Up to [cvs.NetBSD.org] / pkgsrc / comms / asterisk16
Request diff between arbitrary revisions
Keyword substitution: kv
Default branch: MAIN
*: recursive bump for default-on option of at-spi2-core
*: recursive bump for icu 76 shlib major version bump
*: revbump for icu downgrade
*: recursive bump for icu 76.1 shlib bump
*: recursive bump for merging at-spi2-atk and atk into at2-spi-core Remove at-spi2-atk and atk
revbump after icu and protobuf updates
*: recursive bump for gnutls p11-kit option (existing installations need the bl3.mk included, but it's now only optionally included)
comms/asterisk16: Fix MASTER_SITES to https (needs doing on rest of comms/asteriskNN)
*: bump for cairo buildlink3.mk change lzo was made an option
comms/asterisk16: Add gsed as a TOOL Without gsed, the build fails on NetBSD 10 with a sed error about a trailing backslash. (Because this version is EOL, I am skipping figuring out why, fixing, and reporting upstream.)
asterisk*: Attempt to fix PLIST on SunOS
*: recursive bump for cairo dependency changes
*: revebump for new brotli option for freetype2 Addresses PR 57693
*: recursive bump for icu 74.1
*: bump for openssl 3
recursive revbump for tiff update
Don't create CPU-specific binaries by default, it makes packages non-portable. XXX Check other asterisk packages for the same issue.
*: recursive bump for Python 3.11 as new default
revbump after textproc/icu update
*: Recursive revbup from graphics/freetype2
asterisk16: -n option is no longer accepted for shell scripting Fix rc.d script to exclude -n options. Bump PKGREVISION.
*: recursive bump for tiff shlib major bump
asterisk16: Update to 16.29.1 * Use bash for configure script. It uses bash-specific syntax. * Use menuselect command to adjust options instead of manually crafted makeopts file. Manually crafted file does not work properly for me and 16.29.1 now. * I have no idea about x11 option's status. It seems that gtk2 config UI is not available in this release at least, if I understand correctly. Changelog: 16.29.1 Bugs fixed in this release: [ASTERISK-30103] chan_ooh323 vulnerability in calling/called party IE (Reported By: Michael Bradeen) [ASTERISK-30176] GetConfig can read files outside of Asterisk (Reported By: shawty) [ASTERISK-30244] Occasional crash when TCP/TLS connection terminated and subscription persistence is removed (Reported By: nappsoft) [ASTERISK-30338] Backport 2.13 security fixes from pjproject 16.29.0 New Features made in this release: * [ASTERISK-30037] Add test support to calling external processes (Reported by Philip Prindeville) * [ASTERISK-30161] locks: add AMI event for deadlock (Reported by N A) * [ASTERISK-30211] app_confbridge: Add end_marked_any option (Reported by N A) * [ASTERISK-30186] res_pjsip: Add support for reloading TLS certificate and key information (Reported by Joshua C. Colp) * [ASTERISK-29899] features: Add advanced transfer initiation options (Reported by N A) Bugs fixed in this release: * [ASTERISK-30235] res_crypto and tests: Memory issues and and uninitialized variable error (Reported by George Joseph) * [ASTERISK-30234] res_geolocation: may be used uninitialized error in geoloc_config.c (Reported by George Joseph) * [ASTERISK-30215] Inbound SIP INVITE with Geo Location causing a Segmentation Fault (Reported by Dan Cropp) * [ASTERISK-30135] [res_musiconhold] Allows the moh only for the answered call (Reported by sungtae kim) * [ASTERISK-26894] pjsip should support tel uri scheme (Reported by Gergely D?ms?di) * [ASTERISK-30210] func_frame_trace: Channel masquerade triggers assertion (Reported by N A) * [ASTERISK-30190] res_geolocation: GEOLOC_PROFILE isn t returning correct values on incoming channel (Reported by George Joseph) * [ASTERISK-29185] chan_pjsip: Endpoint: allow = all is broken. (Reported by Alexander Traud) * [ASTERISK-30192] res_tonedetect: fix typo for frametype (Reported by N A) * [ASTERISK-29453] alembic: incoming_call_offer_pref and outgoing_call_offer_pref missing in ps_endpoints table (Reported by Daniel Th men) * [ASTERISK-26826] testsuite: Add support for Python 3 (Reported by Joshua C. Colp) * [ASTERISK-30167] res_geolocation: Refactor for issues found by users (Reported by George Joseph) * [ASTERISK-28422] Memory Leak in Confbridge menu (Reported by Ted G) * [ASTERISK-29917] ami: FilterList action doesn t exist (Reported by N A) * [ASTERISK-30020] ConfbridgeListRooms Event Not Documented (Reported by Michael Cargile) * [ASTERISK-30018] app_meetme: MeetmeList AMI event not documented (Reported by Michael Cargile) * [ASTERISK-30151] Documentation doesn t include info about field , a 3rd required parameter. (Reported by Chris Young) Improvements made in this release: * [ASTERISK-30241] res_pjsip_gelocation: Downgrade some NOTICE scope trace debugs to DEBUG level (Reported by N A) * [ASTERISK-30178] extend user_eq_phone behavior to local uri s (Reported by Michael Bradeen) * [ASTERISK-30046] Reimplement res/res_crypto.c internals with EVP_PKEY interface to Openssl API s (Reported by Philip Prindeville) * [ASTERISK-30045] Add test coverage to res/res_crypto.c functionality (Reported by Philip Prindeville) * [ASTERISK-30185] res_geolocation: Allow location parameters to be specified in profiles (Reported by George Joseph) * [ASTERISK-30177] res_geolocation: Add option to suppress empty elements (Reported by George Joseph) * [ASTERISK-30182] res_geolocation: Add built-in profiles to use in fully dynamic configurations (Reported by George Joseph) * [ASTERISK-29906] update RLS to reflect the changes to the lists (Reported by Alexei Gradinari) * [ASTERISK-30163] general: fix minor formatting issues (Reported by N A) * [ASTERISK-30164] chan_iax2: Add missing option documentation (Reported by N A) * [ASTERISK-30160] cdr.conf: Remove obsolete app_mysql reference (Reported by N A) * [ASTERISK-30159] general: Remove obsolete SVN references (Reported by N A) * [ASTERISK-30153] logger: Improve log levels (Reported by N A) 16.28.0 The following issues are resolved in this release: Improvements made in this release: * [ASTERISK-30128] Create PJSIP interface module for Geolocation (Reported by George Joseph) * [ASTERISK-30127] Create core Geolocation capability for Asterisk (Reported by George Joseph) * [ASTERISK-30089] general: fix typos (Reported by N A) * [ASTERISK-30050] Upgrade Asterisk to bundled pjproject 2.12.1 (Reported by Stanislav Abramenkov) Bugs fixed in this release: * [ASTERISK-30167] res_geolocation: Refactor for issues found by users (Reported by George Joseph) * [ASTERISK-29966] pbx_variables: ast_str_strlen can be wrong (Reported by N A) * [ASTERISK-29905] OSX: bininstall launchd issue on cross-platfrom build (Reported by Sergey V. Lobanov) * [ASTERISK-30137] manager: Global disabled event filtered is incomplete (Reported by N A) * [ASTERISK-30109] res_pjsip: no contact-status AMI event on register of prune-on-boot contact that uses the same URI as before Asterisk restart (Reported by Michael Neuhauser) * [ASTERISK-30126] Spelling mistake in configs/samples/queues.conf. sample (Reported by Sam Banks) * [ASTERISK-29991] chan_dahdi, callerid: Caller ID does not honor presentation (Reported by N A) * [ASTERISK-29907] res_pjsip, app_confbridge: Video call through ConfBridge with normal endpoints causes infinite loop/crash (Reported by N A) * [ASTERISK-30029] build: Git security vulnerability fix is sad with our accessing git as root during make install (Reported by Joshua C. Colp) * [ASTERISK-30138] Compile failure in res_geolocation/geoloc_ eprofile.c when optimization is enabled (Reported by George Joseph) * [ASTERISK-30096] cel_odbc: Column type 9 (field cdr:cel:eventtime ) is unsupported at this time (Reported by Morvai Szabolcs) * [ASTERISK-30083] chan_iax2: Optional dependency on openssl/ res_crypto is now mandatory (Reported by Dmitry Melekhov) * [ASTERISK-30123] features: Update automixmon documentation to reflect reality (Reported by Trevor Peirce) * [ASTERISK-30117] pbx_lua: Remove compiler warnings (Reported by Boris P. Korzun) * [ASTERISK-30001] db: Removing nonexistent entries shows Database entry removed (Reported by N A) * [ASTERISK-29822] cli: Typing \? freezes the CLI permanently with remote console (Reported by N A) * [ASTERISK-30106] res_calendar_icalendar: Microsoft online ICS calendars no longer work (Reported by N A) * [ASTERISK-30115] app_dial: Allow hook flashes to propogate on outbound dials (Reported by N A) * [ASTERISK-29989] app_dial, chan_dahdi: DIALSTATUS is inconsistent for busy (Reported by N A) * [ASTERISK-30072] res_pjsip: allow TLS verification of wildcard cert-bearing servers (Reported by Kevin Harwell) * [ASTERISK-30075] say: Abort if channel hangs up during playback (Reported by N A) New Features made in this release: * [ASTERISK-30136] db: Add AMI action to retrieve all keys beginning with a prefix (Reported by N A) * [ASTERISK-30000] chan_dahdi: Add POLARITY function (Reported by N A) * [ASTERISK-30062] cli: Add CLI command to execute a dialplan app (Reported by N A) * [ASTERISK-29999] pjsip: Get information from 200 OK INVITE reply headers (Reported by Jos Lopes) * [ASTERISK-30061] pbx: Add pbx helper application (Reported by N A) 16.27.0 Improvements made in this release: * [ASTERISK-30090] xmldocs: Use example tags for examples (Reported by N A) * [ASTERISK-29906] update RLS to reflect the changes to the lists (Reported by Alexei Gradinari) * [ASTERISK-29891] provide a display name for RLS subscriptions (Reported by Alexei Gradinari) * [ASTERISK-30086] res_parking: Warn when invalid parking space requested (Reported by N A) * [ASTERISK-30058] Evaluate dialplan functions and variables in agi exec (Reported by Shloime Rosenblum) * [ASTERISK-30027] ari: expose channel driver s unique id (i.e. Call-ID for chan_sip/chan_pjsip) in ARI channel resource (Reported by Moritz Fain) * [ASTERISK-29845] res_pjsip_outbound_registration: Show time remaining until registration lapses (Reported by N A) Bugs fixed in this release: * [ASTERISK-30097] console: Recent documentation changes for connecting to remote console are inconsistent (Reported by Matthias Hensler) * [ASTERISK-30043] Wrong party is disconnected when hook-flashing on 3-way bridge (Reported by Josh Alberts) * [ASTERISK-29603] res_pjsip: UPDATE/re-INVITE not sent when timers =always is specified in pjsip.conf (Reported by Ray Crumrine) * [ASTERISK-30092] DateTime application: wrong inflection for one o clock in German (Reported by Christof Efkemann) * [ASTERISK-30064] pbx: iax2 switch causes crash due to deadlock and assertion (Reported by N A) * [ASTERISK-29981] res_calendar: Asterisk crashes when starting, and will not run (Reported by N A) * [ASTERISK-30039] cli: Targeted debug on startup deadlocks and creates unstable system (Reported by N A) * [ASTERISK-30051] res_pjsip: No video after un-hold with moh_passthrough=yes (Reported by Maximilian Fridrich) * [ASTERISK-24601] Missing RFC4235 tags and attributes in PJSIP NOTIFY event: dialog XML body (Reported by Marco Paland) * [ASTERISK-30060] loader: format warnings in dev mode (Reported by N A) * [ASTERISK-30059] menuselect: libxml include fails under Gentoo (Reported by waltermoeller) * [ASTERISK-30065] pjsip: Open Websocket connection is not reused for outgoing requests (Reported by LA) * [ASTERISK-30042] res_pjsip_transport_websocket: Registration over websocket returns a rewritten contact (Reported by Thomas Guebels) * [ASTERISK-29993] chan_dahdi: Operator control option borks both lines involved on callee disconnect (Reported by N A) * [ASTERISK-30044] GCC 12 issues (Reported by George Joseph) New Features made in this release: * [ASTERISK-30063] app_voicemail: Add option to prevent deletion of messages (Reported by N A) * [ASTERISK-30087] res_parking: Add music on hold override option (Reported by N A) * [ASTERISK-29965] res_pjsip_outbound_registration: Make max registration delay configurable (Reported by N A) * [ASTERISK-30036] app_confbridge: Add CONFBRIDGE_CHANNELS function (Reported by N A) 16.26.1 Bugs fixed in this release: * [ASTERISK-30065] pjsip: Open Websocket connection is not reused for outgoing requests (Reported by LA) 16.26.0 Security bugs fixed in this release: * [ASTERISK-29476] res_stir_shaken: Blind SSRF vulnerabilities (Reported by Clint Ruoho) * [ASTERISK-29838] ${SQL_ESC()} not correctly escaping a terminating \ (Reported by Leandro Dardini) * [ASTERISK-29872] res_stir_shaken: Resource exhaustion with large files (Reported by Benjamin Keith Ford) New Features made in this release: * [ASTERISK-29931] Option to allow a user to not hear the join sound on enter but everyone else can (Reported by Michael Cargile) * [ASTERISK-29968] func_db: Add a function to return cardinality of keys at prefix (Reported by N A) * [ASTERISK-29486] Hint-like extension value lookup function without device state (Reported by N A) * [ASTERISK-29941] chan_pjsip: Add ability to send flash events (Reported by N A) * [ASTERISK-29820] cli: Add command to evaluate a function (Reported by N A) * [ASTERISK-29876] app_queue: Add music on hold option (Reported by N A) Bugs fixed in this release: * [ASTERISK-28518] chan_dahdi: Caller ID FSK Erroneously Sent when Picking Up Dahdi Call On Hold (Reported by Josh Alberts) * [ASTERISK-29990] chan_dahdi: adding ring cadences is not idempotent on dahdi restart (Reported by N A) * [ASTERISK-30007] chan_iax2: Prevent crashes due to attempted encryption with missing secrets (Reported by N A) * [ASTERISK-29728] menuselect: Disabled by default modules that are enabled are always recompiled (Reported by N A) * [ASTERISK-30002] app_meetme: Don t erroneously set global variables when channel is NULL (Reported by N A) * [ASTERISK-29994] chan_dahdi: Round robin array size is too small for max number of groups (Reported by N A) * [ASTERISK-22246] Asterisk s T flag is ignored when used with r or R flags. (documentation bug) (Reported by Rusty Newton) * [ASTERISK-26582] Asterisk seems to ignore the n parameter for disable console colorization (Reported by Sebastian Gutierrez) * [ASTERISK-29843] Session timers get removed on UPDATE (Reported by Mark Petersen) * [ASTERISK-29943] file.c: seeking to negative file offset is not prevented (Reported by N A) * [ASTERISK-29955] chan_sip: SIP route header is missing on UPDATE (Reported by Mark Petersen) * [ASTERISK-29842] Do not change 180 Ringing to 183 Progress even if early_media already enabled (Reported by Mark Petersen) * [ASTERISK-29948] iostream: Infinite TCP timeout writing data (Reported by N A) * [ASTERISK-29253] Incorrect bridging on transfer (Reported by Yury Kirsanov) * [ASTERISK-30024] Failed to sign STIR/SHAKEN payload with functionality not enabled (Reported by Claude Diderich) * [ASTERISK-30006] res_pjsip: UDP transport does not work when async_operations is greater than 1 (Reported by Ross Beer) * [ASTERISK-29655] res_pjsip_session: No video to caller if no camera available (Reported by Michael Auracher) * [ASTERISK-29638] res_pjsip_session: No video after early media (Reported by Michael Auracher) * [ASTERISK-30015] pjsip / WebRTC: Chrome creating large number of SDP attributes (Reported by Josh Hogan) * [ASTERISK-30021] ast_variable_list_replace_variable uses variable with new keyword (Reported by Jasper Hafkenscheid) * [ASTERISK-30023] cdr_adaptive_odbc: does not support DATETIME database columns (Reported by Gregory Massel) * [ASTERISK-29411] Crash in pjsip_msg_find_hdr_by_name (Reported by LA) * [ASTERISK-29535] Segmentation fault in libasteriskpj.so.2 (Reported by Daniel Bonazzi) * [ASTERISK-26719] pbx: Only up to 127 includes in a dialplan context (AST_PBX_MAX_STACK 1) (Reported by Tzafrir Cohen) * [ASTERISK-29988] REGRESSION: The build process is requiring xmllint or xmlstarlet ro be installed when it shouldn t (Reported by George Joseph) * [ASTERISK-29986] build: Asterisk 18.11.0 doesn t compile when wget isn t available (Reported by Stefan Ruijsenaars) * [ASTERISK-29895] chan_iax2: Fix misaligned spacing in iax2 show netstats printout (Reported by N A) * [ASTERISK-29939] agi: Fix xmldoc bug with set music (Reported by N A) * [ASTERISK-28891] documentation: AGICommand_set+music documentation arguments displayed incorreclty (Reported by Jonathan Harris) * [ASTERISK-29048] chan_iax2: iax2 show registry shows host for perceived (Reported by David Herselman) * [ASTERISK-26689] res_pjsip_sdp_rtp: 183 Session in Progress. Disconnecting channel for lack of RTP activity (Reported by Dmitriy Serov) * [ASTERISK-29929] res_pjsip_sdp_rtp: Disconnecting channel for lack of RTP activity in one way sessions (Reported by Boris P. Korzun) * [ASTERISK-29674] Adjust for 64bit time_t (Reported by Andre Heider) * [ASTERISK-29961] RLS: domain part of uri list attribute mismatch with SUBSCRIBE request (Reported by Alexei Gradinari) * [ASTERISK-29950] SayNumber can handle 01 to 07 , but not 08 or 09 (Reported by Jim Van Meggelen) * [ASTERISK-29928] logging messages truncated when using MUSL runtime (Reported by Philip Prindeville) * [ASTERISK-29960] ari: Retrieving stored recording can returns wrong file (Reported by Arix) Improvements made in this release: * [ASTERISK-24827] Missing documentation for chan_dahdi dial string ring cadences (Reported by Scott Griepentrog) * [ASTERISK-29940] general: Add since tags to xmldocs (Reported by N A) * [ASTERISK-29951] app_mf, app_sf: Return -1 on hangup (Reported by N A) * [ASTERISK-29954] app_meetme: Emit warning if conference not found (Reported by N A) * [ASTERISK-29351] Qualify pjproject 2.12 for Asterisk (Reported by George Joseph) * [ASTERISK-29877] app_mf: Allow reading a maximum number of digits (Reported by N A) * [ASTERISK-29976] Should Readme include information about install_prereq script? (Reported by Marcel Wagner) * [ASTERISK-29970] Use pkg-config to find libxml2 headers and libraries (Reported by Hugh McMaster) * [ASTERISK-25716] Documentation: Document explanations and examples for possible values of DIALSTATUS (Reported by Rusty Newton) * [ASTERISK-29980] build: External binary modules don t use https (Reported by INVADE International Ltd.) * [ASTERISK-29967] pbx_builtins: Add missing documentation (Reported by N A) 16.25.3 Bugs fixed in this release: * [ASTERISK-30024] Failed to sign STIR/SHAKEN payload with functionality not enabled (Reported by Claude Diderich) 16.25.2 The following security vulnerabilities were resolved in 16.25.2: * AST-2022-001: res_stir_shaken: resource exhaustion with large files When using STIR/SHAKEN, it's possible to download files that are not certificates. These files could be much larger than what you would expect to download. * AST-2022-002: res_stir_shaken: SSRF vulnerability with Identity header When using STIR/SHAKEN, it's possible to send arbitrary requests like GET to interfaces such as localhost using the Identity header. * AST-2022-003: func_odbc: Possible SQL Injection Some databases can use backslashes to escape certain characters, such as backticks. If input is provided to func_odbc which includes backslashes it is possible for func_odbc to construct a broken SQL query and the SQL query to fail. 16.25.1 Bugs fixed in this release: * [ASTERISK-29988] REGRESSION: The build process is requiring xmllint or xmlstarlet ro be installed when it shouldn??t (Reported by George Joseph) * [ASTERISK-29986] build: Asterisk 18.11.0 doesn??t compile when wget isn??t available (Reported by Stefan Ruijsenaars) 15.25.0 Security bugs fixed in this release: * [ASTERISK-29945] pjproject: Security fixes for things (Reported by Kevin Harwell) New Features made in this release: * [ASTERISK-29853] ami: Allow events to be globally disabled (Reported by N A) * [ASTERISK-29840] func_channel: Add LASTCONTEXT and LASTEXTEN fields (Reported by N A) Bugs fixed in this release: * [ASTERISK-29924] res_config_pgsql: omit unsupported column type text' error (Reported by Boris P. Korzun) * [ASTERISK-29923] docs, LICENSE: pbx.digium.com no longer exists (Reported by N A) * [ASTERISK-29904] RLS: Batched Notifications stop working (Reported by Alexei Gradinari) * [ASTERISK-29365] taskprocessor: Can cause assert at shutdown (Reported by Joshua C. Colp) * [ASTERISK-29873] Queue Realtime load (Reported by Alexei Gradinari) * [ASTERISK-18416] Realtime queue agents unavailable via AMI before a call event. (Reported by kwk) * [ASTERISK-27597] AMI Queuestatus not working (with realtime queue) (Reported by cagdas kopuz) * [ASTERISK-29886] Asterisk AMI sends not-valid XML (Reported by Napadailo Yaroslav) Improvements made in this release: * [ASTERISK-29906] update RLS to reflect the changes to the lists (Reported by Alexei Gradinari) * [ASTERISK-29909] app_queue: Add support for withdrawing a call (Reported by Kfir Itzhak) * [ASTERISK-29353] Qualify jansson 2.14 for asterisk (Reported by George Joseph) * [ASTERISK-29897] channels: Increase core debug levels for chatty debugs (Reported by N A) * [ASTERISK-29896] xmldocs: Add since tag (Reported by N A) * [ASTERISK-29861] asterisk.h: add macro for curl user agent (Reported by N A) * [ASTERISK-29920] app_voicemail: Warn if trying to manage nonexistent mailbox (Reported by N A) * [ASTERISK-29925] func_db: Warn about malformed key names (Reported by N A) * [ASTERISK-29809] curl, stir_shaken: refactor curl code (Reported by N A) * [ASTERISK-29891] provide a display name for RLS subscriptions (Reported by Alexei Gradinari) * [ASTERISK-29866] cli: add core dump information to core show settings (Reported by N A) * [ASTERISK-29898] documentation: Add default attributes to documentation (Reported by N A) * [ASTERISK-29900] app_mp3: Document and warn about https incompatibility (Reported by N A) 16.24.1 The following security vulnerabilities were resolved in 16.24.1: * AST-2022-004: pjproject: integer underflow on STUN message The header length on incoming STUN messages that contain an ERROR-CODE attribute is not properly checked. This can result in an integer underflow. Note, this requires ICE or WebRTC support to be in use with a malicious remote party. * AST-2022-005: pjproject: undefined behavior after freeing a dialog set When acting as a UAC, and when placing an outgoing call to a target that then forks Asterisk may experience undefined behavior (crashes, hangs, etc??) after a dialog set is prematurely freed. * AST-2022-006: pjproject: unconstrained malformed multipart SIP message If an incoming SIP message contains a malformed multi-part body an out of bounds read access may occur, which can result in undefined behavior. Note, it??s currently uncertain if there is any externally exploitable vector within Asterisk for this issue, but providing this as a security issue out of caution.[cleardot]
massive revision bump after textproc/icu update
*: bump PKGREVISION for libunistring shlib major bump
*: Revbump packages that use Python at runtime without a PKGNAME prefix
*: recursive bump for perl 5.36
asterisk*: Check for NetBSD properly. Use OPSYS_VERSION.
asterisk*: Use OPSYS_VERSION to numerically compare NetBSD versions
revbump for textproc/icu update
asterisk16: Update to 16.24.0 Changelog: Asterisk 16.24.0 Now Available The following issues are resolved in this release: New Features made in this release: * [ASTERISK-29808] cdr: allow disabling CDR by default (Reported by N A) * [ASTERISK-29830] ami: Add AMI event for Wink (Reported by N A) * [ASTERISK-29802] app_sf: Add full tech-agnostic SF support (Reported by N A) * [ASTERISK-29759] app_sendtext: Add ReceiveText application (Reported by N A) * [ASTERISK-29706] func_json: Add JSON parsing function (Reported by N A) Bugs fixed in this release: * [ASTERISK-29888] res_pjsip_outbound_authenticator_digest: ABRT attempting to clean up auth_sess (Reported by George Joseph) * [ASTERISK-29854] func_frame_drop: fix buffer usage typo (Reported by N A) * [ASTERISK-29857] res_tonedetect: fix logic errors in code (Reported by N A) * [ASTERISK-29869] rtp sequence number can skip after DTMF under certain bridges (Reported by Torrey Searle) * [ASTERISK-29817] gethostbyname_r is misdetected on NetBSD and causes a build failure (Reported by Micha G rny) * [ASTERISK-29698] Segfault if sorcery object_lifetime_maximum and qualify_frequency the same value (Reported by Alexei Gradinari) * [ASTERISK-29851] rdtsc is not enabled (stubbed out) on NetBSD (Reported by Micha G rny) * [ASTERISK-29852] make_version uses GNU-ism that break git-svn-id parsing on NetBSD (Reported by Micha G rny) * [ASTERISK-29850] ast_get_tid() not implemented for NetBSD (Reported by Micha G rny) * [ASTERISK-29818] Build failure on NetBSD due to hmac function collision (Reported by Micha G rny) * [ASTERISK-29867] configure fails if libsrtp dev files are not installed (Reported by Sean Bright) * [ASTERISK-29856] res_rtp_asterisk: Invalid comparison creates unreachable code (Reported by N A) * [ASTERISK-29813] res_pjsip_session doesn t support multipart message bodies (Reported by George Joseph) * [ASTERISK-29858] Regression: Using external pjproject not working after hack commit (Reported by George Joseph) * [ASTERISK-29859] VoiceMailMain() fails when encountering non-numeric CALLERID(num) (Reported by Mark Murawski) * [ASTERISK-29847] pbx_variables: ASTSBINDIR is missing (Reported by N A) * [ASTERISK-29824] It s hard to make changes to bundled pjproject (Reported by George Joseph) * [ASTERISK-29695] SAY.CONF wrong logic when converting 24hour time to say 12 hour am/pm (Reported by Vincent Dubois) * [ASTERISK-29664] PJSIP processing token with % incorrectly (Reported by Dan Cropp) * [ASTERISK-29827] Support for Nordic language syntax in Queues (Reported by Mark Petersen) * [ASTERISK-29515] app_queue: QueueSummary and QueueStatus events don t exist in documentation (Reported by Luke Escude) * [ASTERISK-29746] tcptls.c: TCP client connect fails due to interrupt (Reported by Kevin Harwell) * [ASTERISK-29806] app_queue: extension state incorrect (Reported by Steve Davies) * [ASTERISK-29816] SAY_DTMF_INTERRUPT channel variable is not honored (Reported by Sean Bright) * [ASTERISK-29821] Deadlock in bridge_channel_internal_join() on local channels. (Reported by Krzysztof Trempala) * [ASTERISK-29722] test_timezone_watch breaks during DST to ST transition (Reported by Josh Soref) * [ASTERISK-29804] bundled_pjproject: sip_inv is missing multipart support in some cases (Reported by George Joseph) * [ASTERISK-29794] ast_coredumper does not delete results when requested and a specific output dir is set (Reported by Frederic Van Espen) * [ASTERISK-29803] pbx_variables: cp4 variables is used uninitialized (Reported by N A) * [ASTERISK-29766] pbx_variables: MSet truncates sets after 24 variables (Reported by N A) * [ASTERISK-29772] chan_sip: ${CHANNEL(ruri)} in Dial/Queue b (test,s,1) cause a coredump (Reported by Mark Petersen) * [ASTERISK-29790] xmldoc: Dump invalid to XML DTD: XSLT (Reported by Alexander Traud) * [ASTERISK-29791] xmldoc: Dump invalid to XML DTD: ACO Matchfield (Reported by Alexander Traud) * [ASTERISK-26991] documentation: Doxygen site is no longer being updated (Reported by Joshua C. Colp) * [ASTERISK-20259] Update Doxygen Configuration for make progdocs (Reported by Andrew Latham) * [ASTERISK-29785] res_pjsip_sdp_rtp: Warns on every offered crypto suite (Reported by Alexander Traud) * [ASTERISK-27406] Infinite loop when out of ports and rtpstart value is odd (Reported by Thomas Guebels) * [ASTERISK-28053] chan_pjsip: Wrong or missing Q.850 reason in CANCEL (Reported by Simone Lazzaris) * [ASTERISK-29761] res: Fix for Doxygen (Reported by Alexander Traud) * [ASTERISK-29763] main: Fix for Doxygen (Reported by Alexander Traud) Improvements made in this release: * [ASTERISK-29832] Enable pickup on channel after having received 183 Progress (Reported by Mark Petersen) * [ASTERISK-28890] res_pjsip_sdp_rtp: Keepalive not supported for video streams (Reported by Luke Escude) * [ASTERISK-29831] Queue don t play thank-you when here is no hold time announcements (Reported by Mark Petersen) * [ASTERISK-29855] frame.h: fix CNG documentation typo (Reported by N A) * [ASTERISK-29848] documentation: Document special system and channel variables (Reported by N A) * [ASTERISK-29819] utils.c: Remove all usages of ast_gethostbyname() (Reported by Sean Bright) * [ASTERISK-29815] dsp: Define magic number as macro (Reported by N A) * [ASTERISK-29807] cli: add module refresh command (Reported by N A) * [ASTERISK-29829] app_mp3: Throw warning if attempting to play a nonexistent stream (Reported by N A) * [ASTERISK-24427] Documentation is missing for a few AMI Events Including CDR and events triggered after the QueueStatus action (Reported by Dafi Ni) * [ASTERISK-29795] DIALEDPEERNUMBER not set on destination channel for Queue calls (Reported by Mark Petersen) * [ASTERISK-29801] app.c: Throw warnings for nonexistent options (Reported by N A) * [ASTERISK-29797] Support for Danish language syntax in VM (Reported by Mark Petersen) * [ASTERISK-29758] configs: Minor updates to sample configs (Reported by N A) * [ASTERISK-29800] strings: Fix misusage in comment examples (Reported by N A) * [ASTERISK-29745] pbx: Add public API for more elegant variable substitution with extensions (Reported by N A) * [ASTERISK-29729] Incompatibility with newer spandsp releases (3.0.0+) (Reported by Dustin Marquess) For a full list of changes in this release, please see the ChangeLog: https://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-16.24.0 Asterisk 16.23.0 Now Available The following issues are resolved in this release: New Features made in this release: * [ASTERISK-29720] res_tonedetect: Add call progress tone detection (Reported by N A) * [ASTERISK-18069] app_queue Add Login Time and Last Paused Times to Queue Members (Reported by Jamuel Starkey) Bugs fixed in this release: * [ASTERISK-29779] progdocs: Hidden code sections with syntax errors. (Reported by Alexander Traud) * [ASTERISK-29732] progdocs: Fix grouping for latest Doxygen (Reported by Alexander Traud) * [ASTERISK-29771] Crash occurs when 2 realtime sippeers mysql connections are configured and we have a schema warning (Reported by Mario Ban) * [ASTERISK-29776] stir/shaken: Requires GNU designator (Reported by Alexander Traud) * [ASTERISK-29773] progdocs: doxyref.h outdated (Reported by Alexander Traud) * [ASTERISK-29765] xmldoc: Fix for Doxygen (Reported by Alexander Traud) * [ASTERISK-29764] chan_misdn: Fix for Doxygen (Reported by Alexander Traud) * [ASTERISK-29762] channels: Fix for Doxygen (Reported by Alexander Traud) * [ASTERISK-29730] Segfault in __ao2_ref if refdebug = yes (Reported by Alexei Gradinari) * [ASTERISK-29748] bridging: Infinite loop when both Local channel halves in same bridge (Reported by Joshua C. Colp) * [ASTERISK-29753] parking: Fix for Doxygen (Reported by Alexander Traud) * [ASTERISK-29754] odbc: Fix for Doxygen (Reported by Alexander Traud) * [ASTERISK-29756] res_ari: Fix for Doxygen (Reported by Alexander Traud) * [ASTERISK-29755] frame: Fix for Doxygen (Reported by Alexander Traud) * [ASTERISK-29751] channel: Fix for Doxygen (Reported by Alexander Traud) * [ASTERISK-29750] stasis: Fix for Doxygen (Reported by Alexander Traud) * [ASTERISK-29752] app: Fix for Doxygen (Reported by Alexander Traud) * [ASTERISK-29749] res_xmpp: Fix for Doxygen (Reported by Alexander Traud) * [ASTERISK-29737] chan_iax2: Fix for Doxygen (Reported by Alexander Traud) * [ASTERISK-29747] res_pjsip: Fix for Doxygen (Reported by Alexander Traud) * [ASTERISK-29743] bridges: Fix for Doxygen (Reported by Alexander Traud) * [ASTERISK-29742] addons: Fix for Doxygen. (Reported by Alexander Traud) * [ASTERISK-29741] tests: Fix for Doxygen (Reported by Alexander Traud) * [ASTERISK-29740] apps: Fix for Doxygen (Reported by Alexander Traud) * [ASTERISK-29736] bridge_channel: Fix for Doxygen (Reported by Alexander Traud) * [ASTERISK-29733] progdocs: Avoid name with Doxygen \file (Reported by Alexander Traud) * [ASTERISK-29734] progdocs: Use Doxygen \example correctly (Reported by Alexander Traud) * [ASTERISK-29735] progdocs: Avoid multiple use of section labels (Reported by Alexander Traud) * [ASTERISK-29744] app_morsecode: Fix deadlock (Reported by N A) * [ASTERISK-29705] app_read: Fix custom terminator functionality regression (Reported by N A) * [ASTERISK-29703] res_pjsip_callerid: Fix OLI parsing (Reported by N A) * [ASTERISK-29702] sig_analog: Fix truncated buffer copy (Reported by N A) * [ASTERISK-29724] BuildSystem: In POSIX sh, == in place of = is undefined. (Reported by Alexander Traud) * [ASTERISK-28040] pbx: dialplan reload is removing minus symbol from dynamic hints (Reported by Daniel Zanutti) * [ASTERISK-29391] VoiceMail does not cancel recording on rerecord hangup (Reported by N A) * [ASTERISK-29709] res_snmp: Not build on recent Debian distributions. (Reported by Alexander Traud) * [ASTERISK-29710] stasis: Clang 13 warns about the unused but set variable dispatched. (Reported by Alexander Traud) * [ASTERISK-29711] aelparse: GCC 11.2 found two maybe uninitialized (Reported by Alexander Traud) * [ASTERISK-29713] GCC 11.2: two stringop-overread (Reported by Alexander Traud) * [ASTERISK-29682] Squash compiler issues generated by gcc 11 (Reported by George Joseph) * [ASTERISK-29693] Using with-crypto and with-ssl fails on a recompile (Reported by George Joseph) * [ASTERISK-27816] func_talkdetect s logic is completely broken (Reported by Moritz Fain) * [ASTERISK-29691] stun: Not all users provide a dst to ast_stun_request (Reported by Dennis Haney) * [ASTERISK-26497] make install downloads x86_32 variants of external modules on non Intel architectures (Reported by Corey Farrell) Improvements made in this release: * [ASTERISK-29777] documentation: Standardize example syntax (Reported by N A) * [ASTERISK-29715] app_voicemail: Refactor email generation functions (Reported by N A) * [ASTERISK-29727] Add type for JSON stasis message RTCP Report Received/Sent (Reported by Boris P. Korzun) * [ASTERISK-29714] Spelling errors (Reported by Josh Soref) * [ASTERISK-29707] chan_iax2: Allow both key and secret to be specified at dial time (Reported by N A) * [ASTERISK-29662] Add mix option to Playback application for say and filename (Reported by Shloime Rosenblum) For a full list of changes in this release, please see the ChangeLog: https://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-16.23.0 Asterisk 16.22.0 Now Available The following issues are resolved in this release: New Features made in this release: * [ASTERISK-29656] Add CHANNEL_EXISTS function (Reported by N A) Bugs fixed in this release: * [ASTERISK-20219] IAX2 Call Encryption Fails with RSA authentication (Reported by Michael Munger) * [ASTERISK-29402] res_pjsip_t38: Socket is bound to IPv4/IPv6 but platform does not support it (Reported by Matthew Kern) * [ASTERISK-29673] app_read: Fix null pointer crash regression (Reported by N A) * [ASTERISK-29671] res_rtp_asterisk: memory leak (Reported by Jean Aunis Prescom) * [ASTERISK-29663] messaging: AMI MessageSend does not support same parameters as dialplan application (Reported by Brian J. Murrell) * [ASTERISK-29578] app_queue: Custom device state using included hints do not update (Reported by N A) * [ASTERISK-29660] Build failure when disabling PJSIP support (Reported by Guido Falsi) Improvements made in this release: * [ASTERISK-29637] Add support for future dates in Say.c (Reported by Shloime Rosenblum) * [ASTERISK-29525] PJSIP remove_existing unavailable contacts (Reported by Joseph Nadiv) * [ASTERISK-29661] func_vmcount: Add support for multiple mailboxes (Reported by N A) * [ASTERISK-29275] Support of MIME-type for wav16 (Reported by Boris P. Korzun) * [ASTERISK-29529] Add custom logging level (Reported by N A) For a full list of changes in this release, please see the ChangeLog: https://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-16.22.0 Asterisk 16.21.1 Now Available The following issue is resolved in this release: Bugs fixed in this release: * [ASTERISK-29685] pbx_ael: Infinite loop on reload (Reported by Joshua C. Colp) For a full list of changes in this release, please see the ChangeLog: https://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-16.21.1 Asterisk 16.21.0 Now Available The following issues are resolved in this release: Deprecations made in this release: * [ASTERISK-29548] app_meetme: Deprecated in 19, to be removed in 21 (Reported by Joshua C. Colp) * [ASTERISK-29549] app_osploop: Deprecated in 19, to be removed in 21 (Reported by Joshua C. Colp) * [ASTERISK-29550] chan_alsa: Deprecated in 19, to be removed in 21 (Reported by Joshua C. Colp) * [ASTERISK-29551] chan_mgcp: Deprecated in 19, to be removed in 21 (Reported by Joshua C. Colp) * [ASTERISK-29552] chan_skinny: Deprecated in 19, to be removed in 21 (Reported by Joshua C. Colp) * [ASTERISK-29553] res_pktccops: Deprecated in 19, to be removed in 21 (Reported by Joshua C. Colp) * [ASTERISK-29554] cdr_mysql: Deprecated in 1.8, to be removed in 19 (Reported by Joshua C. Colp) * [ASTERISK-29555] app_mysql: Deprecated in 1.8, to be removed in 19 (Reported by Joshua C. Colp) * [ASTERISK-29557] app_ices: Deprecated in 16, to be removed in 19 (Reported by Joshua C. Colp) * [ASTERISK-29558] app_macro: Deprecated in 16, to be removed in 21 (Reported by Joshua C. Colp) * [ASTERISK-29559] app_fax: Deprecated in 16, to be removed in 19 (Reported by Joshua C. Colp) * [ASTERISK-29560] app_url: Deprecated in 16, to be removed in 19 (Reported by Joshua C. Colp) * [ASTERISK-29561] app_image: Deprecated in 16, to be removed in 19 (Reported by Joshua C. Colp) * [ASTERISK-29562] app_nbscat: Deprecated in 16, to be removed in 19 (Reported by Joshua C. Colp) * [ASTERISK-29563] app_dahdiras: Deprecated in 16, to be removed in 19 (Reported by Joshua C. Colp) * [ASTERISK-29564] cdr_syslog: Deprecated in 16, to be removed in 19 (Reported by Joshua C. Colp) * [ASTERISK-29565] chan_oss: Deprecated in 16, to be removed in 19 (Reported by Joshua C. Colp) * [ASTERISK-29566] chan_phone: Deprecated in 16, to be removed in 19 (Reported by Joshua C. Colp) * [ASTERISK-29567] chan_sip: Deprecated in 17, to be removed in 21 (Reported by Joshua C. Colp) * [ASTERISK-29568] chan_nbs: Deprecated in 16, to be removed in 19 (Reported by Joshua C. Colp) * [ASTERISK-29569] chan_misdn: Deprecated in 16, to be removed in 19 (Reported by Joshua C. Colp) * [ASTERISK-29570] chan_vpb: Deprecated in 16, to be removed in 19 (Reported by Joshua C. Colp) * [ASTERISK-29571] res_config_sqlite: Deprecated in 16, to be removed in 19 (Reported by Joshua C. Colp) * [ASTERISK-29572] res_monitor: Deprecated in 16, to be removed in 21 (Reported by Joshua C. Colp) * [ASTERISK-29573] conf2ael: Deprecated in 16, to be removed in 19 (Reported by Joshua C. Colp) * [ASTERISK-29574] muted: Deprecated in 16, to be removed in 19 (Reported by Joshua C. Colp) Improvements made in this release: * [ASTERISK-29472] res_pjsip: OLI/ANI2 support missing (Reported by N A) * [ASTERISK-29626] app_stack: Include calling location if attempting to branch to nonexistent location (Reported by N A) * [ASTERISK-29632] Add option to Application_VoiceMail to suppress instructions only when a custom greeting is present (Reported by Charlie Smurthwaite) * [ASTERISK-29605] chan_iax2: Add ANI2 (Reported by N A) * [ASTERISK-29508] STUN server address refresh (Reported by S bastien Duthil) * [ASTERISK-29612] bridge_basic: Don t throw warning if attended transfer is cancelled (Reported by N A) * [ASTERISK-29544] Media Cache Delayed remote sound file retrieve delays all playbacks (Reported by Andre Barbosa) * [ASTERISK-29541] app_morsecode: Add American Morse code (Reported by N A) * [ASTERISK-29495] Return integer instead of float if response is a whole number (Reported by N A) * [ASTERISK-29543] app_originate: Allow specifying codec(s) to use (Reported by N A) Bugs fixed in this release: * [ASTERISK-29673] app_read: Fix null pointer crash regression (Reported by N A) * [ASTERISK-29660] Build failure when disabling PJSIP support (Reported by Guido Falsi) * [ASTERISK-29654] pjproject includes trailing whitespace in sdp format attributes (Reported by George Joseph) * [ASTERISK-29635] MP3Player don t work with actual mpg123 versions (Reported by Carlos Oliva) * [ASTERISK-27176] test_abstract_jb: frames leak (Reported by Corey Farrell) * [ASTERISK-29634] res_snmp: gcc 11 needs -fPIC to compile correctly (Reported by George Joseph) * [ASTERISK-29630] Asterisk is unable to read extended number format terminfo files (Reported by Sean Bright) * [ASTERISK-28004] dns: Core ast_dns_get_nameservers does not support configured IPv6 servers (Reported by Isaac McDonald) * [ASTERISK-29618] ConfBridge errors on creation conference room (Reported by Alexander Zharov) * [ASTERISK-29622] ARI: external media create doesn t use body parameter (Reported by sungtae kim) * [ASTERISK-29614] app_agent_pool: XML Doc: unterminated entity reference (Reported by Alexander Traud) * [ASTERISK-29609] Subsequent ael reload will cause a lock up (Reported by Mark Murawski) * [ASTERISK-28701] app_queue: Core reload resets queue stats, even when keepstats=yes (Reported by Luke Escude) * [ASTERISK-29616] res_rtp_asterisk: sqrt(.) requires the header math.h. (Reported by Alexander Traud) * [ASTERISK-29518] sig_analog: FCG_CAMA fails to signal ANI spill when using MF signaling (Reported by Sarah Autumn) * [ASTERISK-29582] res_pjproject: Can t map pjproject log messages to Asterisk TRACE (Reported by George Joseph) * [ASTERISK-29575] app_milliwatt: Milliwatt application doesn t use the proper timings (Reported by N A) * [ASTERISK-20339] chan_mgcp, resp_pktccops ast_debug support (Reported by Tomas Maldonado) * [ASTERISK-29540] aelparse: include of context with timings fails (Reported by Alexander Traud) * [ASTERISK-29539] Segmentation fault at ast_writestream() when write handler not defined (happens with OGG/Speex) (Reported by Ernani Jos Camargo Azevedo) New Features made in this release: * [ASTERISK-29496] Add SendMF application (Reported by N A) * [ASTERISK-29627] Add STRBETWEEN function (Reported by N A) * [ASTERISK-29628] Add file and directory functions (Reported by N A) * [ASTERISK-29531] Add SAYFILES function (Reported by N A) * [ASTERISK-29546] Add tone detection module (Reported by N A) * [ASTERISK-18454] Option for Read to be able to accept # (Reported by Sta Retji) * [ASTERISK-29542] Add audio scrambler (Reported by N A) * [ASTERISK-29478] Function to drop frames in the TX or RX directions (Reported by N A) For a full list of changes in this release, please see the ChangeLog: https://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-16.21.0 Asterisk 16.20.0 Now Available The following issues are resolved in this release: Security bugs fixed in this release: * [ASTERISK-29415] Crash in PJSIP TLS transport (Reported by Andrew Yager) * [ASTERISK-29381] chan_pjsip: Remote denial of service by an authenticated user (Reported by Ivan Poddubny) New Features made in this release: * [ASTERISK-29389] Add PJSIP_HEADERS() and ability to read header by pattern (Reported by Igor Goncharovsky) * [ASTERISK-29477] Function to asynchronously store digits dialed (Reported by N A) * [ASTERISK-29454] New application to reload modules (Reported by N A) * [ASTERISK-29444] Add application to wait for condition (Reported by N A) * [ASTERISK-29442] app_dial: Expand A option to allow announcement playback to caller (Reported by N A) Bugs fixed in this release: * [ASTERISK-29494] cdr_adaptive_odbc: Prevent throwing warnings if CDR filtering is used (Reported by N A) * [ASTERISK-29513] statsd: Remove non-standard metric type Meter (Reported by Rijnhard Hessel) * [ASTERISK-29526] G729 audio gets corrupted by Asterisk due to smoother (Reported by under) * [ASTERISK-29392] chan_iax2: Asterisk crashes when queueing video with format (Reported by Michael Welk) * [ASTERISK-29507] STUN timeout is silently delaying calls (Reported by S bastien Duthil) * [ASTERISK-27871] Remote URL in playback must end with file extension (Reported by Caesar) * [ASTERISK-29503] Updated identify/match syntax not supported by config wizard (Reported by Sean Bright) * [ASTERISK-29480] fixedjitterbuffer contains an un-wrappered assert that triggers on a negative time slew (Reported by Dan Cropp) * [ASTERISK-29485] core: Inband generation of tones for Busy() and Congestion() may not occur (Reported by Joshua C. Colp) * [ASTERISK-29479] Channels are not put on hold for Session Progress with inactive audio (Reported by Bernd Zobl) Improvements made in this release: * [ASTERISK-29528] Add support for multiple files for agent announcements (Reported by N A) * [ASTERISK-29501] ARI Stasis Playback doesn t hangup call when processing a list of invalid files (Reported by Andre Barbosa) * [ASTERISK-29464] ARI PlaybackFinish skip error events (Reported by Andre Barbosa) For a full list of changes in this release, please see the ChangeLog: https://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-16.20.0
revbump for icu and libffi
mk: For consistency, rename PKG_HAS_ to OPSYS_HAVE_. Requested by jperkin.
asterisk*: Detect kqueue/timerfd through pkgsrc infrastructure. Fixes PLIST on NetBSD/current.
revbump for boost-libs
asterisk16: Update to 16.19.0 16.19.0 New Features made in this release: * [ASTERISK-29446] app_confbridge: New ConfKick application (Reported by N A) * [ASTERISK-29440] app_confbridge: Allow ConfBridge answer to be suppressed (Reported by N A) * [ASTERISK-29431] Minimum and maximum dialplan functions (Reported by N A) * [ASTERISK-29439] func_volume: Volume function can t be read (Reported by N A) Bugs fixed in this release: * [ASTERISK-29475] SayNumber triggers WARNING if caller hangs up during application execution (Reported by N A) * [ASTERISK-29404] Consolidate res_pjsip_messaging fixes for domain name (Reported by George Joseph) * [ASTERISK-29441] Core reload making TCP endpoints go offline (Reported by Luke Escude) * [ASTERISK-29433] res_rtp_asterisk: Server reflexive candidates use incorrect raddr for RTCP (Reported by Chris) * [ASTERISK-28237] FRACK!, Failed assertion bad magic number happens when unsubscribe an application from an event source (Reported by Lucas Tardioli Silveira) * [ASTERISK-28393] Multidomain support issue (Reported by Andrea Sannucci) * [ASTERISK-29397] pjsip: Asterisk isn t tolerant of RFC8760 UASs (Reported by George Joseph) * [ASTERISK-24601] Missing RFC4235 tags and attributes in PJSIP NOTIFY event: dialog XML body (Reported by Marco Paland) * [ASTERISK-29372] file.c switch does not account for flash events (Reported by N A) * [ASTERISK-29377] cpool_release_pool double free or corruption (out) (Reported by Robert Sutton) * [ASTERISK-29370] chan_sip does not recognize application/hook-flash (Reported by N A) * [ASTERISK-29358] chan_pjsip: Trace message for progress is output even if frame is not queued (Reported by Michael Maier) * [ASTERISK-29030] res_rtp_asterisk: Additional RTP-frame (with wrong SSRC) gets inserted when switching from progress to established (Reported by Matthias Hensler) * [ASTERISK-29407] chan_local: Filtering audio formats should not occur on removed streams (Reported by Joshua C. Colp) Improvements made in this release: * [ASTERISK-29450] Allow setting channel variables using Originate application (Reported by N A) * [ASTERISK-29460] Recognize application/hook-flash in PJSIP (Reported by N A) * [ASTERISK-29459] Missing configuration from PJSIP to SIP conversion script (Reported by N A) * [ASTERISK-29434] Asterisk reveals pjproject version in STUN packets (Reported by Jeremy Lain ) * [ASTERISK-29349] Silent voicemail option is not completely silent (Reported by N A) * [ASTERISK-29380] Add Flash AMI event to handle flash events (Reported by N A) 16.18.0 Bugs fixed in this release: * [ASTERISK-29328] translate.c: possible buffer overflow when upsampling (Reported by Jean Aunis Prescom) * [ASTERISK-29379] Segfault ast_channel_is_multistream (chan=0x0) at channel_internal_api.c:1590 (Reported by Ross Beer) * [ASTERISK-29364] res_rtp_asterisk: standard deviation miscalculation (Reported by Kevin Harwell) * [ASTERISK-29373] res_rtp_asterisk: Flash events are duplicated (Reported by N A) * [ASTERISK-28356] app_queue: CLI set ringinuse for realtime member not working (Reported by Michael) * [ASTERISK-24631] Incorrect description of option context in queues.conf.sample (Reported by Etienne Lessard) * [ASTERISK-26614] app_queue: updatecdr option in queues.conf does effectively nothing (Reported by Alexander Gonchiy) * [ASTERISK-25358] dateformat not read from logger.conf by remote console (Reported by Igor Liferenko) * [ASTERISK-27542] app_queue: When queue show CLI command is executed a crash occurs (Reported by Miguel Sanz) * [ASTERISK-29215] res_pjsip_session: NULL active_media_state topology caused asterisk crash (Reported by sungtae kim) * [ASTERISK-29355] app_queue: Queue member status message sent even if status doesn t change (Reported by Roman Pertsev) * [ASTERISK-29035] chan_local: Multistream support breaks T.38 faxing (Reported by Matthias Hensler) * [ASTERISK-29354] res_pjsip: Allow partial reloading of transports (Reported by Joshua C. Colp) * [ASTERISK-29348] menuselect doesn t return errors in many cases (Reported by George Joseph) * [ASTERISK-29352] res_rtp_asterisk: Fix frame delivery time when SSRC changes (Reported by Joshua C. Colp) Improvements made in this release: * [ASTERISK-29339] loader: Let s output warnings for deprecated modules! (Reported by Joshua C. Colp) * [ASTERISK-29337] menuselect: Add ability to set deprecated in and removed in versions for modules (Reported by Joshua C. Colp) * [ASTERISK-29335] xml: Embed module information into core XML documentation. (Reported by Joshua C. Colp) * [ASTERISK-29336] documentation: Fix inconsistent support levels (Reported by Joshua C. Colp)
*: recursive bump for perl 5.34
revbump for boost-libs
revbump for textproc/icu
comms/asterisk16: Update to 16.17.0 This is a micro update that is mostly security fixes and bug fixes with very small improvements. In addition to this being a security fix, asterisk16 is a leaf package. Upstream changes: Security bugs fixed in this release: ----------------------------------- * ASTERISK-29305 - ASTERISK-29203 / AST-2021-002 -- Another scenario is causing a crash (Reported by Gregory Massel) * ASTERISK-29260 - sRTP Replay Protection ignored; even tears down long calls (Reported by Alexander Traud) * ASTERISK-29227 - res_pjsip_diversion: sending multiple 181 responses causes memory corruption and crash (Reported by Ivan Poddubny) Bugs fixed in this release: ----------------------------------- * ASTERISK-29215 - res_pjsip_session: NULL active_media_state topology caused asterisk crash (Reported by sungtae kim) * ASTERISK-29035 - chan_local: Multistream support breaks T.38 faxing (Reported by Matthias Hensler) * ASTERISK-29071 - app_confbridge: Memory rises when jitterbuffer enabled and muting over AMI occurs (Reported by Stefan Ruf) * ASTERISK-29329 - app_dial: DTMF to 'D' option gets duplicated if there are multiple progress events (Reported by N A) * ASTERISK-24434 - Fix differing usage of assignment operators in modules.conf (Reported by Rusty Newton) * ASTERISK-29306 - strings: Incorrect use of __attribute__((pure)) in ast_str_to_lower definition (Reported by Vitezslav Novy) * ASTERISK-29300 - res_rtp_asterisk: When native local bridging the remote SSRC becomes permanent (Reported by Sebastian Damm) * ASTERISK-29235 - res_pjsip_nat: Contact is rewritten on REGISTER responses with external_signaling_address (Reported by Brian Paboojian) * ASTERISK-29266 - ICE Role conflict with an unauthorized session (Reported by Salah Ahmed) * ASTERISK-29105 - chan_pjsip: 180 Ringing with SDP not changed into progress (Reported by Sebastian Damm) * ASTERISK-29297 - say: Y2021 problem – Asterisk cannot say year 2021 in Dutch (Reported by Jacek Konieczny) * ASTERISK-29315 - res_pjsip: re-registration gets stuck if setting initial auth credentials fails (Reported by Nick French) * ASTERISK-29312 - res_fax: asterisk fails to publish the Stasis and ReceiveFax status messages if the remote Station ID contains invalid UTF-8 characters (Reported by Alexei Gradinari) * ASTERISK-16799 - Callee declined when 'beep' audio file does not exist (Reported by IAMJames_) * ASTERISK-29313 - res_pjsip_refer: Segfault in progress notify (Reported by George Joseph) * ASTERISK-29293 - res_config_pgsql: Limit realtime_pgsql() to return one (no more) record (Reported by Boris P. Korzun) * ASTERISK-29303 - pjsip: Re-invite occurs when it shouldn't (Reported by Benjamin Keith Ford) * ASTERISK-29311 - res_odbc_transaction sets forcecommit default value based on isolation level instead of forcecommit (Reported by Jaco Kroon) * ASTERISK-28452 - pjsip: <sess-version> of SDP is not incremented though SDP may be changed on reinvite without SDP offer (Reported by Michael Maier) * ASTERISK-29287 - app.h: C++ compatibility broken (Reported by Jean Aunis - Prescom) * ASTERISK-28369 - app_queue: Member device state "invalid" when second call is ringing and hint is used (Reported by Boolah ) * ASTERISK-29203 - res_pjsip_t38: Crash when changing state (Reported by Gregory Massel) * ASTERISK-29205 - res_rtp_asterisk: Asterisk crashes when making hold/unhold from webrtc client (Reported by Edvin Vidmar) * ASTERISK-29196 - res_pjsip: Segmentation fault (Reported by Mauri de Souza Meneguzzo (3CPlus)) * ASTERISK-29280 - chan_sip: Allow peers without audio (text+video). (Reported by Alexander Traud) * ASTERISK-29265 - chan_sip: Allow text+video media streams, again. (Reported by Alexander Traud) * ASTERISK-29261 - res_pjsip: user=phone validation fail for isup numbers containing *# (Reported by Mark Petersen) * ASTERISK-29259 - channel: Allow text+video media streams, again. (Reported by Alexander Traud) * ASTERISK-29258 - chan_sip: Audio stream rejected, Other stream present: Invalid SDP. (Reported by Alexander Traud) * ASTERISK-29220 - After T38 reinvite response of 488 a subsequent G711 reinvite is not processed correctly. Instead the previous T38 session media is used (Reported by Robert Cripps) * ASTERISK-29248 - res_pjsip_session: res sometimes uninitialized reported by compiler Clang. (Reported by Alexander Traud) Improvements made in this release: ----------------------------------- * ASTERISK-29321 - sorcery: Add support for more intelligent reloading. (Reported by Joshua C. Colp) * ASTERISK-29325 - res_pjsip_registrar: Include source IP address and port in log messages (Reported by Joshua C. Colp) * ASTERISK-29326 - asterisk: Update copyright/company (Reported by Joshua C. Colp) * ASTERISK-29244 - Add MixMonitorStart / Stop / Mute AMI events (Reported by Sébastien Duthil) * ASTERISK-29275 - Support of MIME-type for wav16 (Reported by Boris P. Korzun) * ASTERISK-29252 - TRANSFERSTATUSPROTOCOL variable to report Transfer (REFER) failure SIP code (Reported by Dan Cropp) * ASTERISK-29262 - Support of various URL-schemes by MoH (Reported by Boris P. Korzun)
asterisk16: Fix segfaut under NetBSD/aarch64 9.99.80. Bump PKGREVISION The problem is reported by Markus Kilbinger on port-arm mailing list.
asterisk16: Update to 16.16.0 Changelog: The following issues are resolved in this release: Security bugs fixed in this release: * [ASTERISK-29219] res_pjsip_diversion: Crash if Tel URI contains History-Info (Reported by Torrey Searle) Bugs fixed in this release: * [ASTERISK-29229] Stasis/messaging: text messages not dispatched to all subscribers when using generic subscription (Reported by Jean Aunis Prescom) * [ASTERISK-29238] chan_sip: SDP: Offers without any enabled stream are accepted. (Reported by Alexander Traud) * [ASTERISK-29237] chan_sip: SDP: m=video is parsed even when disabled. (Reported by Alexander Traud) * [ASTERISK-29222] chan_sip: Hold/Resume an sRTP call on a video enabled user-agent. (Reported by Alexander Traud) * [ASTERISK-29240] chan_pjsip: Incoming PJSIP calls set global SIPDOMAIN instead of a channel variable (Reported by Ivan Poddubny) * [ASTERISK-27902] chan_pjsip isnt updating hangupcause on 4XX responses (Reported by George Joseph) * [ASTERISK-28016] PJSIP sends duplicate 183 Progress responses (Reported by Alex Hermann) * [ASTERISK-28185] chan_pjsip: Subsequent same responses are not stopped (Reported by Julien) * [ASTERISK-29230] pjsip: Asterisk goes crazy and massively spams logfile if registration cant be send (Reported by Michael Maier) * [ASTERISK-29231] pjsip: SIGSEGV in CLI if no trunk is registered (Reported by Michael Maier) * [ASTERISK-29217] LOCK() can grant the same lock to multiple channels spuriously (Reported by Jaco Kroon) * [ASTERISK-29201] Crash occurs when Transfer and execute Hangup before the Transfer result (Reported by Dan Cropp) * [ASTERISK-28947] Segmentation fault in mixmonitor_ds_destroy (Reported by Robert Sutton) * [ASTERISK-29191] tel: URI in Diversion header causes crash (Reported by Mikhail Ivanov) * [ASTERISK-28883] Spyee information ist missing in ChanSpyStop AMI Event (Reported by Hendrik Wedhorn) * [ASTERISK-29188] null media causing the Asterisk crash (Reported by sungtae kim) * [ASTERISK-29209] Debug messages printed by scope trace might be missing newlines (Reported by Alexander Traud) * [ASTERISK-29024] pjsip: Route Header in Cancel request incorrectly set (Reported by Flole Systems) * [ASTERISK-29211] res_musiconhold: Segfault on realtime music on hold without entries (Reported by Nathan Bruning) * [ASTERISK-29022] Crash when manipulating PJSIP invite dlg ref counts (Reported by Sean Bright) * [ASTERISK-29173] Media cache URL requests allow infinite redirects (Reported by Sean Bright) * [ASTERISK-29175] res_pjsip_stir_shaken: Fix module description (Reported by Stanislav Abramenkov) * [ASTERISK-29148] AST_MODULE_INFO no, MODULEINFO depend (Reported by Alexander Traud) * [ASTERISK-28798] chan_sip: TCP/TLS client without server. (Reported by Alexander Traud) * [ASTERISK-29165] res_pjsip: malformed header Accept-Encoding in OPTIONS response (Reported by Alexander Greiner-Baer) * [ASTERISK-29161] Incorrect setup of recall channels (Reported by Boris P. Korzun) * [ASTERISK-29155] app_queue: Deadlock between queues container and individual queues (Reported by George Joseph) Improvements made in this release: * [ASTERISK-28549] Two repeated 183 (Reported by Gant Liu) * [ASTERISK-29216] contrib: systemd asterisk service for centos8 or other newer linux versions (Reported by Mark Petersen) * [ASTERISK-29143] res_http_media_cache: HTTP media cache stored hardcoded in /tmp (Reported by laszlovl) * [ASTERISK-29118] VoiceMail() should have an option to play greetings as Early Media (Reported by Juan Carlos Castro y Castro)
asterisk16: Update to 16.15.1 upstream changes: security fixes and bug fixes
asterisk16: Avoid using -march=native, it breaks binary packages. Also avoid passing crazy optimization and debug flags in general, just honor the user's CFLAGS.
asterisk16: Update to 16.15.0 Upstream changes: bugfixes minor improvements STIR/SHAKEN support
Revbump packages with a runtime Python dep but no version prefix. For the Python 3.8 default switch.
*: Recursive revbump from textproc/icu-68.1
*: bump PKGREVISION for perl-5.32.
*: revbump after fontconfig bl3 changes (libuuid removal)
asterisk16: Update to 16.12.0 Changelog: Bugs fixed in this release: ----------------------------------- [ASTERISK-28878] - chan_pjsip: PJSIP_MEDIA_OFFER Broken asterisk 16 (Reported by Joseph Ades) [ASTERISK-28965] - res_pjsip: Apply outbound proxy to static contacts on AOR (Reported by Joshua C. Colp) [ASTERISK-28930] - ./configure --without-ssl build failure (Reported by Jaco Kroon) [ASTERISK-28886] - chan_pjsip: PJSIP_SC_NULL does not exist in pjproject 2.7.2 (Reported by Jared Smith) [ASTERISK-28957] - chan_sip: chan_sip does not process 400 response to an INVITE. (Reported by Frederic LE FOLL) [ASTERISK-28888] - res_corosync: causes asterisk crash in huge distributed environment. (Reported by Università di Bologna - CESIA VoIP) [ASTERISK-28955] - "setvar" doesn't work properly in dahdi-channels.conf (Reported by Marin Odrljin) [ASTERISK-28954] - StreamEcho() only returns 1 active stream (Reported by Bill Kervaski) [ASTERISK-28942] - res_sorcery_memory_cache: Individual object expiration behaves unexpectedly with full backend caching (Reported by Joshua C. Colp) [ASTERISK-28953] - res_pjsip_session: Preserve stream label (Reported by Joshua C. Colp) [ASTERISK-28952] - Queue wrapuptime sometimes not respected (based on stale lastcall time) (Reported by Walter Doekes) [ASTERISK-28950] - Stale code in app_queue to check untouched channel (Reported by Walter Doekes) [ASTERISK-28644] - Stale comment in app_queue about ring_entry exception (Reported by Walter Doekes) [ASTERISK-28948] - ARI channel create doesn't referencing the channel_id parameter (Reported by sungtae kim) [ASTERISK-28938] - core_unreal / core_local: Add support for multistream and re-negotiation (Reported by Joshua C. Colp) [ASTERISK-28939] - res_rtp_asterisk: Don't have send/receive buffers on non-WebRTC (Reported by Joshua C. Colp) [ASTERISK-28944] - bridge_softmix: Transitioning a stream from inactive -> sendrecv/sendonly doesn't re-negotiation (Reported by Joshua C. Colp) [ASTERISK-28923] - T.38 Segfaults in chan_pjsip_queryoption (Reported by Yury Kirsanov) [ASTERISK-28940] - /channels/create doesn't get any parameters from the body (Reported by sungtae kim) [ASTERISK-28936] - res_pjsip: crash when dialing non-sip uri (Reported by Walter Doekes) [ASTERISK-28900] - res_fax: Double frame free when gateway in use with off-nominal format usage (Reported by Gregory Massel) [ASTERISK-28929] - pjproject_bundled: Honor --without-pjproject. (Reported by Alexander Traud) [ASTERISK-28932] - res_pjsip_logger writing too big packets (Reported by nappsoft) [ASTERISK-28921] - Wrong return value check for fwrite when writing to pcap file (Reported by nappsoft) Improvements made in this release: ----------------------------------- [ASTERISK-28959] - res_pjsip: Added option for disable rport parameter set (Reported by sungtae kim) [ASTERISK-28958] - Continue reading string when ping received by websocket (Reported by Nickolay V. Shmyrev) [ASTERISK-28945] - AMI SendText - add Content-Type parameter (Reported by Kevin Harwell) [ASTERISK-28949] - res_http_websocket: Add masking to websocket client (Reported by Moises Silva) [ASTERISK-28899] - Upgrade Asterisk to bundled pjproject 2.10 (Reported by Kevin Harwell)
asterisk16: Update to 16.11.0 Changelog: Bugs fixed in this release: ----------------------------------- [ASTERISK-28940] - /channels/create doesn't get any parameters from the body (Reported by sungtae kim) [ASTERISK-28932] - res_pjsip_logger writing too big packets (Reported by nappsoft) [ASTERISK-28921] - Wrong return value check for fwrite when writing to pcap file (Reported by nappsoft) [ASTERISK-28794] - res_pjsip: Crash when escaping during URI printing (Reported by nappsoft) [ASTERISK-28884] - x-ast-orig-host not filtered out from request URI and To header (Reported by nappsoft) [ASTERISK-28871] - res_pjsip_session: Unnecessary re-Invite on call answer (Reported by Alexei Gradinari) [ASTERISK-28903] - res_srtp: Answered Crypto Suite might be wrong in SDP/SDES. (Reported by Alexander Traud) [ASTERISK-28898] - bridge_softmix: Conference bridge not passing silent rtp packets (Reported by Jonathan Hunter) [ASTERISK-28892] - res_musiconhold: Module res_musiconhold throws false warning (Reported by Nicholas John Koch) [ASTERISK-28904] - RTP ICE leaks the memory (Reported by sungtae kim) [ASTERISK-26780] - res_pjsip: PJSIP Registration Fails when transport=transport-udp6 (Reported by Peter Sokolov) [ASTERISK-28854] - SIGSEGV when pjsip show history encounters IPV6 address (Reported by Roger James) [ASTERISK-28804] - [patch] app_osplookup.c: Avoid a format truncation. (Reported by Alexander Traud) [ASTERISK-28797] - [patch] tcptls: Fix notice when TLS is enabled but not configured. (Reported by Alexander Traud) [ASTERISK-28776] - Non async-signal-safe syscalls used after fork before exec (Reported by nappsoft) [ASTERISK-28870] - streams: One memory leak and one issue cloning streams (Reported by George Joseph) [ASTERISK-28829] - app_queue: leaking stasis subscription when Redirecting call (Reported by lvl) [ASTERISK-25844] - app_queue: Ghost channels in "core show channels" output (Reported by Etienne Lessard) [ASTERISK-22920] - Crash while Forwarding from TLS extension with CHANNEL args secure_bridge_media and secure_bridge_signaling (Reported by Shlomi Gutman) [ASTERISK-28859] - pjsip: Increase maximum candidate count (Reported by Joshua C. Colp) [ASTERISK-28852] - Unprotected access to nochecksums variable, causes build failures (Reported by Guido Falsi) [ASTERISK-28848] - app_fax: Compile. (Reported by Alexander Traud) Improvements made in this release: ----------------------------------- [ASTERISK-28895] - res_pjsip_logger: Add tons'o'functionality (Reported by Joshua C. Colp) [ASTERISK-28896] - ari: Add support for specifying variables on channel create (Reported by Joshua C. Colp) [ASTERISK-28879] - pjproject has race conditions in it's build system (Reported by Guido Falsi) [ASTERISK-28866] - third-party/pjproject/configure.m4 contains bashisms (Reported by Guido Falsi) [ASTERISK-28853] - Missing include on FreeBSD (Reported by Guido Falsi) [ASTERISK-28832] - chan_mobile creates PCMA streams that make some VoIP clients crash or not render received audio (Reported by Peter Turczak)
Revbump for icu
revbump after updating security/nettle
revbump after boost update
asterisk16: Update to 16.10.0 Changelog: 16.10.0: New Features made in this release: ----------------------------------- [ASTERISK-6863] - [patch] allow Asterisk to set high ToS bits as non-root on Linux (Reported by Matt Addison) Bugs fixed in this release: ----------------------------------- [ASTERISK-28852] - Unprotected access to nochecksums variable, causes build failures (Reported by Guido Falsi) [ASTERISK-28846] - stream: Enforce formats immutability (Reported by Joshua C. Colp) [ASTERISK-28847] - ARI channels cuts the endpoint string over 80 characters (Reported by sungtae kim) [ASTERISK-28811] - Crash occurs when fax session switches from T.38 to audio (Reported by Alexey Vasilyev) [ASTERISK-28839] - Sporadic crashes with Segmentation fault (Reported by Joeran Vinzens) [ASTERISK-28835] - IPv6 addresses in SDP incorrectly formatted (Reported by Daniel Heckl) [ASTERISK-28372] - Asterisk REPLY Wrong Contact header port (TCP) (Reported by Anton Satskiy) [ASTERISK-24428] - Document that Asterisk will use the default SIP ports (5060 for TCP, 5061 for TLS) if the extern option variants aren't used (Reported by sstream) [ASTERISK-28838] - AST_MODULE_INFO requires, MODULEINFO does not mention (Reported by Alexander Traud) [ASTERISK-28841] - app_confbridge: Add support for disabling text messaging for a user (Reported by Joshua C. Colp) [ASTERISK-28837] - pjproject_bundled: Honor --without-pjproject. (Reported by Alexander Traud) [ASTERISK-28827] - res_rtp_asterisk: Loop when receive buffer is flushed by a received packet that is also in receive buffer with NACK (Reported by nappsoft) [ASTERISK-27195] - chan_sip: only sets ToS bits on UDP socket, ignoring TCP and TLS sockets (Reported by Joshua Roys) [ASTERISK-28826] - res_rtp_asterisk: Duplicate seqnos being added to send buffer with NACK (Reported by nappsoft) [ASTERISK-28812] - First DTMF is not get (Reported by Bernard Merindol) [ASTERISK-28758] - pjsip startup errors when using "with-ssl" configure option (Reported by Patrick Wakano) [ASTERISK-28824] - BuildSystem: Search for Python/C API when possibly needed only. (Reported by Alexander Traud) [ASTERISK-27717] - [patch] BuildSystem: In NetBSD, the Python Programming Language is python-2.7. (Reported by Alexander Traud) [ASTERISK-28798] - [patch] chan_sip: TCP/TLS client without server. (Reported by Alexander Traud) [ASTERISK-28817] - chan_pjsip: constant DTMF tone if RTP is not setup yet (Reported by Kevin Harwell) [ASTERISK-28819] - [patch] bridge_softmix_binaural: Show state in menuselect. (Reported by Alexander Traud) [ASTERISK-28816] - [patch] BuildSystem: Remove doc/tex and doc/pdf leftovers. (Reported by Alexander Traud) [ASTERISK-28818] - [patch] BuildSystem: Allow space in path. (Reported by Alexander Traud) [ASTERISK-28796] - func_channel: cannot read fields exten, context, userfield, channame from dialplan (Reported by Sébastien Duthil) [ASTERISK-28809] - [patch] res_rtp_asterisk: Avoid absolute value on unsigned subtraction. (Reported by Alexander Traud) [ASTERISK-28803] - [patch] chan_unistim: Avoid tautological warnings with clang. (Reported by Alexander Traud) [ASTERISK-28808] - [patch] test_stasis: Avoid always true warning with clang. (Reported by Alexander Traud) [ASTERISK-28056] - res_pjsip: Incorrect endpoint status after endpoint synchronization for a specific AOR (Reported by Jason Hord) [ASTERISK-28795] - channel: write to a stream on multi-frame writes (Reported by Kevin Harwell) [ASTERISK-28789] - test_utils: incorrectly printing error 'declined to load' (Reported by Alexander Traud) [ASTERISK-28788] - func_aes: incorrectly printing error 'declined to load' (Reported by Alexander Traud) [ASTERISK-28790] - Crash during conference call using confbridge and video (Reported by Pascal Cadotte Michaud) [ASTERISK-16676] - DAHDIRAS fails to properly initiate pppd unless asterisk is running as root (Reported by Jaco Kroon) [ASTERISK-21205] - [patch] dundi_read_result crash due to negative number (Reported by Jaco Kroon) [ASTERISK-28784] - res_pjsip_sdp_rtp: Only do hold/unhold on first audio stream (Reported by Joshua C. Colp) [ASTERISK-28743] - Asterisk is crashing if the 200 OK with SDP (Reported by sungtae kim) [ASTERISK-28783] - res_pjsip_session: Allow default non-audio streams to have reflected state (Reported by Joshua C. Colp) [ASTERISK-28774] - chan_pjsip's rtptimeout is erroneously triggered during direct-media (native_rtp) bridge (Reported by Michael Neuhauser) [ASTERISK-20325] - Comments in configs/func_odbc.conf.sample are not consistent with examples. Missing examples. (Reported by Olivier Krief) [ASTERISK-28780] - app_mixmonitor: Memory leak due to race condition between AMI MixMonitor and hangup (Reported by Joshua C. Colp) [ASTERISK-28773] - Incorrect Sender SSRC in RTCP when p2p rtp bridge is active (Reported by Torrey Searle) [ASTERISK-28769] - DTLS Handshake Fails to Occur if ice_support is enabled but not used (Reported by Torrey Searle) [ASTERISK-28759] - A non negotiated rtp frame causes call disconnection when there is a SSRC change (Reported by Paulo Vicentini) [ASTERISK-26711] - func_enum: ENUM code wrong case (Reported by Vitold) [ASTERISK-23407] - Fix the FSF address in the headers of lots of pjproject files (Reported by Jared Smith) [ASTERISK-19460] - [patch] Function TXTCIDNAME never actually makes DNS calls and always returns an empty string (Reported by George Joseph) Improvements made in this release: ----------------------------------- [ASTERISK-28853] - Missing include on FreeBSD (Reported by Guido Falsi) [ASTERISK-28813] - func_volume: Allow decimal numbers as parameter to improve granularity (Reported by Jean Aunis - Prescom) [ASTERISK-27946] - dial (API): Storage of dialed target uses AST_MAX_EXTENSION when it shouldn't (Reported by Joshua Elson) [ASTERISK-28782] - Add support for Content-Disposition header in multi-part INVITES (Reported by Torrey Searle) [ASTERISK-28787] - res_pjsip_session: Decide more intelligently when to add video (Reported by Joshua C. Colp) 16.9.0: Bugs fixed in this release: ----------------------------------- [ASTERISK-28766] - PJSIP blind transfer not completed after using Proceeding() (Reported by lvl) [ASTERISK-28685] - check_expr2: linking (when hardening) and cross-compiling troubles (Reported by Sebastian Kemper) [ASTERISK-28764] - res_rtp_asterisk: Improve NACK support and seqno handling (Reported by Joshua C. Colp) [ASTERISK-28755] - SIP/Stasis: SIP headers not transmitted in the "variables" field (Reported by Jean Aunis - Prescom) [ASTERISK-28754] - ASTERISK-28738 Causes Audio Issue After Hold (Reported by Ross Beer) [ASTERISK-28697] - res_pjsip: Named ACL does not update on reload if changed (Reported by Timothy Vanderaerden) [ASTERISK-28746] - res_pjsip_outbound_registration keeps retrying the first entry in a SRV record set (Reported by George Joseph) [ASTERISK-28716] - ICE: pjnath shouldn't wait for ICE to complete before allowing sending (Reported by Benjamin Keith Ford) [ASTERISK-28738] - Incorrect state machine used when MOH_PASSTHRU is used (Reported by Torrey Searle) [ASTERISK-28742] - res_rtp_asterisk: static for audio due to incomplete dtls/srtp setup (Reported by Kevin Harwell) [ASTERISK-28735] - Realtime MoH Unknown format '' -- defaulting to SLIN (Reported by Ross Beer) [ASTERISK-28730] - res_pjsip_session: Fix out of order session refreshes (Reported by Joshua C. Colp) [ASTERISK-28718] - chan_sip: Returns 403 if RTP ports are depleted, should return 503 (Reported by Walter Doekes) [ASTERISK-28719] - Cannot remove defaultrule from queue using realtime queues (Reported by EDV O-TON) [ASTERISK-28713] - res_stasis_playback: Error building JSON (Reported by Sébastien Duthil) [ASTERISK-28714] - REGRESSION: Feature subscription_persistence_recreate (ASTERISK-27759) Causes Segfaults (Reported by Ross Beer) [ASTERISK-26082] - res_pjsip_messaging: MessageSend Content-Type can't be changed (Reported by Alex) [ASTERISK-28423] - ARI causes STASIS Deadlock (Reported by Ross Beer) [ASTERISK-28679] - stasis application is destroyed after its creation (Reported by Francois Blackburn) [ASTERISK-25421] - PJSIP. MESSAGE_SEND_STATUS set to SUCCESS in spite of the error when sending (Reported by Dmitriy Serov) [ASTERISK-28686] - chan_sip strictrtp=yes fails when media source is changed: no audio (Reported by Walter Doekes) [ASTERISK-28139] - RTP Stream Incorrect Payload Type Causes Asterisk To Drop Calls (Reported by Paul Brooks) [ASTERISK-26955] - pjsip: SIP Packets with Via "received=" Containing IPv6 Address Delimited by "[]" Rejected (Reported by Peter Sokolov) Improvements made in this release: ----------------------------------- [ASTERISK-28750] - TLS/SSL Key too small error (Reported by Martin Zeh) [ASTERISK-28733] - stream: Add support for adding/removing streams during SFU/calls (Reported by Joshua C. Colp) [ASTERISK-24798] - Documentation - Clarify That Format Is Set By File Name Extension In MixMonitor (Reported by xrobau) [ASTERISK-28726] - install_prereq script uses the interactive mode when installing aptitude (Reported by Sylvain Afchain) 16.8.0: New Features made in this release: ----------------------------------- [ASTERISK-17491] - CURLOPT() needs a "followlocation" parameter / "maxredirs" doesn't do anything (Reported by candrews) [ASTERISK-28639] - res_pjsip_endpoint_identifier_ip: Add ability to match on source port (Reported by Sean Bright) Bugs fixed in this release: ----------------------------------- [ASTERISK-28679] - stasis application is destroyed after its creation (Reported by Francois Blackburn) [ASTERISK-28423] - ARI causes STASIS Deadlock (Reported by Ross Beer) [ASTERISK-28714] - REGRESSION: Feature subscription_persistence_recreate (ASTERISK-27759) Causes Segfaults (Reported by Ross Beer) [ASTERISK-28677] - CDR billsec is always 0 for transferred calls (Reported by Maciej Michno) [ASTERISK-28702] - chan_dahdi: holding a channel via flash to dialtone times out after 0:16:40 (Reported by Andrew Siplas) [ASTERISK-28706] - silk 24hHz doesn't show up in 'core show translation' output (Reported by Sean Bright) [ASTERISK-24484] - Update documentation for statsd module - usage requirements unclear (Reported by Dan Jenkins) [ASTERISK-28695] - core: minmemfree watermark uses free RAM, not available RAM (Reported by Kevin Flyn) [ASTERISK-28693] - chan_sip: SIP MESSAGE beginning with a whitespace appears empty in the dialplan (Reported by Frank Matano) [ASTERISK-23739] - [patch]Segfault forwarding voicemail with ODBC storage enabled and realtime voicemail_data is used (Reported by Stas Kobzar) [ASTERISK-27622] - empty voicemail.conf required for ARA (realtime) voicemail to leave message (Reported by Jim Van Meggelen) [ASTERISK-28349] - Pause reason not reported in QueueMember AMI event (Reported by Niksa Baldun) [ASTERISK-21794] - CLI command 'realtime update2' syntax failure when using according to usage help (Reported by Cedric BASSAGET) [ASTERISK-25429] - res_pjsip_endpoint_identifier_ip: Document support for hostnames (Reported by Joshua C. Colp) [ASTERISK-27775] - res_pjsip_notify: Multiple Event headers can be present instead of just one (Reported by AvayaXAsterisk) [ASTERISK-28682] - app_record: Lack of `beep` audio file causes application to return error and hangup (Reported by Corey Farrell) [ASTERISK-28507] - Wiki docs missing for MessageWaiting (Reported by David M. Lee) [ASTERISK-27759] - res_pjsip_pubsub: Subscription persistence does not preserve XML version number (Reported by Bryan Nelson) [ASTERISK-28605] - chan_dahdi: Deadlock in Hangup Scenarios with concurrent command pri show span X (Reported by Dirk Wendland) [ASTERISK-28633] - stasis bridge topic leak (Reported by Joeran Vinzens) [ASTERISK-28492] - pjsip reload not reloading wizard endpoint/pickup_group endpoint/call_group (Reported by Jean-Denis Girard) [ASTERISK-28562] - SIP WSS message not processed until next frame arrives (Reported by Robert Sutton) [ASTERISK-27243] - contrib: valgrind.supp doesn't suppress what it's supposed to due to invalid syntax (Reported by Richard Kenner) [ASTERISK-28497] - func_odbc: truncating Unicode string on readsql (Reported by Boris P. Korzun) [ASTERISK-28647] - chan_sip: RTP frames not transmitted after emitting a COLP (Reported by Jean Aunis - Prescom) [ASTERISK-28667] - Asterisk ignores parsing of config files if a Byte order mark is present (Reported by Robin Leffmann) [ASTERISK-28664] - "trustrpid" is misspelled in sip_to_pjsip.py (Reported by Pascal Cadotte Michaud) [ASTERISK-28604] - app_meetme, chan_ooh323 and cdr_mysql don't build on 17.0.0 (Reported by George Joseph) [ASTERISK-28659] - res_pjsip_sdp_rtp: Bundle includes non-existent media stream if codecs create additional streams and offer does not have them (Reported by nappsoft) [ASTERISK-28660] - res_fax: wrap Asterisk initiated negotiation with config option (Reported by Kevin Harwell) [ASTERISK-28636] - app_chanisavail+cdr: ChanIsAvail sometimes fails to deactivate CDR. (Reported by Frederic LE FOLL) [ASTERISK-28626] - Missing arguments in PJSIP_CONTACT function documentation (Reported by Pascal Cadotte Michaud) [ASTERISK-28609] - Memory Leak in res_rtp_asterisk.c (Reported by Ted G) [ASTERISK-28651] - chan_sip logs errors on tx to non-existent TCP connections (Reported by Jaco Kroon) [ASTERISK-28502] - chan_pjsip incorrectly re-writes REGISTER 200 Response Contact (Reported by Ross Beer) [ASTERISK-28625] - Playback of local files impacted by large media cache (Reported by Kevin Reeves) Improvements made in this release: ----------------------------------- [ASTERISK-28710] - Should be able to disable the /httpstatus URI in the built-in HTTP server (Reported by Sean Bright) [ASTERISK-28638] - Simplify dialplan for Dial, Page, and ChanIsAvail (Reported by cmaj) [ASTERISK-28673] - GET FULL VARIABLE documentation clarification (Reported by Jonathan Harris) [ASTERISK-28658] - app_confbridge: Add support for setting maximum sample rate (Reported by Joshua C. Colp)
Recursive revision bump after textproc/icu update
asterisk16: fix L§inux packaging issues
asterisk16: configure asks for -ledit. Comply.
librsvg: update bl3.mk to remove libcroco in rust case recursive bump for the dependency change
*: recursive bump for libffi
comms/asterisk16: Check for clang correctly (This is a simple pkglint autofix, testing for clang being in PKGSRC_COMPILER, rather than equal to, avoiding failure with ccache/distcc.)
all: migrate homepages from http to https pkglint -r --network --only "migrate" As a side-effect of migrating the homepages, pkglint also fixed a few indentations in unrelated lines. These and the new homepages have been checked manually.
*: Recursive revision bump for openssl 1.1.1.
*: Recursive revbump from devel/boost-libs
asterisk16: Update to 16.7.0 Changelog: 16.7.0 Security bugs fixed in this release: ----------------------------------- [ASTERISK-28589] - chan_sip: Depending on configuration an INVITE can alter Addr of a peer (Reported by Andrey V. T.) [ASTERISK-28580] - Bypass SYSTEM write permission in manager action allows system commands execution (Reported by Eliel Sardañons) Improvements made in this release: ----------------------------------- [ASTERISK-28602] - res_pjsip_outbound_registration: Maximum retries reached (Reported by Daniel) [ASTERISK-28586] - Typo in README-SERIOUSLY.bestpractices.md (Reported by Sam Banks) [ASTERISK-22192] - [patch] Allow voicemail forwards with ODBC backend when format differs from attachfmt column (Reported by cmaj) [ASTERISK-28567] - Problem with ASTERISK-20207: Asterisk should clear out any .lock files in the voice mail directory on startup. (Reported by Michael) [ASTERISK-28542] - [patch] add the ability for asterisk to generate on-hold re-invites (Reported by Torrey Searle) [ASTERISK-28512] - Add pass-through support for H.265 (HEVC) codec (Reported by Florian Floimair) Bugs fixed in this release: ----------------------------------- [ASTERISK-28609] - Memory Leak in res_rtp_asterisk.c (Reported by Ted G) [ASTERISK-28604] - app_meetme, chan_ooh323 and cdr_mysql don't build on 17.0.0 (Reported by George Joseph) [ASTERISK-28659] - res_pjsip_sdp_rtp: Bundle includes non-existent media stream if codecs create additional streams and offer does not have them (Reported by nappsoft) [ASTERISK-28641] - res_pjsip Segfaults when realtime configuration to an AOR points to a not existent AOR (Reported by Ross Beer) [ASTERISK-28644] - Stale comment in app_queue about ring_entry exception (Reported by Walter Doekes) [ASTERISK-28445] - res_pjsip_session: ast_json_vpack: Invalid UTF-8 string on hangup when TEST_FRAMEWORK enabled (Reported by Bernhard Schmidt) [ASTERISK-28637] - chan_sip+native_bridge_rtp: directmedia compatibility check failure when negociated ptime is not default ptime. (Reported by Frederic LE FOLL) [ASTERISK-28631] - res_parking: Doesn't park when parkee and parker are the same (Reported by Ross Beer) [ASTERISK-28621] - Enforce T.38 error correction mode at 200 ok received (Reported by Salah Ahmed) [ASTERISK-28624] - res_pjsip_outbound_registration: add SRV failover (Reported by Kevin Harwell) [ASTERISK-28608] - app_amd: Use time calculation to calculate timeout (Reported by Michael Cargile) [ASTERISK-28615] - chan_dahdi: PRI span status may stay "Down, Active" after a short alarm (Reported by Frederic LE FOLL) [ASTERISK-28576] - res_rtp_asterisk: ICE Completion Crash when sent packet length doesn't match (Reported by Joshua Elson) [ASTERISK-26481] - FILE function grabs garbage along with read data when target line has no newline (Reported by Jonathan Harris) [ASTERISK-28618] - bridge_softmix: hold not cleared when joining a softmix bridge (Reported by Kevin Harwell) [ASTERISK-28616] - parking: Deadlock when multi call parking (Reported by Joshua C. Colp) [ASTERISK-28423] - ARI causes STASIS Deadlock (Reported by Ross Beer) [ASTERISK-28572] - Memory leaks in res_calendar_exchange and res_calendar_icalendar (Reported by Yoooooo Ha) [ASTERISK-28585] - ari/resource_events: Crash in event session cleanup (Reported by Kevin Harwell) [ASTERISK-28590] - utils.c throws repeated warnings; "pthread_attr_setstacksize: Invalid argument" (Reported by Speed Dial Dave) [ASTERISK-28578] - race condition on pjsip channelstats command (Reported by Salah Ahmed) [ASTERISK-28571] - cdr_pgsql: accesses obsolete (and finally removed) column (Reported by Christoph Moench-Tegeder) [ASTERISK-28575] - MWI Send Notify Crash on 16.6 (Reported by Joshua Elson) [ASTERISK-28574] - pjproject fails to build on 16.6.0, works on 16.5 (Reported by Niklas Larsson) [ASTERISK-28561] - Asterisk Deadlocks (Reported by Aheliotech) [ASTERISK-28552] - res_pjsip_mwi: Frack during unload on unsolicited_mwi container (Reported by Kevin Harwell) [ASTERISK-28566] - CDR backend unload problem during active call(s) (Reported by Marian Piater) [ASTERISK-28553] - stasis.c: Crash during unload (Reported by Kevin Harwell) [ASTERISK-28086] - chan_pjsip: Crash when initiating PlayDTMF over AMI (Reported by Jeremiah Gadd) [ASTERISK-28544] - Wrong contact representation in ipv6 mode (Reported by Jørgen H) [ASTERISK-28534] - Segmentation fault when there is no priority for an extension (Reported by Timothy Vanderaerden) [ASTERISK-28463] - res_pjsip_path: Crash when invalid contact is configured (Reported by Juan Martin) [ASTERISK-28521] - pjsip: Memory Leak (Reported by Mark) [ASTERISK-28523] - Asterisk 16.5.0 Memory leak (Reported by Cyril Ramière) [ASTERISK-28538] - chan_pjsip: Deadlock on fax detection (Reported by Joshua C. Colp) [ASTERISK-28536] - Asterisk release candidates fail to build on FreeBSD (Reported by Guido Falsi) [ASTERISK-23756] - setvar directive when used in template and a child of said template, results in duplicate variable names (Reported by Michael Goryainov) New Features made in this release: ----------------------------------- [ASTERISK-28614] - app_senddtmf: Allow "receiving" DTMF with PlayDTMF instead of only "sending" (Reported by lvl) [ASTERISK-28613] - func_curl: CURLOPT cannot set Content-Type header (Reported by Martin Tomec) [ASTERISK-28553] - stasis.c: Crash during unload (Reported by Kevin Harwell) [ASTERISK-28086] - chan_pjsip: Crash when initiating PlayDTMF over AMI (Reported by Jeremiah Gadd) [ASTERISK-28544] - Wrong contact representation in ipv6 mode (Reported by Jørgen H) [ASTERISK-28534] - Segmentation fault when there is no priority for an extension (Reported by Timothy Vanderaerden) [ASTERISK-28463] - res_pjsip_path: Crash when invalid contact is configured (Reported by Juan Martin) [ASTERISK-28521] - pjsip: Memory Leak (Reported by Mark) [ASTERISK-28523] - Asterisk 16.5.0 Memory leak (Reported by Cyril Ramière) [ASTERISK-28538] - chan_pjsip: Deadlock on fax detection (Reported by Joshua C. Colp) [ASTERISK-28536] - Asterisk release candidates fail to build on FreeBSD (Reported by Guido Falsi) [ASTERISK-23756] - setvar directive when used in template and a child of said template, results in duplicate variable names (Reported by Michael Goryainov) New Features made in this release: ----------------------------------- [ASTERISK-28614] - app_senddtmf: Allow "receiving" DTMF with PlayDTMF instead of only "sending" (Reported by lvl) [ASTERISK-28613] - func_curl: CURLOPT cannot set Content-Type header (Reported by Martin Tomec) [ASTERISK-28533] - func_jitterbuffer: Add support for video synchronization (Reported by Joshua C. Colp) 16.6.0 Security bugs fixed in this release: ----------------------------------- [ASTERISK-28495] - res_pjsip_t38: 200 OK with SDP answer with declined stream causes crash (Reported by Alexei Gradinari) Bugs fixed in this release: ----------------------------------- [ASTERISK-28521] - pjsip: Memory Leak (Reported by Mark) [ASTERISK-28523] - Asterisk 16.5.0 Memory leak (Reported by Cyril Ramière) [ASTERISK-28538] - chan_pjsip: Deadlock on fax detection (Reported by Joshua C. Colp) [ASTERISK-28536] - Asterisk release candidates fail to build on FreeBSD (Reported by Guido Falsi) [ASTERISK-28511] - codec_resample: Bad sound quality when up sampling from SLIN16 to SLIN32 (Reported by Ruddy G) [ASTERISK-28525] - chan_dahdi: set CHANNEL(hangupsource) when a PRI channel hangs up (Reported by Frederic LE FOLL) [ASTERISK-28527] - ChanIsAvail() creates a CDR if unanswered=yes is set in cdr.conf (Reported by Frederic LE FOLL) [ASTERISK-28499] - translate: Crash when frame does not have a "src" field set (Reported by Gregory Massel) [ASTERISK-25592] - chan_unistim: Clang Warning: variable sized type not at end of a struct (Reported by Alexander Traud) [ASTERISK-28488] - pjsip mwi: n+1 sip notify's sent on re-register (Reported by Chris Savinovich) [ASTERISK-28509] - PJSIP cnonce generated on Linux contains 36 characters, NEC only supports up to 32 characters (Reported by Dan Cropp) [ASTERISK-28505] - app_voicemail/IMAP: segfault in leave_voicemail because not checking mailstream (Reported by Alexei Gradinari) [ASTERISK-28487] - compile menuselect on gentoo (Reported by Kilburn) [ASTERISK-28472] - Asterisk occasionally passes a NULL as srtp->session to srtp_protect/unprotect causing SEGV (Reported by Jonas Swiatek) [ASTERISK-28498] - cel / cdr: Event times may be incorrect (Reported by Joshua C. Colp) [ASTERISK-28480] - json integer overflow in ssrc and timestamp (Reported by Salah Ahmed) [ASTERISK-28228] - res_pjsip: pjsip show contacts prints double entries (Reported by Ian Jones) [ASTERISK-28483] - packet lost on UDPTL wrap around (Reported by Torrey Searle) [ASTERISK-28477] - Crash when not specifying "dbfile" in res_config_sqlite3.conf (Reported by Dennis) [ASTERISK-28478] - Crash performing "core reload" with modified res_config_sqlite3.conf (Reported by Dennis) [ASTERISK-26968] - chan_pjsip: Transfer() does not result in TRANSFERSTATUS reflecting SIP response to transfer (Reported by Dan Cropp) [ASTERISK-28282] - AST_SCHED_REPLACE_UNREF causes wait-on-self deadlocks (in chan_sip) (Reported by Walter Doekes) New Features made in this release: ----------------------------------- [ASTERISK-17808] - [patch] Unregister a realtime moh class (Reported by Byron Clark) [ASTERISK-28489] - Channel variable SIPFROMDOMAIN for chan_pjsip to setup From header URI domain (Reported by Stas Kobzar)
Look into ${PREFIX}/lib when checking for libBlocksRuntime.
comms/asterisk16: Fix compiler check via pkglint AUTOFIX: Makefile:290: Replacing "${PKGSRC_COMPILER} == \"clang\"" with "${PKGSRC_COMPILER:Mclang}". The PKGSRC_COMPILER can be a list of chained compilers, e.g. "ccache distcc clang". Therefore, comparing it using == or != leads to wrong results in these cases.
comms: align variable assignments pkglint -Wall -F --only aligned --only indent -r Manually adjusted the indentation in asterisk15 and asterisk16 to avoid too deep indentation.
Recursive revbump from boost-1.71.0
Fix build on NetBSD 8
comms/asterisk16: import asterisk-16.5.0 Asterisk is a complete PBX in software. It provides all of the features you would expect from a PBX and more. Asterisk does voice over IP in three protocols, and can interoperate with almost all standards-based telephony equipment using relatively inexpensive hardware. Asterisk provides Voicemail services with Directory, Call Conferencing, Interactive Voice Response, Call Queuing. It has support for three-way calling, caller ID services, ADSI, SIP and H.323 (as both client and gateway).
Remove Asterisk 1.6. This version series went end-of-line on April 21st, 2012. It most likely has multiple security issues. By this point, all users of this package should have migrated to comms/asterisk18 or comms/asterisk10 as this version has been marked as being deprecated for some time now. Note that this directory is likely to re-appear in late 2017 when Asterisk 16 comes out, assuming the current schedule is followed. However that will be a vastly different version as Asterisk 11 is only in the RC stage now (i.e. it will be five major versions after the one that is expected to be released later this year).
comms/asterisk16: Mark NOT-FOR-DRAGONFLY This package has not been patched for DragonFly. There are two newer packages, asterisk10 and asterisk18 According to commit messages, this package will be removed in "not too distant future" due to being EOL.
Recursive PKGREVISION bump for libxml2 buildlink addition.
Don't override optimizer settings with absurd levels. Fix inline definitions to work with C99 compiler.
Update to Asterisk 1.6.2.24. This fixes AST-2012-004 and AST-2012-005. The 1.6.2 series went End of Life on April 21st 2012, so this was the last update. This package will be deleted in the not too distnat future. The Asterisk Development Team has announced security releases for Asterisk 1.6.2 , 1.8, and 10. The available security releases are released as versions 1.6.2.24, 1.8.11.1, and 10.3.1. The release of Asterisk 1.6.2.24, 1.8.11.1, and 10.3.1 resolve the following two issues: * A permission escalation vulnerability in Asterisk Manager Interface. This would potentially allow remote authenticated users the ability to execute commands on the system shell with the privileges of the user running the Asterisk application. * A heap overflow vulnerability in the Skinny Channel driver. The keypad button message event failed to check the length of a fixed length buffer before appending a received digit to the end of that buffer. A remote authenticated user could send sufficient keypad button message events that th e buffer would be overrun. These issues and their resolution are described in the security advisories. For more information about the details of these vulnerabilities, please read security advisories AST-2012-004, AST-2012-005, and AST-2012-006, which were released at the same time as this announcement. For a full list of changes in the current releases, please see the ChangeLogs: http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.24 The security advisories are available at: * http://downloads.asterisk.org/pub/security/AST-2012-004.pdf * http://downloads.asterisk.org/pub/security/AST-2012-005.pdf Thank you for your continued support of Asterisk!
Recursive bump from icu shlib major bumped to 49.
Update to 1.6.2.23: This is a security fix update. It fixes AST-2012-002. NOTE NOTE NOTE This is likely to be the last update to this package. This version of Asterisk will be EOLed on April 21st, 2012. It will probably be removed from pkgsrc not long after that. If you are still using this package, you should consider switching to comms/asterisk18, the Long Term Support version, or comms/asterisk10 in the near future. NOTE NOTE NOTE The Asterisk Development Team has announced security releases for Asterisk 1.4, 1.6.2, 1.8, and 10. The available security releases are released as versions 1.4.44, 1.6.2.23, 1.8.10.1, and 10.2.1. The release of Asterisk 1.4.44 and 1.6.2.23 resolve an issue wherein app_milliwatt can potentially overrun a buffer on the stack, causing Asterisk to crash. This does not have the potential for remote code execution. These issues and their resolution are described in the security advisory. For more information about the details of these vulnerabilities, please read the security advisories AST-2012-002 and AST-2012-003, which were released at the same time as this announcement. For a full list of changes in the current releases, please see the ChangeLogs: http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.23 The security advisories are available at: * http://downloads.asterisk.org/pub/security/AST-2012-002.pdf Thank you for your continued support of Asterisk!
Fix build on SunOS.
PR/35369 -- David Wetzel -- add support for speex codec (enabled by default)
Update to Asterisk 1.6.2.22: The release of Asterisk 1.6.2.22 corrects two flaws in sip.conf.sample related to AST-2011-013: * The sample file listed *two* values for the 'nat' option as being the default. Only 'yes' is the default. * The warning about having differing 'nat' settings confusingly referred to both peers and users. For a full list of changes in this release, please see the ChangeLog: http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.22 Thank you for your continued support of Asterisk!
This update fixes AST-2011-013 and AST-2011-014. It also adapts to changes in the iLBC codec files. __________________________________________________________________ Asterisk Project Security Advisory - AST-2011-013 Product Asterisk Summary Possible remote enumeration of SIP endpoints with differing NAT settings Nature of Advisory Unauthorized data disclosure Susceptibility Remote unauthenticated sessions Severity Minor Exploits Known Yes Reported On 2011-07-18 Reported By Ben Williams Posted On Last Updated On December 7, 2011 Advisory Contact Terry Wilson <twilson at digium.com> CVE Name Description It is possible to enumerate SIP usernames when the general and user/peer NAT settings differ in whether to respond to the port a request is sent from or the port listed for responses in the Via header. In 1.4 and 1.6.2, this would mean if one setting was nat=yes or nat=route and the other was either nat=no or nat=never. In 1.8 and 10, this would mean when one was nat=force_rport or nat=yes and the other was nat=no or nat=comedia. Resolution Handling NAT for SIP over UDP requires the differing behavior introduced by these options. To lessen the frequency of unintended username disclosure, the default NAT setting was changed to always respond to the port from which we received the request-the most commonly used option. Warnings were added on startup to inform administrators of the risks of having a SIP peer configured with a different setting than that of the general setting. The documentation now strongly suggests that peers are no longer configured for NAT individually, but through the global setting in the "general" context. Affected Versions Product Release Series Asterisk Open Source All All versions Corrected In As this is more of an issue with SIP over UDP in general, there is no fix supplied other than documentation on how to avoid the problem. The default NAT setting has been changed to what we believe the most commonly used setting for the respective version in Asterisk 1.4.43, 1.6.2.21, and 1.8.7.2. Links Asterisk Project Security Advisories are posted at http://www.asterisk.org/security This document may be superseded by later versions; if so, the latest version will be posted at http://downloads.digium.com/pub/security/AST-2011-013.pdf and http://downloads.digium.com/pub/security/AST-2011-013.html Revision History Date Editor Revisions Made Asterisk Project Security Advisory - AST-2011-013 Copyright (c) 2011 Digium, Inc. All Rights Reserved. Permission is hereby granted to distribute and publish this advisory in its original, unaltered form. __________________________________________________________________ Asterisk Project Security Advisory - AST-2011-014 Product Asterisk Summary Remote crash possibility with SIP and the "automon" feature enabled Nature of Advisory Remote crash vulnerability in a feature that is disabled by default Susceptibility Remote unauthenticated sessions Severity Moderate Exploits Known Yes Reported On November 2, 2011 Reported By Kristijan Vrban Posted On 2011-11-03 Last Updated On December 7, 2011 Advisory Contact Terry Wilson <twilson at digium.com> CVE Name Description When the "automon" feature is enabled in features.conf, it is possible to send a sequence of SIP requests that cause Asterisk to dereference a NULL pointer and crash. Resolution Applying the referenced patches that check that the pointer is not NULL before accessing it will resolve the issue. The "automon" feature can be disabled in features.conf as a workaround. Affected Versions Product Release Series Asterisk Open Source 1.6.2.x All versions Asterisk Open Source 1.8.x All versions Corrected In Product Release Asterisk Open Source 1.6.2.21, 1.8.7.2 Patches Download URL Revision http://downloads.asterisk.org/pub/security/AST-2011-014-1.6.2.diff 1.6.2.20 http://downloads.asterisk.org/pub/security/AST-2011-014-1.8.diff 1.8.7.1 Links Asterisk Project Security Advisories are posted at http://www.asterisk.org/security This document may be superseded by later versions; if so, the latest version will be posted at http://downloads.digium.com/pub/security/AST-2011-014.pdf and http://downloads.digium.com/pub/security/AST-2011-014.html Revision History Date Editor Revisions Made Asterisk Project Security Advisory - AST-2011-014 Copyright (c) 2011 Digium, Inc. All Rights Reserved. Permission is hereby granted to distribute and publish this advisory in its original, unaltered form.
Now that -current has sqlite3 included in base, enable it here.
Bump PKGREVISION for perl update.
Update to 1.6.2.19 (fixes several security issues): Please note that Asterisk 1.6.2.19 is the final maintenance release from the 1.6.2 branch. Support for security related issues will continue until April 21, 2012. For more information about support of the various Asterisk branches, see https://wiki.asterisk.org/wiki/display/AST/Asterisk+Versions The release of Asterisk 1.6.2.19 resolves several issues reported by the community and would have not been possible without your participation. Thank you! The following is a sample of the issues resolved in this release: * Don't broadcast FullyBooted to every AMI connection The FullyBooted event should not be sent to every AMI connection every time someone connects via AMI. It should only be sent to the user who just connected. (Closes issue #18168. Reported, patched by FeyFre) * Fix thread blocking issue in the sip TCP/TLS implementation. (Closes issue #18497. Reported by vois. Tested by vois, rossbeer, kowalma, Freddi_Fonet. Patched by dvossel) * Don't delay DTMF in core bridge while listening for DTMF features. (Closes issue #15642, #16625. Reported by jasonshugart, sharvanek. Tested by globalnetinc, jde. Patched by oej, twilson) * Fix chan_local crashs in local_fixup() Thanks OEJ for tracking down the issue and submitting the patch. (Closes issue #19053. Reported, patched by oej) * Don't offer video to directmedia callee unless caller offered it as well (Closes issue #19195. Reported, patched by one47) Additionally security announcements AST-2011-008, AST-2011-010, and AST-2011-011 have been resolved in this release. For a full list of changes in this release, please see the ChangeLog: http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.19
Upgrade to 1.6.2.18. This fixes several security issues including: AST-2011-002, AST-2011-003, AST-2011-004, AST-2011-005, and AST-2011-006. =========================================================================== 1.6.2.18: The Asterisk Development Team has announced the release of Asterisk 1.6.2.18. The release of Asterisk 1.6.2.18 resolves several issues reported by the community and would have not been possible without your participation. Thank you! The following is a sample of the issues resolved in this release: * Only offer codecs both sides support for directmedia. * Resolution of several DTMF based attended transfer issues. NOTE: Be sure to read the ChangeLog for more information about these changes. * Resolve deadlocks related to device states in chan_sip * Fix channel redirect out of MeetMe() and other issues with channel softhangup * Fix voicemail sequencing for file based storage. * Guard against retransmitting BYEs indefinitely during attended transfers with chan_sip. In addition to the changes listed above, commits to resolve security issues AST-2011-005 and AST-2011-006 have been merged into this release. More information about AST-2011-005 and AST-2011-006 can be found at: http://downloads.asterisk.org/pub/security/AST-2011-005.pdf http://downloads.asterisk.org/pub/security/AST-2011-006.pdf For a full list of changes in this release, please see the ChangeLog: http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.18 =========================================================================== 1.6.2.17.3 The Asterisk Development Team has announced security releases for Asterisk branches 1.4, 1.6.1, 1.6.2, and 1.8. The available security releases are released as versions 1.4.40.1, 1.6.1.25, 1.6.2.17.3, and 1.8.3.3. The releases of Asterisk 1.4.40.1, 1.6.1.25, 1.6.2.17.3, and 1.8.3.3 resolve two issues: * File Descriptor Resource Exhaustion (AST-2011-005) * Asterisk Manager User Shell Access (AST-2011-006) The issues and resolutions are described in the AST-2011-005 and AST-2011-006 security advisories. For more information about the details of these vulnerabilities, please read the security advisories AST-2011-005 and AST-2011-006, which were released at the same time as this announcement. For a full list of changes in the current releases, please see the ChangeLog: http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.17.3 Security advisory AST-2011-005 and AST-2011-006 are available at: http://downloads.asterisk.org/pub/security/AST-2011-005.pdf http://downloads.asterisk.org/pub/security/AST-2011-006.pdf =========================================================================== 1.6.2.17.2: The Asterisk Development Team has announced security releases for Asterisk branches 1.6.1, 1.6.2, and 1.8. The available security releases are released as versions 1.6.1.24, 1.6.2.17.2, and 1.8.3.2. ** This is a re-release of Asterisk 1.6.1.23, 1.6.2.17.1 and 1.8.3.1 which contained a bug which caused duplicate manager entries (issue #18987). The releases of Asterisk 1.6.1.24, 1.6.2.17.2, and 1.8.3.2 resolve two issues: * Resource exhaustion in Asterisk Manager Interface (AST-2011-003) * Remote crash vulnerability in TCP/TLS server (AST-2011-004) The issues and resolutions are described in the AST-2011-003 and AST-2011-004 security advisories. For more information about the details of these vulnerabilities, please read the security advisories AST-2011-003 and AST-2011-004, which were released at the same time as this announcement. For a full list of changes in the current releases, please see the ChangeLog: http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.17.2 Security advisory AST-2011-003 and AST-2011-004 are available at: http://downloads.asterisk.org/pub/security/AST-2011-003.pdf http://downloads.asterisk.org/pub/security/AST-2011-004.pdf =========================================================================== 1.6.2.17.1: The Asterisk Development Team has announced security releases for Asterisk branches 1.6.1, 1.6.2, and 1.8. The available security releases are released as versions 1.6.1.23, 1.6.2.17.1, and 1.8.3.1. These releases are available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/releases The releases of Asterisk 1.6.1.23, 1.6.2.17.1, and 1.8.3.1 resolve two issues: * Resource exhaustion in Asterisk Manager Interface (AST-2011-003) * Remote crash vulnerability in TCP/TLS server (AST-2011-004) The issues and resolutions are described in the AST-2011-003 and AST-2011-004 security advisories. For more information about the details of these vulnerabilities, please read the security advisories AST-2011-003 and AST-2011-004, which were released at the same time as this announcement. For a full list of changes in the current releases, please see the ChangeLog: http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.17.1 Security advisory AST-2011-003 and AST-2011-004 are available at: http://downloads.asterisk.org/pub/security/AST-2011-003.pdf http://downloads.asterisk.org/pub/security/AST-2011-004.pdf =========================================================================== 1.6.2.17: The Asterisk Development Team has announced the release of Asterisk 1.6.2.17. The release of Asterisk 1.6.2.17 resolves several issues reported by the community and would have not been possible without your participation. The following is a sample of the issues resolved in this release: * Resolve duplicated data in the AstDB when using DIALGROUP() * Correct issue where res_config_odbc could populate fields with invalid data. * When using cdr_pgsql the billsec field was not populated correctly on unanswered calls. * Resolve issue where re-transmissions of SUBSCRIBE could break presence. * Fix regression causing forwarding voicemails to not work with file storage. * This version of Asterisk includes the new Compiler Flags option BETTER_BACKTRACES which uses libbfd to search for better symbol information within both the Asterisk binary, as well as loaded modules, to assist when using inline backtraces to track down problems. * Resolve several issues with DTMF based attended transfers. NOTE: Be sure to read the ChangeLog for more information about these changes. * Resolve issue where no Music On Hold may be triggered when using res_timing_dahdi. * Fix regression that changed behavior of queues when ringing a queue member. Additionally, this release has the changes related to security bulletin AST-2011-002 which can be found at http://downloads.asterisk.org/pub/security/AST-2011-002.pdf For a full list of changes in this release, please see the ChangeLog: http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.17 =========================================================================== 1.6.2.16.2: The Asterisk Development Team has announced security releases for Asterisk branches 1.4, 1.6.1, 1.6.2, and 1.8. The available security releases are released as versions 1.4.39.2, 1.6.1.22, 1.6.2.16.2, and 1.8.2.4. The releases of Asterisk 1.4.39.2, 1.6.1.22, 1.6.2.16.2, and 1.8.2.4 resolve an issue that when decoding UDPTL packets, multiple stack and heap based arrays can be made to overflow by specially crafted packets. Systems configured for T.38 pass through or termination are vulnerable. The issue and resolution are described in the AST-2011-002 security advisory. For more information about the details of this vulnerability, please read the security advisory AST-2011-002, which was released at the same time as this announcement. For a full list of changes in the current release, please see the ChangeLog: http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.16.2 Security advisory AST-2011-002 is available at: http://downloads.asterisk.org/pub/security/AST-2011-002.pdf