK-26699 - res_pjsip: Assertion when sending OPTIONS request to endpoint (Reported by Ross Beer)
* ASTERISK-24858 - [patch]Asterisk 13 PJSIP sends RTP packets in wrong byte order on Intel platform when using slin codec (Reported by Frankie Chin)
* ASTERISK-26754 - build_tools: make_build_h does not handle \ in user name (Reported by Kirill Katsnelson)
* ASTERISK-26753 - AMI disconnect causes "ast_careful_fwrite: fwrite() returned error: Broken pipe" (Reported by Kirill Katsnelson)
* ASTERISK-26755 - app_queue: Random queues disappear on "core reload queue all" (Reported by Kirill Katsnelson)
* ASTERISK-26735 - res_pjsip_endpoint_identifier_ip: "srv_lookups" after match in .conf has no effect (Reported by Michael Maier)
* ASTERISK-26693 - res_pjsip_endpoint_identifier_ip: Add support for SRV (Reported by Joshua Colp)
* ASTERISK-26743 - PJPROJECT: Detecting compiled max log level does not work. (Reported by Richard Mudgett)
* ASTERISK-26740 - voicemail API test: uses varlibdir instead of datadir for a sound file (Reported by Tzafrir Cohen)
* ASTERISK-26739 - voicemail API test: confuses expected and actual values (Reported by Tzafrir Cohen)
* ASTERISK-26731 - res_sorcery_memory_cache: memory leak on every sorcery memory cache populate (Reported by Ustinov Artem)
* ASTERISK-26710 - [patch] res_rtp_asterisk: CHANNEL arguments, (rtcp,all_rtt),(rtcp,all_loss),(rtcp,all_jitter) always return 0 (Reported by Aaron An)
* ASTERISK-26670 - [patch] Outgoing SIP-URI Dialing via PJSIP (Reported by Alexander Traud)
* ASTERISK-26691 - Remember SDP negotiation on SIP_CODEC_INBOUND. (Reported by Alexander Traud)
* ASTERISK-26673 - chan_pjsip: Crash when using CHANNEL dialplan function around masquerade (Reported by Joshua Colp)
* ASTERISK-26684 - res_pjsip: Various issues with compact SIP headers (Reported by Joshua Elson)
* ASTERISK-26655 - [patch]pjsip: Transfers Broken with Compact Headers Enabled (Reported by JoshE)
* ASTERISK-26672 - Crash when setting remote address on RTP instance (Reported by Richard Mudgett)
* ASTERISK-26621 - app_queue: Queue application does not ring members with Local interface (Reported by Jonas Kellens)
* ASTERISK-26586 - chan_sip: Segfaults upon reload if client with MWI wasn't registered (Reported by Michael Kuron)
* ASTERISK-25494 - build: GCC 5.1.x catches some new const, array bounds and missing paren issues (Reported by George Joseph)
* ASTERISK-24499 - Need more explicit debug when PJSIP dialstring is invalid (Reported by Rusty Newton)
* ASTERISK-25083 - Message.c: Message channel becomes saturated with frames leading to spammy log messages (Reported by Jonathan Rose)
* ASTERISK-26653 - pjproject_bundled doesn't verify already downloaded tarballs (Reported by George Joseph)
* ASTERISK-26433 - chan_sip: Allows To-tag checks to be bypassed, setting up new calls (Reported by Walter Doekes)
* ASTERISK-26579 - codec_opus: Recursiveness when parsing fmtp line (Reported by Jørgen H)
* ASTERISK-26644 - PJSIPShowRegistrationsInbound just dumps all aors (Reported by George Joseph)
* ASTERISK-26647 - Support older DNS style for OpenBSD (Reported by snuffy)
* ASTERISK-26490 - res_pjsip: sends 481 Call/Transaction Does Not Exist when transaction branch parameter contains "_" (Reported by Juris Breicis)
* ASTERISK-26617 - res_rtp_asterisk: Can't bind on systems without IPv6 (Reported by Guido Falsi)
* ASTERISK-26603 - [patch] chan_pjsip: not switching sending codec to receiving codec when asymmetric_rtp_codec=no (Reported by Alexei Gradinari)
* ASTERISK-24330 - Requirement for 'wss' value in Contact header transport parameter on inbound traffic violates RFC7118 (Reported by Marek Cervenka)
* ASTERISK-26546 - mips64el and x32 - undefined reference to symbol 'dlopen@@GLIBC_2.2' (Reported by Tzafrir Cohen)
* ASTERISK-26566 - res_rtp_asterisk: RTT miscalculation in RTCP (Reported by Hector Royo Concepcion)
* ASTERISK-26604 - chan_sip: sip reload doesn't apply changes to tlscertfile, tlsciphers, etc. (Reported by Michael Kuron)
* ASTERISK-26608 - Compile and link failures on OpenBSD (Reported by snuffy)

Improvements made in this release:
-----------------------------------
* ASTERISK-23828 - pjsip - Need a command to list active SIP subscriptions (Reported by Rusty Newton)
* ASTERISK-26527 - Testsuite: increase timeout to check "core fullybooted wait" up to 30 sec (Reported by Badalian Vyacheslav)
* ASTERISK-26624 - res_calendar_caldav: Add support for gmail (Reported by Eduardo Scudeller Libardi)
* ASTERISK-26562 - app_controlplayback: Transmit Silence on ControlPlayback pause (Reported by Mikheili Dautashvili)

For a full list of changes in this release, please see the ChangeLog:

http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-14.3.0

15Gen/17Off

Ops! Solo ora mi sono accorto che 3cx li ha comprati (quasi) tutti

Prima "PBX In a Flash" e poi "Elastix".

I 2 più importanti progetti basati su Asterisk e FreePBX GUI sono ormai belli e defunti.

Per quanto riguarda "PBX In a Flash" a quanto pare sono anche "spariti" i repositories mentre per "Elastix" dovrebbero rimamere (?) disponibili i repositories della 2.X e della 4.X.

Vedremo...

Asterweb

10Dic/16Off

AST-2016-009: Remote unauthenticated sessions in chan_sip

Dal Team Asterisk Security (8 dicembre 2016).

Dal post originale:

             Asterisk Project Security Advisory - ASTERISK-2016-009

Product Asterisk
Summary
Nature of Advisory Authentication Bypass
Susceptibility Remote unauthenticated sessions
Severity Minor
Exploits Known No
Reported On October 3, 2016
Reported By Walter Doekes
Posted On
Last Updated On December 8, 2016
Advisory Contact Mmichelson AT digium DOT com
CVE Name

Description The chan_sip channel driver has a liberal definition for
whitespace when attempting to strip the content between a
SIP header name and a colon character. Rather than
following RFC 3261 and stripping only spaces and horizontal
tabs, Asterisk treats any non-printable ASCII character as
if it were whitespace. This means that headers such as

Contact\x01:

will be seen as a valid Contact header.

This mostly does not pose a problem until Asterisk is
placed in tandem with an authenticating SIP proxy. In such
a case, a crafty combination of valid and invalid To
headers can cause a proxy to allow an INVITE request into
Asterisk without authentication since it believes the
request is an in-dialog request. However, because of the
bug described above, the request will look like an
out-of-dialog request to Asterisk. Asterisk will then
process the request as a new call. The result is that
Asterisk can process calls from unvetted sources without
any authentication.

If you do not use a proxy for authentication, then this
issue does not affect you.

If your proxy is dialog-aware (meaning that the proxy keeps
track of what dialogs are currently valid), then this issue
does not affect you.

If you use chan_pjsip instead of chan_sip, then this issue
does not affect you.

Resolution chan_sip has been patched to only treat spaces and
horizontal tabs as whitespace following a header name. This
allows for Asterisk and authenticating proxies to view
requests the same way

Affected Versions
Product Release
Series
Asterisk Open Source 11.x All Releases
Asterisk Open Source 13.x All Releases
Asterisk Open Source 14.x All Releases
Certified Asterisk 13.8 All Releases

Corrected In
Product Release
Asterisk Open Source 11.25.1, 13.13.1, 14.2.1
Certified Asterisk 11.6-cert16, 13.8-cert4

Patches
SVN URL Revision

Links

Asterisk Project Security Advisories are posted at
http://www.asterisk.org/security

This document may be superseded by later versions; if so, the latest
version will be posted at
http://downloads.digium.com/pub/security/ASTERISK-2016-009.pdf and
http://downloads.digium.com/pub/security/ASTERISK-2016-009.html

Revision History
Date Editor Revisions Made
November 28, 2016 Mark Michelson Initial writeup

Asterisk Project Security Advisory - ASTERISK-2016-009
Copyright (c) 2016 Digium, Inc. All Rights Reserved.
Permission is hereby granted to distribute and publish this advisory in its
original, unaltered form.

10Dic/16Off

AST-2016-008: Crash on SDP offer or answer from endpoint using Opus

Dal Team Asterisk Security (8 dicembre 2016).

Dal post originale:

               Asterisk Project Security Advisory - AST-2016-008

Product Asterisk
Summary Crash on SDP offer or answer from endpoint using
Opus
Nature of Advisory Remote Crash
Susceptibility Remote unauthenticated sessions
Severity Critical
Exploits Known No
Reported On November 11, 2016
Reported By jorgen
Posted On
Last Updated On November 15, 2016
Advisory Contact jcolp AT digium DOT com
CVE Name

Description If an SDP offer or answer is received with the Opus codec
and with the format parameters separated using a space the
code responsible for parsing will recursively call itself
until it crashes. This occurs as the code does not properly
handle spaces separating the parameters. This does NOT
require the endpoint to have Opus configured in Asterisk.
This also does not require the endpoint to be
authenticated. If guest is enabled for chan_sip or
anonymous in chan_pjsip an SDP offer or answer is still
processed and the crash occurs.

Resolution The code has been updated to properly handle spaces
separating parameters in the fmtp line. Upgrade to a
released version with the fix incorporated or apply patch.

Affected Versions
Product Release
Series
Asterisk Open Source 13.x 13.12.0 and higher
Asterisk Open Source 14.x All Versions

Corrected In
Product Release
Asterisk Open Source 13.13.1, 14.2.1

Patches
SVN URL Revision
http://downloads.asterisk.org/pub/security/AST-2016-008-13.diff Asterisk
13
http://downloads.asterisk.org/pub/security/AST-2016-008-14.diff Asterisk
14

Links https://issues.asterisk.org/jira/browse/ASTERISK-26579

Asterisk Project Security Advisories are posted at
http://www.asterisk.org/security

This document may be superseded by later versions; if so, the latest
version will be posted at
http://downloads.digium.com/pub/security/AST-2016-008.pdf and
http://downloads.digium.com/pub/security/AST-2016-008.html

Revision History
Date Editor Revisions Made
November 15, 2016 Joshua Colp Initial draft of Advisory

Asterisk Project Security Advisory - AST-2016-008
Copyright © 2016 Digium, Inc. All Rights Reserved.
Permission is hereby granted to distribute and publish this advisory in its
original, unaltered form.