Commits

Show all
Author Commit Message Labels Comments Date
mjordan
Fix remotely exploitable stack overrun in Milliwatt Milliwatt is vulnerable to a remotely exploitable stack overrun when using the 'o' option. This occurs due to the milliwatt_generate function not accounting for AST_FRIENDLY_OFFSET when calculating the maximum number of samples it can put in the output buffer. This patch resolves this issue by taking into account AST_FRIENDLY_OFFSET when determining the maximum number of samples allowed. Note t…
Tags
2 tags
Branches
1.6.2
kpfleming
Correct two flaws in sip.conf.sample related to AST-2011-013. * The sample file listed *two* values for the 'nat' option as being the default. Only 'yes' is the default. * The warning about having differing 'nat' settings confusingly referred to both peers and users.
Tags
1.6.2.22
Branches
1.6.2
lmadsen
Update svn:externals to use menuselect from 1.6.2.20 and not later. This change is required because when making security releases, if you pull from menuselect/trunk you'll get changes meant for later versions of Asterisk.
Tags
1.6.2.21
Branches
1.6.2
twilson
Don't crash on INFO automon request with no channel AST-2011-014. When automon was enabled in features.conf, it was possible to crash Asterisk by sending an INFO request if no channel had been created yet. (closes issue ASTERISK-18805)
Branches
1.6.2
twilson
Don't set the nat default twice. Cleaning up a small merge issue ASTERISK-18862
Branches
1.6.2
twilson
Default to nat=yes; warn when nat in general and peer differ It is possible to enumerate SIP usernames when the general and user/peer nat settings differ in whether to respond to the port a request is sent from or the port listed for responses in the Via header. In 1.4 and 1.6.2, this would mean if one setting was nat=yes or nat=route and the other was either nat=no or nat=never. In 1.8 and 10, this would mean when one was nat=force_rport and the other was …
Branches
1.6.2
jrose
fixes reference leak pointed out by rmudgett in https://reviewboard.asterisk.org/r/1337/
Branches
1.6.2
jrose
Asterisk 18103 - Fix reload crash caused by destroying default parking lot Default parking lot was being destroyed in reload and was not being rebuilt properly. This patch keeps features.c reload from destroying the default parking lot in 1.6.2. Bug was caused by a hasty backport which didn't test reload enough times to catch the problem. (closes issue ASTERISK-18103) Reported by: 808blogger Review: https://reviewboard.asterisk.org/r/1337/
Branches
1.6.2
qwell
Add .o files to svn:ignore property, since it's only ignored if locally configured to do so.
Branches
1.6.2
twilson
Merged revisions 325275 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r325275 | twilson | 2011-06-28 15:03:19 -0500 (Tue, 28 Jun 2011) | 2 lines Don't leak SIP username information ........
Tags
1.6.2.19
Branches
1.6.2
kmoore
Addresses AST-2011-008, memory corruption and remote crash in SIP driver. AST-2011-008
Tags
1.6.2.19-rc1
Branches
1.6.2
dvossel
Merged revisions 324627 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r324627 | dvossel | 2011-06-23 13:16:52 -0500 (Thu, 23 Jun 2011) | 7 lines Addresses AST-2011-010, remote crash in IAX2 driver Thanks to twilson for identifying the issue and providing the patches. AST-2011-010 ........
Branches
1.6.2
kmoore
ConfBridge does not handle hangup properly When playing back a prompt to a channel, confbridge neglects to check for hangup events causing lockup condititions for hangups that occur before actually joining the conference. This change ensures that the user is removed from the conference in the event of a premature hangup. Review: https://reviewboard.asterisk.org/r/1277/
Branches
1.6.2
twilson
Merged revisions 323732 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r323732 | twilson | 2011-06-15 13:06:24 -0500 (Wed, 15 Jun 2011) | 9 lines Fix DYNAMIC_FEATURES DYNAMIC_FEATURES were broken by a recent DTMF change. This patch makes sure that dynamic features are also checked when deciding whether or not to pass DTMF through or store it for interpreting. (closes issue ASTERISK-17914) Reported by: vrban ........
Branches
1.6.2
seanbright
Merged revisions 323559 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r323559 | seanbright | 2011-06-15 11:15:30 -0400 (Wed, 15 Jun 2011) | 25 lines Resolve a segfault/bus error when we try to map memory that falls on a page boundary. The fix for ASTERISK-15359 was incorrect in that it added 1 to the length of the mmap'd region. The problem with this is that reading/writing to that extra byte outside of the bounds of the underlying fd causes …
Branches
1.6.2
mnicholson
Unlock the sip channel during fax detection like chan_dahdi does to prevent a deadlock with ast_autoservice_stop. (closes issue ASTERISK-17798) tested by mnicholson
Branches
1.6.2
mnicholson
Blocked revisions 322657,322698 via svnmerge ........ r322657 | mnicholson | 2011-06-09 10:20:19 -0500 (Thu, 09 Jun 2011) | 2 lines whitespace ........ r322698 | mnicholson | 2011-06-09 10:36:05 -0500 (Thu, 09 Jun 2011) | 2 lines unlock pvt when we drop voice frames received in early media when in t.38 mode ........
Branches
1.6.2
mnicholson
unlock pvt when we drop voice frames received in early media when in t.38 mode
Branches
1.6.2
mnicholson
fix for previous commit
Branches
1.6.2
mnicholson
Merged revisions 322646 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r322646 | mnicholson | 2011-06-09 10:10:30 -0500 (Thu, 09 Jun 2011) | 5 lines don't drop any voice frames when checking for T.38 during early media (closes issue ASTERISK-17705) Review: https://reviewboard.asterisk.org/r/1186/ patch by oej reported by oej ........
Branches
1.6.2
alecdavis
Fix *8 directed pickup locks system during pickupsound play out move playout from sip_pickup_thread to bridge using BRIDGE_PLAY_SOUND method, This stop the clash of 2 threads trying to write audio to same channel. In addition fixes choppy audio beep in issue 19177. (issue #18654) (issue #19177) Reported by: Docent Patches: review1232-1.6.2.diff.txt uploaded by alecdavis (license 585) Tested by: alecdavis Review: https://reviewboard.asterisk.org/r/…
Branches
1.6.2
dvossel
Adds missing part to the ast_tcptls_server_start fails second attempt to bind patch. (closes issue #19289) Reported by: wdoekes Patches: issue19289_delay_old_address_setting_tcptls_2.patch uploaded by wdoekes (license 717)
Branches
1.6.2
dvossel
Fixes chanspy enforced mode lacking a channel_unlock. (closes issue #19348) Reported by: wdoekes Patches: issue19348_chanspy_missing_channel_unlock.patch uploaded by wdoekes (license 717)
Branches
1.6.2
tilghman
Don't crash when the connection fails. (closes issue #19250) Reported by: seadweller Patches: 20110514__issue19250.diff.txt uploaded by tilghman (license 14) Tested by: seadweller, sum
Branches
1.6.2
pabelanger
Blocked revisions 320393 via svnmerge ........ r320393 | pabelanger | 2011-05-21 01:09:09 -0400 (Sat, 21 May 2011) | 2 lines Solaris compatibility fixes ........
Branches
1.6.2
dvossel
Fixes issue with ast_tcptls_server_start failing on second attempt to bind. (closes issue #19289) Reported by: wdoekes Patches: issue19289_delay_old_address_setting_tcptls.patch uploaded by wdoekes (license 717)
Branches
1.6.2
rmudgett
Merged revisions 320235 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r320235 | rmudgett | 2011-05-20 15:38:22 -0500 (Fri, 20 May 2011) | 13 lines The meetme CLI command completion leaves conferences mutex locked. When issuing a meetme kick CLI command and an invalid (non-existent) conference number is specified, pressing Tab leaves the conferences mutex locked and, therefore, all conferences deadlock. Add missing unlock. (closes issue #19…
Branches
1.6.2
mnicholson
This commit modifies the way polling is done on TLS sockets. Because of the buffering the TLS layer does, polling is unreliable. If poll is called while there is data waiting to be read in the TLS layer but not at the network layer, the messaging processing engine will not proceed until something else writes data to the socket, which may not occur. This change modifies the logic around TLS sockets to only poll after a failed read on a non-blocking socket. T…
Branches
1.6.2
dvossel
Blocked revisions 320055 via svnmerge ........ r320055 | dvossel | 2011-05-20 11:38:28 -0500 (Fri, 20 May 2011) | 9 lines chan_sip: Destroy variables on a sip_pvt before copying vars from the sip_peer. (closes issue #19202) Reported by: wdoekes Patches: issue19202_destroy_challenged_invite_chanvars.patch uploaded by wdoekes (license 717) ........
Branches
1.6.2
twilson
Merged revisions 319652 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r319652 | twilson | 2011-05-18 16:04:35 -0700 (Wed, 18 May 2011) | 8 lines Make sure everyone gets an unhold when a transfer succeeds Some phones, like the Snom phones, send a hold to the transfer target after before sending the REFER. We need to make sure that we unhold the parties that are being connected after the masquerade. If Local channels with the /nm option are used…
Branches
1.6.2
  1. Prev
  2. Next