Asterisk is an open source framework for building communications applications. Asterisk turns an ordinary computer into a communications server. Asterisk powers IP PBX systems, VoIP gateways, conference servers and other custom solutions. It is used by small businesses, large businesses, call centers, carriers and government agencies, worldwide. Asterisk is free and open source.
16.6.222 Nov 2019 19:25
Update CHANGES and UPGRADE.txt for 16.6.2
manager.c: Prevent the Originate action from running the Originate app.
If an AMI user without the "system" authorization calls the
Originate AMI command with the Originate application,
the second Originate could run the "System" command.
Data: Local/2222,app,System,touch /tmp/owned.
If the "system" authorization isn't set, we now block the
Originate app as well as the System, Exec, etc. apps. chan_sip.c: Prevent address change on unauthenticated SIP request.
If the name of a peer is known and a SIP request is sent using that
peer's name, the address of the peer will change even if the request
fails the authentication challenge. This means that an endpoint can
be altered and even rendered unusuable, even if it was in a working
state previously. This can only occur when the nat option is set to the
default, or auto_force_rport.
This change checks the result of authentication first to ensure it is
successful before setting the address and the nat option.
16.6.117 Oct 2019 16:45
Pjproject_bundled: Replace earlier reverts with official.
in pjproject 2.9 caused us to revert some of their changes
as a work around. This introduced another where pjproject.
Wouldn't build with older gcc versions such as that found on
CentOS 6. This commit replaces the reverts with the official.
For the original and allows pjproject to be built
on CentOS 6 again. res_pjsip_mwi: potential double unref, and potential unwanted double link.
When creating an unsolicited MWI aggregate subscription it was possible for.
The subscription object to be double unref'ed. This patch removes the explicit
Unref as it is not needed since the RAII_VAR will handle it at function end.
Less concerning there was also a that could potentially allow the aggregate.
Subscription object to be added to the unsolicited container twice. This patch
Ensures it is added only once.
16.5.106 Sep 2019 22:25
AST-2019-005 - translate: Don't assume all frames will have a src.
This change removes the assumption that a frame will always have
a src set on it. This assumption is incorrect.
Given a scenario where an RTP packet is received with no payload.
The resulting audio frame will have no samples. If this frame goes
Through a signed linear translation path an interpolated frame can
be created (if generic packet loss concealment is enabled) that has.
Minimal data on it, including no src. If this frame is given to a
Translation path a crash will occur due to the lack of src. AST-2019-004 - res_pjsip_t38.c: Add NULL checks before using session media
After receiving a 200 OK with a declined stream in response to a T.38.
Initiated re-invite Asterisk would crash when attempting to dereference
a NULL session media object.
This patch checks to make sure the session media object is not NULL before.
Attempting to use it.
16.4.112 Jul 2019 17:45
Res_pjsip_messaging: Check for body in in-dialog message
We now check that a body exists and it has a length 0 before.
Attempting to process it. chan_sip: Handle invalid SDP answer to T.38 re-invite
The chan_sip module performs a T.38 re-invite using a single media.
Stream of udptl, and expects the SDP answer to be the same.
If an SDP answer is received instead that contains an additional.
Media stream with no joint codec a crash will occur as the code
Assumes that at least one joint codec will exist in this
This change removes this assumption.
16.2.102 Mar 2019 03:25
Res_pjsip_sdp_rtp: return code from apply_negotiated_sdp_stream
Apply_negotiated_sdp_stream was returning a "1" when no joint.
Capabilities were found on an outgoing call instead of a "-1".
This indicated to res_pjsip_session that the handler DID handle.
The sdp when in fact it didn't. Without the appropriate setup,
a subsequent media frame coming in would have an invalid stream_num.
And cause a seg fault when the stream was attempted to be retrieved.
Apply_negotiated_sdp_stream now returns the correct "-1" and any.
Media is now discarded before it reaches the core stream processing. CI: Update jenkinsfiles with new Gerrit URLs
The recent upgrade of Gerrit to 2.16 elimiated referencing a.
Repository in a way the jenkinsfiles were relying on so
The URL references were changed to a more consistent and supported
16.1.127 Dec 2018 23:05
Revert "stasis_cache: Stop caching stasis subscription change messages"
This commit caused with polling when combined with
the revert commit "Revert "app_voicemail: Remove need to subscribe to stasis".
This reverts commit 17d6d9e1e7d0db04ebd8d2e0cd9e087ec5462e2f.
16.0.116 Nov 2018 21:45
AST-2018-010: length of buffer needed for SRV and NAPTR results
When dn_expand was being called on SRV and NAPTR results, the.
Return value was being used to calculate the size of the buffer
Needed to store the host names. Since dn_expand returns the
Length of the COMPRESSED name the buffer could be too short
to hold the EXPANDED name. The expanded name is NULL terminated
so using strlen() is the correct way to determine the length.
Actually needed for the buffer.
16.0.010 Oct 2018 09:32
Improved Video Conferencing Performance
Asterisk 16 builds upon the extensive video conferencing capabilities introduced in Asterisk 15 to provide a dramatically improved video experience for users. Asterisk now delivers superior video performance for all network conditions, which reduces the risk of frozen video frames and provides a world-class framework for creating cutting-edge video applications.
New Text-Based Data Capabilities
Support for Enhanced Messaging has been added to give developers the ability to build rich client applications with text-based data exchanges. Now, multi-party video conferencing client applications can share URLs, list conference participants, highlight talkers, and enable multi-party chat.
Improved Call Handling
Asterisk 16 has also undergone significant performance enhancements to better handle SIP calling by decreasing the system memory and CPU consumption required during high volume situations, most notably when utilizing the PJSIP channel driver.