The NetBSD Project

CVS log for pkgsrc/comms/asterisk16/options.mk

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / comms / asterisk16

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.18 / (download) - annotate - [select for diffs], Thu Dec 31 11:07:01 2020 UTC (16 months, 2 weeks ago) by nia
Branch: MAIN
CVS Tags: pkgsrc-2022Q1-base, pkgsrc-2022Q1, pkgsrc-2021Q4-base, pkgsrc-2021Q4, pkgsrc-2021Q3-base, pkgsrc-2021Q3, pkgsrc-2021Q2-base, pkgsrc-2021Q2, pkgsrc-2021Q1-base, pkgsrc-2021Q1, pkgsrc-2020Q4-base, pkgsrc-2020Q4, HEAD
Changes since 1.17: +2 -1 lines
Diff to previous 1.17 (colored)

asterisk16: Avoid using -march=native, it breaks binary packages.

Also avoid passing crazy optimization and debug flags in general, just
honor the user's CFLAGS.

Revision 1.17 / (download) - annotate - [select for diffs], Sun May 31 14:39:32 2020 UTC (23 months, 2 weeks ago) by rillig
Branch: MAIN
CVS Tags: pkgsrc-2020Q3-base, pkgsrc-2020Q3, pkgsrc-2020Q2-base, pkgsrc-2020Q2
Changes since 1.16: +1 -3 lines
Diff to previous 1.16 (colored)

comms/asterisk16: remove unknow configure option

Revision 1.16 / (download) - annotate - [select for diffs], Sat Jan 11 08:36:13 2020 UTC (2 years, 4 months ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2020Q1-base, pkgsrc-2020Q1
Changes since 1.15: +2 -2 lines
Diff to previous 1.15 (colored)

asterisk16: Update to 16.7.0

Changelog:
16.7.0
Security bugs fixed in this release:
-----------------------------------
    [ASTERISK-28589] - chan_sip: Depending on configuration an INVITE can alter Addr of a peer (Reported by Andrey V. T.)
    [ASTERISK-28580] - Bypass SYSTEM write permission in manager action allows system commands execution (Reported by Eliel Sardañons)

Improvements made in this release:
-----------------------------------
    [ASTERISK-28602] - res_pjsip_outbound_registration: Maximum retries reached (Reported by Daniel)
    [ASTERISK-28586] - Typo in README-SERIOUSLY.bestpractices.md (Reported by Sam Banks)
    [ASTERISK-22192] - [patch] Allow voicemail forwards with ODBC backend when format differs from attachfmt column (Reported by cmaj)
    [ASTERISK-28567] - Problem with ASTERISK-20207: Asterisk should clear out any .lock files in the voice mail directory on startup.  (Reported by Michael)
    [ASTERISK-28542] - [patch] add the ability for asterisk to generate on-hold re-invites (Reported by Torrey Searle)
    [ASTERISK-28512] - Add pass-through support for H.265 (HEVC) codec (Reported by Florian Floimair)

Bugs fixed in this release:
-----------------------------------
    [ASTERISK-28609] - Memory Leak in res_rtp_asterisk.c (Reported by Ted G)
    [ASTERISK-28604] - app_meetme, chan_ooh323 and cdr_mysql don't build on 17.0.0 (Reported by George Joseph)
    [ASTERISK-28659] - res_pjsip_sdp_rtp: Bundle includes non-existent media stream if codecs create additional streams and offer does not have them (Reported by nappsoft)
    [ASTERISK-28641] - res_pjsip Segfaults when realtime configuration to an AOR points to a not existent AOR (Reported by Ross Beer)
    [ASTERISK-28644] - Stale comment in app_queue about ring_entry exception (Reported by Walter Doekes)
    [ASTERISK-28445] - res_pjsip_session: ast_json_vpack: Invalid UTF-8 string on hangup when TEST_FRAMEWORK enabled (Reported by Bernhard Schmidt)
    [ASTERISK-28637] - chan_sip+native_bridge_rtp: directmedia compatibility check failure when negociated ptime is not default ptime.  (Reported by Frederic LE FOLL)
    [ASTERISK-28631] - res_parking: Doesn't park when parkee and parker are the same (Reported by Ross Beer)
    [ASTERISK-28621] - Enforce T.38 error correction mode at 200 ok received (Reported by Salah Ahmed)
    [ASTERISK-28624] - res_pjsip_outbound_registration: add SRV failover (Reported by Kevin Harwell)
    [ASTERISK-28608] - app_amd: Use time calculation to calculate timeout (Reported by Michael Cargile)
    [ASTERISK-28615] - chan_dahdi: PRI span status may stay "Down, Active" after a short alarm (Reported by Frederic LE FOLL)
    [ASTERISK-28576] - res_rtp_asterisk: ICE Completion Crash when sent packet length doesn't match (Reported by Joshua Elson)
    [ASTERISK-26481] - FILE function grabs garbage along with read data when target line has no newline (Reported by Jonathan Harris)
    [ASTERISK-28618] - bridge_softmix: hold not cleared when joining a softmix bridge (Reported by Kevin Harwell)
    [ASTERISK-28616] - parking: Deadlock when multi call parking (Reported by Joshua C. Colp)
    [ASTERISK-28423] - ARI causes STASIS Deadlock (Reported by Ross Beer)
    [ASTERISK-28572] - Memory leaks in res_calendar_exchange and res_calendar_icalendar (Reported by Yoooooo Ha)
    [ASTERISK-28585] - ari/resource_events: Crash in event session cleanup (Reported by Kevin Harwell)
    [ASTERISK-28590] - utils.c throws repeated warnings; "pthread_attr_setstacksize: Invalid argument" (Reported by Speed Dial Dave)
    [ASTERISK-28578] - race condition on pjsip channelstats command (Reported by Salah Ahmed)
    [ASTERISK-28571] - cdr_pgsql: accesses obsolete (and finally removed) column (Reported by Christoph Moench-Tegeder)
    [ASTERISK-28575] - MWI Send Notify Crash on 16.6 (Reported by Joshua Elson)
    [ASTERISK-28574] - pjproject fails to build on 16.6.0, works on 16.5 (Reported by Niklas Larsson)
    [ASTERISK-28561] - Asterisk Deadlocks (Reported by Aheliotech)
    [ASTERISK-28552] - res_pjsip_mwi: Frack during unload on unsolicited_mwi container (Reported by Kevin Harwell)
    [ASTERISK-28566] - CDR backend unload problem during active call(s) (Reported by Marian Piater)
    [ASTERISK-28553] - stasis.c: Crash during unload (Reported by Kevin Harwell)
    [ASTERISK-28086] - chan_pjsip: Crash when initiating PlayDTMF over AMI (Reported by Jeremiah Gadd)
    [ASTERISK-28544] - Wrong contact representation in ipv6 mode (Reported by Jørgen H)
    [ASTERISK-28534] - Segmentation fault when there is no priority for an extension (Reported by Timothy Vanderaerden)
    [ASTERISK-28463] - res_pjsip_path: Crash when invalid contact is configured (Reported by Juan Martin)
    [ASTERISK-28521] - pjsip: Memory Leak (Reported by Mark)
    [ASTERISK-28523] - Asterisk 16.5.0 Memory leak (Reported by Cyril Ramière)
    [ASTERISK-28538] - chan_pjsip: Deadlock on fax detection (Reported by Joshua C. Colp)
    [ASTERISK-28536] - Asterisk release candidates fail to build on FreeBSD (Reported by Guido Falsi)
    [ASTERISK-23756] - setvar directive when used in template and a child of said template, results in duplicate variable names (Reported by Michael Goryainov)

New Features made in this release:
-----------------------------------
    [ASTERISK-28614] - app_senddtmf: Allow "receiving" DTMF with PlayDTMF instead of only "sending" (Reported by lvl)
    [ASTERISK-28613] - func_curl: CURLOPT cannot set Content-Type header (Reported by Martin Tomec)
    [ASTERISK-28553] - stasis.c: Crash during unload (Reported by Kevin Harwell)
    [ASTERISK-28086] - chan_pjsip: Crash when initiating PlayDTMF over AMI (Reported by Jeremiah Gadd)
    [ASTERISK-28544] - Wrong contact representation in ipv6 mode (Reported by Jørgen H)
    [ASTERISK-28534] - Segmentation fault when there is no priority for an extension (Reported by Timothy Vanderaerden)
    [ASTERISK-28463] - res_pjsip_path: Crash when invalid contact is configured (Reported by Juan Martin)
    [ASTERISK-28521] - pjsip: Memory Leak (Reported by Mark)
    [ASTERISK-28523] - Asterisk 16.5.0 Memory leak (Reported by Cyril Ramière)
    [ASTERISK-28538] - chan_pjsip: Deadlock on fax detection (Reported by Joshua C. Colp)
    [ASTERISK-28536] - Asterisk release candidates fail to build on FreeBSD (Reported by Guido Falsi)
    [ASTERISK-23756] - setvar directive when used in template and a child of said template, results in duplicate variable names (Reported by Michael Goryainov)

New Features made in this release:
-----------------------------------
    [ASTERISK-28614] - app_senddtmf: Allow "receiving" DTMF with PlayDTMF instead of only "sending" (Reported by lvl)
    [ASTERISK-28613] - func_curl: CURLOPT cannot set Content-Type header (Reported by Martin Tomec)
    [ASTERISK-28533] - func_jitterbuffer: Add support for video synchronization (Reported by Joshua C. Colp)

16.6.0
Security bugs fixed in this release:
-----------------------------------
[ASTERISK-28495] - res_pjsip_t38: 200 OK with SDP answer with declined stream causes crash (Reported by Alexei Gradinari)

Bugs fixed in this release:
-----------------------------------
[ASTERISK-28521] - pjsip: Memory Leak (Reported by Mark)
[ASTERISK-28523] - Asterisk 16.5.0 Memory leak (Reported by Cyril Ramière)
[ASTERISK-28538] - chan_pjsip: Deadlock on fax detection (Reported by Joshua C. Colp)
[ASTERISK-28536] - Asterisk release candidates fail to build on FreeBSD (Reported by Guido Falsi)
[ASTERISK-28511] - codec_resample: Bad sound quality when up sampling from SLIN16 to SLIN32 (Reported by Ruddy G)
[ASTERISK-28525] - chan_dahdi: set CHANNEL(hangupsource) when a PRI channel hangs up (Reported by Frederic LE FOLL)
[ASTERISK-28527] - ChanIsAvail() creates a CDR if unanswered=yes is set in cdr.conf (Reported by Frederic LE FOLL)
[ASTERISK-28499] - translate: Crash when frame does not have a "src" field set (Reported by Gregory Massel)
[ASTERISK-25592] - chan_unistim: Clang Warning: variable sized type not at end of a struct (Reported by Alexander Traud)
[ASTERISK-28488] - pjsip mwi: n+1 sip notify's sent on re-register (Reported by Chris Savinovich)
[ASTERISK-28509] - PJSIP cnonce generated on Linux contains 36 characters, NEC only supports up to 32 characters (Reported by Dan Cropp)
[ASTERISK-28505] - app_voicemail/IMAP: segfault in leave_voicemail because not checking mailstream (Reported by Alexei Gradinari)
[ASTERISK-28487] - compile menuselect on gentoo (Reported by Kilburn)
[ASTERISK-28472] - Asterisk occasionally passes a NULL as srtp->session to srtp_protect/unprotect causing SEGV (Reported by Jonas Swiatek)
[ASTERISK-28498] - cel / cdr: Event times may be incorrect (Reported by Joshua C. Colp)
[ASTERISK-28480] - json integer overflow in ssrc and timestamp (Reported by Salah Ahmed)
[ASTERISK-28228] - res_pjsip: pjsip show contacts prints double entries (Reported by Ian Jones)
[ASTERISK-28483] - packet lost on UDPTL wrap around (Reported by Torrey Searle)
[ASTERISK-28477] - Crash when not specifying "dbfile" in res_config_sqlite3.conf (Reported by Dennis)
[ASTERISK-28478] - Crash performing "core reload" with modified res_config_sqlite3.conf (Reported by Dennis)
[ASTERISK-26968] - chan_pjsip: Transfer() does not result in TRANSFERSTATUS reflecting SIP response to transfer (Reported by Dan Cropp)
[ASTERISK-28282] - AST_SCHED_REPLACE_UNREF causes wait-on-self deadlocks (in chan_sip) (Reported by Walter Doekes)

New Features made in this release:
-----------------------------------
[ASTERISK-17808] - [patch] Unregister a realtime moh class (Reported by Byron Clark)
[ASTERISK-28489] - Channel variable SIPFROMDOMAIN for chan_pjsip to setup From header URI domain (Reported by Stas Kobzar)

Revision 1.15 / (download) - annotate - [select for diffs], Tue Aug 20 13:47:42 2019 UTC (2 years, 8 months ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2019Q4-base, pkgsrc-2019Q4, pkgsrc-2019Q3-base, pkgsrc-2019Q3
Changes since 1.14: +48 -32 lines
Diff to previous 1.14 (colored)

comms/asterisk16: import asterisk-16.5.0

Asterisk is a complete PBX in software.  It provides all of the
features you would expect from a PBX and more. Asterisk does voice
over IP in three protocols, and can interoperate with almost all
standards-based telephony equipment using relatively inexpensive
hardware.

Asterisk provides Voicemail services with Directory, Call Conferencing,
Interactive Voice Response, Call Queuing. It has support for
three-way calling, caller ID services, ADSI, SIP and H.323 (as both
client and gateway).

Revision 1.14, Fri Sep 14 02:41:05 2012 UTC (9 years, 8 months ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2013Q2-base, pkgsrc-2013Q2, pkgsrc-2012Q4-base, pkgsrc-2012Q4
Changes since 1.13: +1 -1 lines
FILE REMOVED

Remove Asterisk 1.6.  This version series went end-of-line on April
21st, 2012.  It most likely has multiple security issues.  By this
point, all users of this package should have migrated to comms/asterisk18
or comms/asterisk10 as this version has been marked as being
deprecated for some time now.

Note that this directory is likely to re-appear in late 2017 when
Asterisk 16 comes out, assuming the current schedule is followed.
However that will be a vastly different version as Asterisk 11 is
only in the RC stage now (i.e. it will be five major versions after
the one that is expected to be released later this year).

Revision 1.13 / (download) - annotate - [select for diffs], Tue Jan 17 02:12:52 2012 UTC (10 years, 4 months ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2012Q2-base, pkgsrc-2012Q2, pkgsrc-2012Q1-base, pkgsrc-2012Q1
Changes since 1.12: +14 -4 lines
Diff to previous 1.12 (colored)

PR/35369 -- David Wetzel -- add support for speex codec (enabled by default)

Revision 1.12 / (download) - annotate - [select for diffs], Mon Dec 12 05:05:34 2011 UTC (10 years, 5 months ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2011Q4-base, pkgsrc-2011Q4
Changes since 1.11: +6 -6 lines
Diff to previous 1.11 (colored)

This update fixes AST-2011-013 and AST-2011-014.  It also adapts to changes
in the iLBC codec files.

     __________________________________________________________________

               Asterisk Project Security Advisory - AST-2011-013

         Product        Asterisk
         Summary        Possible remote enumeration of SIP endpoints with
                        differing NAT settings
    Nature of Advisory  Unauthorized data disclosure
      Susceptibility    Remote unauthenticated sessions
         Severity       Minor
      Exploits Known    Yes
       Reported On      2011-07-18
       Reported By      Ben Williams
        Posted On
     Last Updated On    December 7, 2011
     Advisory Contact   Terry Wilson <twilson at digium.com>

         CVE Name

    Description  It is possible to enumerate SIP usernames when the general
                 and user/peer NAT settings differ in whether to respond to
                 the port a request is sent from or the port listed for
                 responses in the Via header. In 1.4 and 1.6.2, this would
                 mean if one setting was nat=yes or nat=route and the other
                 was either nat=no or nat=never. In 1.8 and 10, this would
                 mean when one was nat=force_rport or nat=yes and the other
                 was nat=no or nat=comedia.

    Resolution  Handling NAT for SIP over UDP requires the differing
                behavior introduced by these options.

                To lessen the frequency of unintended username disclosure,
                the default NAT setting was changed to always respond to the
                port from which we received the request-the most commonly
                used option.

                Warnings were added on startup to inform administrators of
                the risks of having a SIP peer configured with a different
                setting than that of the general setting. The documentation
                now strongly suggests that peers are no longer configured
                for NAT individually, but through the global setting in the
                "general" context.

                               Affected Versions
                Product              Release Series
         Asterisk Open Source             All        All versions

                                  Corrected In
     As this is more of an issue with SIP over UDP in general, there is no
     fix supplied other than documentation on how to avoid the problem. The
        default NAT setting has been changed to what we believe the most
      commonly used setting for the respective version in Asterisk 1.4.43,
                             1.6.2.21, and 1.8.7.2.

            Links

    Asterisk Project Security Advisories are posted at
    http://www.asterisk.org/security

    This document may be superseded by later versions; if so, the latest
    version will be posted at
    http://downloads.digium.com/pub/security/AST-2011-013.pdf and
    http://downloads.digium.com/pub/security/AST-2011-013.html

                                Revision History
           Date                 Editor                 Revisions Made

               Asterisk Project Security Advisory - AST-2011-013
              Copyright (c) 2011 Digium, Inc. All Rights Reserved.
  Permission is hereby granted to distribute and publish this advisory in its
                           original, unaltered form.

     __________________________________________________________________

               Asterisk Project Security Advisory - AST-2011-014

         Product        Asterisk
         Summary        Remote crash possibility with SIP and the "automon"
                        feature enabled
    Nature of Advisory  Remote crash vulnerability in a feature that is
                        disabled by default
      Susceptibility    Remote unauthenticated sessions
         Severity       Moderate
      Exploits Known    Yes
       Reported On      November 2, 2011
       Reported By      Kristijan Vrban
        Posted On       2011-11-03
     Last Updated On    December 7, 2011
     Advisory Contact   Terry Wilson <twilson at digium.com>

         CVE Name

    Description  When the "automon" feature is enabled in features.conf, it
                 is possible to send a sequence of SIP requests that cause
                 Asterisk to dereference a NULL pointer and crash.

    Resolution  Applying the referenced patches that check that the pointer
                is not NULL before accessing it will resolve the issue. The
                "automon" feature can be disabled in features.conf as a
                workaround.

                               Affected Versions
                Product              Release Series
         Asterisk Open Source           1.6.2.x      All versions
         Asterisk Open Source            1.8.x       All versions

                                  Corrected In
                   Product                              Release
            Asterisk Open Source                   1.6.2.21, 1.8.7.2

                                     Patches
                              Download URL                            Revision
   http://downloads.asterisk.org/pub/security/AST-2011-014-1.6.2.diff 1.6.2.20
   http://downloads.asterisk.org/pub/security/AST-2011-014-1.8.diff   1.8.7.1

            Links

    Asterisk Project Security Advisories are posted at
    http://www.asterisk.org/security

    This document may be superseded by later versions; if so, the latest
    version will be posted at
    http://downloads.digium.com/pub/security/AST-2011-014.pdf and
    http://downloads.digium.com/pub/security/AST-2011-014.html

                                Revision History
           Date                 Editor                 Revisions Made

               Asterisk Project Security Advisory - AST-2011-014
              Copyright (c) 2011 Digium, Inc. All Rights Reserved.
  Permission is hereby granted to distribute and publish this advisory in its
                           original, unaltered form.

Revision 1.11 / (download) - annotate - [select for diffs], Tue Oct 11 03:15:50 2011 UTC (10 years, 7 months ago) by jnemeth
Branch: MAIN
Changes since 1.10: +11 -2 lines
Diff to previous 1.10 (colored)

Revert previous.  This package was marked OWNER= for a reason!

Revision 1.10 / (download) - annotate - [select for diffs], Sat Oct 8 13:49:09 2011 UTC (10 years, 7 months ago) by shattered
Branch: MAIN
Changes since 1.9: +3 -12 lines
Diff to previous 1.9 (colored)

Remove zaptel option everywhere (zaptel-netbsd package was removed)

Revision 1.9 / (download) - annotate - [select for diffs], Wed Oct 6 22:39:41 2010 UTC (11 years, 7 months ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2011Q3-base, pkgsrc-2011Q3, pkgsrc-2011Q2-base, pkgsrc-2011Q2, pkgsrc-2011Q1-base, pkgsrc-2011Q1, pkgsrc-2010Q4-base, pkgsrc-2010Q4, pkgsrc-2010Q3-base, pkgsrc-2010Q3
Changes since 1.8: +1 -2 lines
Diff to previous 1.8 (colored)

DISTFILES is now initialized in Makefile, don't re-initialize it here.

Revision 1.8 / (download) - annotate - [select for diffs], Thu Sep 23 23:30:38 2010 UTC (11 years, 7 months ago) by jnemeth
Branch: MAIN
Changes since 1.7: +2 -2 lines
Diff to previous 1.7 (colored)

     Update to the 1.6.2 series (specifically 1.6.2.13).  This is
a feature update, so users that are upgrading should read UPDATE.txt.

pkgsrc changes:

- update to 1.6.2.13
- bury the asterisk-sounds-extra inside this one to keep it in sync
- handle sound tarballs directly (upstream had changed this to do a
  download during the install phase and dump files in $HOME)
- add new documentation files:
  - asterisk.txt
  - building_queues.txt
  - database_transactions.txt
  - followme.txt

========
1.6.2.13
========

This release resolves an issue where the .version and ChangeLog files were not
updated for 1.6.2.12. Asterisk 1.6.2.13 has no additional changes from 1.6.2.12
other than the .version, ChangeLog and summary files.

For a full list of changes in the current release, please see the
ChangeLog:

http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.13

========
1.6.2.12
========

The release of Asterisk 1.6.2.12 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!

The following is a sample of the issues resolved in this release:

     * Fix issue where DNID does not get cleared on a new call when using
       immediate=yes with ISDN signaling.
       (Closes issue #17568. Reported by wuwu. Patched by rmudgett)
     * Several updates to res_config_ldap.
       (Closes issue #13573. Reported by navkumar. Patched by navkumar, bencer.
       Tested by suretec)
     * Prevent loss of Caller ID information set on local channel after masquerade.
       (Closes issue #17138. Reported by kobaz, patched by jpeeler)
     * Fix SIP peers memory leak.
       (Closes issue #17774. Reported, patched by kkm)
     * Add Danish support to say.conf.sample
       (Closes issue #17836. Reported, patched by RoadKill)
     * Ensure SSRC is changed when media source is changed to resolve audio delay.
       (Closes issue #17404. Reported, tested by sdolloff. Patched by jpeeler)
     * Only do magic pickup when notifycid is enabled.
       A new way of doing BLF pickup was introduced into 1.6.2. This feature adds a
       call-id value into the XML of a SIP_NOTIFY message sent to alert a subscriber
       that a device is ringing. This option should only be enabled when the new
       'notifycid' option is set, but this was not the case. Instead the call-id
       value was included for every RINGING Notify message, which caused a
       regression for people who used other methods for call pickup.
       (Closes issue #17633. Reported, patched by urosh. Patched by dvossel.
       Tested by: dvossel, urosh, okrief, alecdavis)

For a full list of changes in the current release, please see the
ChangeLog:

http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.12

========
1.6.2.11
========

The release of Asterisk 1.6.2.11 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!

The following are a few of the issues resolved by community developers:

  * Send DialPlanComplete as a response, not as a separate event. Otherwise, it
    goes to all manager sessions and may exclude the current session, if the
    Events mask excludes it.
    (Closes issue #17504. Reported, patched by rrb3942)

  * Allow the "useragent" value to be restored into memory from the realtime
    backend. This value is purely informational. It does not alter configuration
    at all.
    (Closes issue #16029. Reported, patched by Guggemand)

  * Fix rt(c)p set debug ip taking wrong argument Also clean up some coding
    errors.
    (Closes issue #17469. Reported, patched by wdoekes)

  * Ensure channel placed in meetme in ringing state is properly hung up. An
    outgoing channel placed in meetme while still ringing which was then hung up
    would not exit meetme and the channel was not properly destroyed.
    (Closes issue #15871. Reported, patched by Ivan)

  * Correct how 100, 200, 300, etc. is said. Also add the crazy British numbers.
    (Closes issue #16102. Reported, patched by Delvar)

  * cdr_pgsql does not detect when a table is found. This change adds an ERROR
    message to let you know when a failure exists to get the columns from the
    pgsql database, which typically means that the table does not exist.
    (Closes issue #17478. Reported, patched by kobaz)

  * Avoid crashing when installing a duplicate translation path with a lower
    cost.
    (Closes issue #17092. Reported, patched by moy)

  * Add missing handling for ringing state for use with queue empty options.
    (Closes issue #17471. Reported, patched by jazzy)

  * Fix reporting estimated queue hold time. Just say the number of seconds
    (after minutes) rather than doing some incorrect calculation with respect to
    minutes.
    (Closes issue #17498. Reported, patched by corruptor)

For a full list of changes in the current release, please see the
ChangeLog:

http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.11

========
1.6.2.10
========

The release of Asterisk 1.6.2.10 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!

The following are a few of the issues resolved by community developers:

  * Allow users to specify a port for DUNDI peers.
    (Closes issue #17056. Reported, patched by klaus3000)

  * Decrease the module ref count in sip_hangup when SIP_DEFER_BYE_ON_TRANSFER is
    set.
    (Closes issue #16815. Reported, patched by rain)

  * If there is realtime configuration, it does not get re-read on reload unless
    the config file also changes.
    (Closes issue #16982. Reported, patched by dmitri)

  * Send AgentComplete manager event for attended transfers.
    (Closes issue #16819. Reported, patched by elbriga)

  * Correct manager variable 'EventList' case.
    (Closes issue #17520. Reported, patched by kobaz)

In addition, changes to res_timing_pthread that should make it more stable have
also been implemented.

For a full list of changes in the current release, please see the
ChangeLog:

http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.10

=======
1.6.2.9
=======

The release of Asterisk 1.6.2.9 resolves several issues reported by the
community, and would have not been possible without your participation.
Thank you!

The following are a few of the issues resolved by community developers:

  * Fix the PickupChan() application
    (Closes issue #16863. Reported, patched by schern. Patched by cjacobsen.
     Tested by Graber, cjacobsen, lathama, rickead2000, dvossel)

  * Improve logging by displaying line number
    (Closes issue #16303. Reported by dant. Patched by pabelanger. Tested by
     dant, pabelanger, lmadsen)

  * Notify CLI when modules are loaded/unloaded
    (Closes issue #17308. Reported, patched by pabelanger. Tested by russell)

  * Make the Makefile logic more explicit and move the Snow Leopard logic down to
    where it's not executed on non-Darwin systems
    (Closes issue #17028. Reported by pabelanger. Patched by seanbright,
     tilghman. Tested by pabelanger)

  * Manager cookies are not compatible with RFC2109. Make that no longer true.
    (Closes issue #17231. Reported, patched by ecarruda)

  * With IMAP backend, messages in INBOX were counted twice for MWI
    (Closes issue #17135. Reported by edhorton. Patched by ebroad, tilghman)

  * Fix possible segfault when logging
    (Closes issue #17331. Reported, patched by under. Patched by dvossel)

  * Fix memory hogging behavior of app_queue
    (Closes issue #17081. Reported by wliegel. Patched by mmichelson)

  * Allow type=user SIP endpoints to be loaded properly from realtime
    (Closes issue #16021. Reported, patched by Guggemand)

Additionally, the following issue may be of interest:

  * Fix transcode_via_sln option with SIP calls and improve PLC usage
    (Review: https://reviewboard.asterisk.org/r/622/)


For a full list of changes in the current release, please see the
ChangeLog:

http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.9

=======
1.6.2.8
=======

The release of Asterisk 1.6.2.8 resolves several issues reported by the
community, and would have not been possible without your participation.
Thank you!

The following are a few of the issues resolved by community developers:

   * Enable auto complete for CLI command 'logger set level'.
     (Closes issue #17152. Reported, patched by pabelanger)

   * Make the mixmonitor thread process audio frames faster.
     (Closes issue #17078. Reported, tested by geoff2010. Patched by dhubbard)

   * Add missing 'useragent' field to sip-friends.sql file.
     (Closes issue #17171. Reported, patched by thehar)

   * Add example dialplan for dialing ISN numbers (http://www.freenum.org)
     (Closes issue #17058. Reported, patched by pprindeville)

   * Fix issue with double "sip:" in header field.
     (Closes issue #15847. Reported, patched by ebroad)

   * Add ability to generate ASCII documentation from the TeX files by running
     'make asterisk.txt'.
     (Closes issue #17220. Reported by lmadsen. Tested, patched by pabelanger)

   * When StopMonitor() is called, ensure that it will not be restarted by a
     channel event.
     (Closes issue #16590. Reported, patched by kkm)

   * Small error in the T.140 RTP port verbose log.
     (Closes issue #16998. Reported, patched by frawd. Tested by russell)

For a full list of changes in the current release, please see the
ChangeLog:

http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.8

=======
1.6.2.7
=======

The release of Asterisk 1.6.2.7 resolves several issues reported by the
community, and would have not been possible without your participation. Thank
you!

The following are a few of the issues resolved by community developers:

  * Fix building CDR and CEL SQLite3 modules.
    (Closes issue #17017. Reported by alephlg. Patched by seanbright)

  * Resolve crash in SLAtrunk when the specified trunk doesn't exist.
    (Reported in #asterisk-dev by philipp64. Patched by seanbright)

  * Include an extra newline after "Aliased CLI command" to get back the prompt.
    (Issue #16978. Reported by jw-asterisk. Tested, patched by seanbright)

  * Prevent segfault if bad magic number is encountered.
    (Issue #17037. Reported, patched by alecdavis)

  * Update code to reflect that handle_speechset has 4 arguments.
    (Closes issue #17093. Reported, patched by gpatri. Tested by pabelanger,
     mmichelson)

  * Resolve a deadlock in chan_local.
    (Closes issue #16840. Reported, patched by bzing2, russell. Tested by bzing2)

For a full list of changes in this releases, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.7

=======
1.6.2.6
=======

The release of Asterisk 1.6.2.6 resolves several issues reported by the
community, and would have not been possible without your participation. Thank
you!

The following are a few of the issues resolved by community developers:

  * Make sure to clear red alarm after polarity reversal.
    (Closes issue #14163. Reported, patched by jedi98. Tested by mattbrown,
     Chainsaw, mikeeccleston)

  * Fix problem with duplicate TXREQ packets in chan_iax2
    (Closes issue #16904. Reported, patched by rain. Tested by rain, dvossel)

  * Fix crash in app_voicemail related to message counting.
    (Closes issue #16921. Reported, tested by whardier. Patched by seanbright)

  * Overlap receiving: Automatically send CALL PROCEEDING when dialplan starts
    (Reported, Patched, and Tested by alecdavis)

  * For T.38 reINVITEs treat a 606 the same as a 488.
    (Closes issue #16792. Reported, patched by vrban)

  * Fix ConfBridge crash when no timing module is loaded.
    (Closes issue #16471. Reported, tested by kjotte. Patched, tested by junky)

For a full list of changes in this releases, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.6

=======
1.6.2.5
=======

The Asterisk Development Team has announced security releases for the following
versions of Asterisk:

* 1.6.2.5

The releases of Asterisk 1.6.0.25, 1.6.1.17, and 1.6.2.5 resolve an issue with
invalid parsing of ACL (Access Control List) rules leading to a possible
compromise in security. The issue and resolution are described in the
AST-2010-003 security advisory.

For more information about the details of this vulnerability, please read the
security advisory AST-2010-003, which was released at the same time as this
announcement.

For a full list of changes in the current releases, please see the ChangeLog:

http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.5

Security advisory AST-2010-003 is available at:

http://downloads.asterisk.org/pub/security/AST-2010-003.pdf

=======
1.6.2.4
=======

The Asterisk Development Team has announced security releases for the following
versions of Asterisk:

* 1.6.2.4

The releases of Asterisk 1.2.40, 1.4.29.1, 1.6.0.24, 1.6.1.16, and 1.6.2.4
include documention describing a possible dialplan string injection with common
usage of the ${EXTEN} (and other expansion variables). The issue and resolution
are described in the AST-2010-002 security advisory.

If you have a channel technology which can accept characters other than numbers
and letters (such as SIP) it may be possible to craft an INVITE which sends data
such as 300&Zap/g1/4165551212 which would create an additional outgoing channel
leg that was not originally intended by the dialplan programmer.

Please note that this is not limited to an specific protocol or the Dial()
application.

The expansion of variables into programmatically-interpreted strings is a common
behavior in many script or script-like languages, Asterisk included. The ability
for a variable to directly replace components of a command is a feature, not a
bug - that is the entire point of string expansion.

However, it is often the case due to expediency or design misunderstanding that
a developer will not examine and filter string data from external sources before
passing it into potentially harmful areas of their dialplan.

With the flexibility of the design of Asterisk come these risks if the dialplan
designer is not suitably cautious as to how foreign data is allowed to enter the
system unchecked.

This security release is intended to raise awareness of how it is possible to
insert malicious strings into dialplans, and to advise developers to read the
best practices documents so that they may easily avoid these dangers.

For more information about the details of this vulnerability, please read the
security advisory AST-2010-002, which was released at the same time as this
announcement.

For a full list of changes in the current releases, please see the ChangeLog:

http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.4

Security advisory AST-2010-002 is available at:

http://downloads.asterisk.org/pub/security/AST-2010-002.pdf

The README-SERIOUSLY.bestpractices.txt document is available in the top-level
directory of your Asterisk sources, or available in all Asterisk branches from
1.2 and up.

http://svn.asterisk.org/svn/asterisk/trunk/README-SERIOUSLY.bestpractices.txt

=======
1.6.2.3
=======

Was never released.

=======
1.6.2.2
=======

The Asterisk Development Team has announced security releases for Asterisk as
the following versions:

* 1.6.2.2

The releases of Asterisk 1.6.0.22, 1.6.1.14, and 1.6.2.2 include the fix
described in security advisory AST-2010-001.

The issue is that an attacker attempting to negotiate T.38 over SIP can remotely
crash Asterisk by modifying the FaxMaxDatagram field of the SDP to contain
either a negative or exceptionally large value.  The same crash will occur when
the FaxMaxDatagram field is omitted from the SDP, as well.

For more information about the details of this vulnerability, please read the
security advisory AST-2009-009, which was released at the same time as this
announcement.

For a full list of changes in the current releases, please see the ChangeLog:

http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.2

Security advisory AST-2010-001 is available at:

http://downloads.asterisk.org/pub/security/AST-2010-001.pdf

=======
1.6.2.1
=======

The release of Asterisk 1.6.2.1 resolved several issues reported by the
community, and would have not been possible without your participation. Thank
you!

* CLI 'queue show' formatting fix.
   (Closes issue #16078. Reported by RoadKill. Tested by dvossel. Patched by
    ppyy.)

* Fix misreverting from 177158.
   (Closes issue #15725. Reported, Tested by shanermn. Patched by dimas.)

* Fixes subscriptions being lost after 'module reload'.
   (Closes issue #16093. Reported by jlaroff. Patched by dvossel.)

* app_queue segfaults if realtime field uniqueid is NULL
  (Closes issue #16385. Reported, Tested, Patched by haakon.)

* Fix to Monitor which previously assumed the file to write to did not contain
   pathing.
   (Closes issue #16377, #16376. Reported by bcnit. Patched by dant.


A summary of changes in this release can be found in the release summary:
http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-1.6.2.1-summary.txt

For a full list of changes in this releases, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.1

=======
1.6.2.0
=======

The release of Asterisk 1.6.2.0 is the first feature release since Asterisk
1.6.1.0, which was released April 27, 2009. Many new features have been included
in this release. For a complete list of changes, please see the CHANGES file.
For those upgrading from a previous release, please see UPGRADE.txt

It should be explicitly stated that Asterisk 1.6.2.0 is a major upgrade over any
previous release, and special care should be taken when upgrading existing
systems. Please see the UPGRADE.txt file for more information, available at:

http://svn.asterisk.org/svn/asterisk/tags/1.6.2.0/UPGRADE.txt

A detailed overview to the new features available in Asterisk 1.6.2.0 are
forthcoming within the next few days. Please watch http://blogs.asterisk.org for
further information!

Below is a summary of several new features available in this release:

  * chan_dahdi now supports MFC/R2 signaling when Asterisk is compiled with
    support for LibOpenR2.  http://www.libopenr2.org/

  * Added a new 'faxdetect=yes|no' configuration option to sip.conf.  When this
    option is enabled, Asterisk will watch for a CNG tone in the incoming audio
    for a received call.  If it is detected, the channel will jump to the
    'fax' extension in the dialplan.

  * A new application, Originate, has been introduced, that allows asynchronous
    call origination from the dialplan.

  * Added ConfBridge dialplan application which does conference bridges without
    DAHDI. For information on its use, please see the output of
    "core show application ConfBridge" from the CLI.

  * extensions.conf now allows you to use keyword "same" to define an extension
    without actually specifying an extension.  It uses exactly the same pattern
    as previously used on the last "exten" line.  For example:
      exten => 123,1,NoOp(something)
      same  =>     n,SomethingElse()

  * Asterisk now provides the ability to define custom CLI aliases.  For example,
    if you would like to define short form aliases for frequently used commands,
    such as "sh ch" for "core show channels", that is now possible.  See the
    cli_aliases.conf configuration file for more information.

  * Asterisk now has support for subscribing to the state of remote voice
    mailboxes via SIP.

  * Asterisk now includes expanded HD codec support.  G.722.1 and G.722.1C
    (Siren7/Siren14) passthrough, recording, and playback is now supported.
    Transcoding will be made available via add-on modules soon for this version of
    Asterisk.

This is just a subset of the changes available in this release. Please see the
CHANGES file for additional information, available at:
http://svn.asterisk.org/svn/asterisk/tags/1.6.2.0/CHANGES

A summary of changes in this release can be found in the release summary:
http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-1.6.2.0-summary.txt

For a full list of changes in this releases, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.0

Revision 1.7 / (download) - annotate - [select for diffs], Fri May 7 23:57:56 2010 UTC (12 years ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2010Q2-base, pkgsrc-2010Q2
Changes since 1.6: +11 -3 lines
Diff to previous 1.6 (colored)

Add an "ldap" option which defaults to enabled, since most modern
systems come with LDAP support built-in.  This has no effect on
such systems.  However, on older systems, it will pull in
openldap-client.  But, a builder may still disable the option if
they wish.  This fixes:

PR pkg/41987 - Robert Elz -- comms/asterisk16 PLIST problem

Revision 1.6 / (download) - annotate - [select for diffs], Fri May 7 03:49:07 2010 UTC (12 years ago) by jnemeth
Branch: MAIN
Changes since 1.5: +2 -1 lines
Diff to previous 1.5 (colored)

Add a dependency on p5-DBI for the webvmail option.  Don't bother
with a PKGREVISION bump since this doesn't affect the installed
"binaries" and there have already been two bumps today.

Revision 1.5 / (download) - annotate - [select for diffs], Thu May 6 20:10:17 2010 UTC (12 years ago) by jnemeth
Branch: MAIN
Changes since 1.4: +15 -3 lines
Diff to previous 1.4 (colored)

Add a webvmail option which installs the vmail.cgi script accessing
voicemail using a browser.

Revision 1.4 / (download) - annotate - [select for diffs], Mon Mar 1 07:06:48 2010 UTC (12 years, 2 months ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2010Q1-base, pkgsrc-2010Q1
Changes since 1.3: +3 -3 lines
Diff to previous 1.3 (colored)

     Update to Asterisk 1.6.1.17.  This fixes AST-2010-001 and
AST-2010-003.  AST-2010-002 was just a warning about dialplan
scripting errors that could lead to security issues.

Asterisk 1.6.1.13: general bug fixes
Asterisk 1.6.1.14: fix AST-2010-001
Asterisk 1.6.1.15: not released, skipped for security releases
Asterisk 1.6.1.16: fix AST-2010-002
Asterisk 1.6.1.17: fix AST-2010-003

Note that the only change in Asterisk 1.6.1.16 was the addtion of
a README file.  However, the package doesn't install random docs.
That is planned for a future update seperate from the upstream
updates.

-----

Asterisk 1.6.1.13:

The release of Asterisk 1.6.1.13 resolved several issues reported
by the community, and would have not been possible without your
participation. Thank you!

* Restarts busydetector (if enabled) when DTMF is received after
   call is bridged
   (Closes issue #16389. Reported, Tested, Patched by alecdavis.)

* Send parking lot announcement to the channel which parked the
   call, not the park-ee.
   (Closes issue #16234. Reported, Tested by yeshuawatso.  Patched
    by tilghman.)

* When the field is blank, don't warn about the field being unable
   to be coerced just skip the column.
   (Closes
    http://lists.digium.com/pipermail/asterisk-dev/2009-December/041362.html)
    Reported by Nic Colledge on the -dev list.)

* Don't queue frames to channels that have no means to process
   them.
   (Closes issue #15609. Reported, Tested by aragon. Patched by
    tilghman.)

* Fixes holdtime playback issue in app_queue.
   (Closes issue #16168. Reported, Patched by nickilo. Tested by
   wonderg, nickilo.)

A summary of changes in this release can be found in the release
summary:
http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-1.6.1.13-summary.t
xt

For a full list of changes in this releases, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.1.13

-----

Asterisk 1.6.1.14:

The releases of Asterisk 1.6.0.22, 1.6.1.14, and 1.6.2.2 include
the fix described in security advisory AST-2010-001.

The issue is that an attacker attempting to negotiate T.38 over
SIP can remotely crash Asterisk by modifying the FaxMaxDatagram
field of the SDP to contain either a negative or exceptionally
large value.  The same crash will occur when the FaxMaxDatagram
field is omitted from the SDP, as well.

For more information about the details of this vulnerability, please
read the security advisory AST-2009-009, which was released at the
same time as this announcement.

For a full list of changes in the current releases, please see the
ChangeLog:

http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.1.14

Security advisory AST-2010-001 is available at:

http://downloads.asterisk.org/pub/security/AST-2010-001.pdf

-----

Asterisk 1.6.1.16:

The releases of Asterisk 1.2.40, 1.4.29.1, 1.6.0.24, 1.6.1.16, and
1.6.2.4 include documention describing a possible dialplan string
injection with common usage of the ${EXTEN} (and other expansion
variables). The issue and resolution are described in the AST-2010-002
security advisory.

If you have a channel technology which can accept characters other
than numbers and letters (such as SIP) it may be possible to craft
an INVITE which sends data such as 300&Zap/g1/4165551212 which
would create an additional outgoing channel leg that was not
originally intended by the dialplan programmer.

Please note that this is not limited to an specific protocol or
the Dial() application.

The expansion of variables into programmatically-interpreted strings
is a common behavior in many script or script-like languages,
Asterisk included. The ability for a variable to directly replace
components of a command is a feature, not a bug - that is the entire
point of string expansion.

However, it is often the case due to expediency or design
misunderstanding that a developer will not examine and filter string
data from external sources before passing it into potentially
harmful areas of their dialplan.

With the flexibility of the design of Asterisk come these risks if
the dialplan designer is not suitably cautious as to how foreign
data is allowed to enter the system unchecked.

This security release is intended to raise awareness of how it is
possible to insert malicious strings into dialplans, and to advise
developers to read the best practices documents so that they may
easily avoid these dangers.

For more information about the details of this vulnerability, please
read the security advisory AST-2010-002, which was released at the
same time as this announcement.

For a full list of changes in the current releases, please see the
ChangeLog:

http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.1.16

Security advisory AST-2010-002 is available at:

http://downloads.asterisk.org/pub/security/AST-2010-002.pdf

The README-SERIOUSLY.bestpractices.txt document is available in
the top-level directory of your Asterisk sources, or available in
all Asterisk branches from 1.2 and up.

http://svn.asterisk.org/svn/asterisk/trunk/README-SERIOUSLY.bestpractices.txt

-----

Asterisk 1.6.1.17:

The releases of Asterisk 1.6.0.25, 1.6.1.17, and 1.6.2.5 resolve
an issue with invalid parsing of ACL (Access Control List) rules
leading to a possible compromise in security. The issue and resolution
are described in the AST-2010-003 security advisory.

For more information about the details of this vulnerability, please
read the security advisory AST-2010-003, which was released at the
same time as this announcement.

For a full list of changes in the current releases, please see the
ChangeLog:

http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.1.17

Security advisory AST-2010-003 is available at:

http://downloads.asterisk.org/pub/security/AST-2010-003.pdf

-----

Revision 1.3 / (download) - annotate - [select for diffs], Wed Jan 13 20:10:09 2010 UTC (12 years, 4 months ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2009Q4-base, pkgsrc-2009Q4
Changes since 1.2: +2 -1 lines
Diff to previous 1.2 (colored)

PR/42612 - Dima Veselov -- build problem when no options specified

Revision 1.2 / (download) - annotate - [select for diffs], Sat Jan 2 00:36:54 2010 UTC (12 years, 4 months ago) by jnemeth
Branch: MAIN
Changes since 1.1: +7 -2 lines
Diff to previous 1.1 (colored)

     Fix build problem when no options are selected.  Thanks to wiz@ for
noticing the problem and seb@ for help with the Makefile contortions.

Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Fri Jun 12 09:04:56 2009 UTC (12 years, 11 months ago) by jnemeth
Branch: TNF
CVS Tags: pkgsrc-base, pkgsrc-2009Q3-base, pkgsrc-2009Q3, pkgsrc-2009Q2-base, pkgsrc-2009Q2
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)

Add Asterisk 1.6.0.10.  At the moment, this version doesn't have any
hardware support, so it can't replace comms/asterisk.  However,
apparently there is demand for this version, so wiz@ suggested it
be imported here into comms/asterisk16.  The latest version is
1.6.1.1, but I won't have time to update all the patches before the
freeze.  I'll update to that version sometime after the freeze when
I get a chance.

Revision 1.1 / (download) - annotate - [select for diffs], Fri Jun 12 09:04:56 2009 UTC (12 years, 11 months ago) by jnemeth
Branch: MAIN

Initial revision

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>