search for: mnicholson

...at http://downloads.asterisk.org/pub/telephony/asterisk/ The release of Asterisk 1.8.2.3 resolves the following issue: * Reimplemented fax session reservation to reverse the ABI breakage introduced in r297486. (Reported by Jeremy Kister on the asterisk-users mailing list. Patched by mnicholson) For a full list of changes in this release, please see the ChangeLog: http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.2.3 Thank you for your continued support of Asterisk!

...at http://downloads.asterisk.org/pub/telephony/asterisk/ The release of Asterisk 1.8.2.3 resolves the following issue: * Reimplemented fax session reservation to reverse the ABI breakage introduced in r297486. (Reported by Jeremy Kister on the asterisk-users mailing list. Patched by mnicholson) For a full list of changes in this release, please see the ChangeLog: http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.2.3 Thank you for your continued support of Asterisk!

...Reported By Matthew Nicholson Posted On January 18, 2011 Last Updated On January 18, 2011 Advisory Contact Matthew Nicholson <mnicholson at digium.com> CVE Name Description When forming an outgoing SIP request while in pedantic mode, a stack buffer can be made to overflow if supplied with carefully crafted caller ID information. This vulnerability...

...iance with RFC 3261 section 18.2.2. (aka Cisco phone fix) (Closes issue #18951. Reported by jmls. Patched by wdoekes) * Resolve a change in IPv6 header parsing due to the Cisco phone fix issue. This issue was found and reported by the Asterisk test suite. (Closes issue #18951. Patched by mnicholson) * Resolve potential crash when using SIP TLS support. (Closes issue #19192. Reported by stknob. Patched by Chainsaw. Tested by vois, Chainsaw) * Improve reliability when using SIP TLS. (Closes issue #19182. Reported by st. Patched by mnicholson) For a full list of changes in this r...

...iance with RFC 3261 section 18.2.2. (aka Cisco phone fix) (Closes issue #18951. Reported by jmls. Patched by wdoekes) * Resolve a change in IPv6 header parsing due to the Cisco phone fix issue. This issue was found and reported by the Asterisk test suite. (Closes issue #18951. Patched by mnicholson) * Resolve potential crash when using SIP TLS support. (Closes issue #19192. Reported by stknob. Patched by Chainsaw. Tested by vois, Chainsaw) * Improve reliability when using SIP TLS. (Closes issue #19182. Reported by st. Patched by mnicholson) For a full list of changes in this r...

...Reported By Mark Murawski <markm AT intellasoft DOT net> Posted On April 21, 2011 Last Updated On April 21, 2011 Advisory Contact Matthew Nicholson <mnicholson at digium.com> CVE Name Description It is possible for a user of the Asterisk Manager Interface to bypass a security check and execute shell commands when they should not have that ability. Sending the "Async" header wi...

...oth * fixes conditional jump or move depending on uninitialised STACK value (closes issue #16261), reported, patched by: edguy3 * Copy the peer CDR's userfield to the bridge CDR if it exists. (closes issue #14590), reported by: msetim, patched by Laureano, tested by: Laureano, mnicholson A summary of changes in this release can be found in the release summary: http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-1.4.28-summary.txt For a full list of changes in this releases, please see the ChangeLog: http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.4.28...

...ses issue #16377, #16376. Reported by bcnit. Patched by dant. * Propertly set T.38 attributes and don't return before T.38 ports are configured when T.38 is found but no audio stream is found. (Closes issue #16318. Reported by bird_of_Luck. Tested by vrban, mihaill. Patched by vrban, mnicholson.) * Avoid crashes with large numbers of MeetMe conferences. (Closes issue #16509. Reported by Kashif Raza. Tested, Patched by seanbright.) * Change in 'sip show channels' display format allowing more digits for CID. (Closes issue #16459. Reported, Patched by Rzadzins. * Revise docu...

...d by francesco_r, rfrantik, one47) * Resolve a memory leak when the Asterisk Manager Interface is disabled. (Reported internally by kmorgan. Patched by russellb) * Reimplemented fax session reservation to reverse the ABI breakage introduced in r297486. (Reported internally. Patched by mnicholson) * Fix regression that changed behavior of queues when ringing a queue member. (Closes issue #18747, #18733. Reported by vrban. Patched by qwell.) * Resolve deadlock involving REFER. (Closes issue #18403. Reported, tested by jthurman. Patched by jpeeler.) Additionally, this release has the...

...Reported By Mark Murawski <markm AT intellasoft DOT net> Posted On April 21, 2011 Last Updated On April 21, 2011 Advisory Contact Matthew Nicholson <mnicholson at digium.com> CVE Name Description It is possible for a user of the Asterisk Manager Interface to bypass a security check and execute shell commands when they should not have that ability. Sending the "Async" header wi...

...oth * fixes conditional jump or move depending on uninitialised STACK value (closes issue #16261), reported, patched by: edguy3 * Copy the peer CDR's userfield to the bridge CDR if it exists. (closes issue #14590), reported by: msetim, patched by Laureano, tested by: Laureano, mnicholson A summary of changes in this release can be found in the release summary: http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-1.4.28-summary.txt For a full list of changes in this releases, please see the ChangeLog: http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.4.28...

...ses issue #16377, #16376. Reported by bcnit. Patched by dant. * Propertly set T.38 attributes and don't return before T.38 ports are configured when T.38 is found but no audio stream is found. (Closes issue #16318. Reported by bird_of_Luck. Tested by vrban, mihaill. Patched by vrban, mnicholson.) * Avoid crashes with large numbers of MeetMe conferences. (Closes issue #16509. Reported by Kashif Raza. Tested, Patched by seanbright.) * Change in 'sip show channels' display format allowing more digits for CID. (Closes issue #16459. Reported, Patched by Rzadzins. * Revise docu...

...d by francesco_r, rfrantik, one47) * Resolve a memory leak when the Asterisk Manager Interface is disabled. (Reported internally by kmorgan. Patched by russellb) * Reimplemented fax session reservation to reverse the ABI breakage introduced in r297486. (Reported internally. Patched by mnicholson) * Fix regression that changed behavior of queues when ringing a queue member. (Closes issue #18747, #18733. Reported by vrban. Patched by qwell.) * Resolve deadlock involving REFER. (Closes issue #18403. Reported, tested by jthurman. Patched by jpeeler.) Additionally, this release has the...

...Reported By Tzafrir Cohen < tzafrir.cohen AT xorcom DOT com > Posted On April 21, 2011 Last Updated On April 21, 2011 Advisory Contact Matthew Nicholson <mnicholson at digium.com> CVE Name CVE-2011-1507 Description On systems that have the Asterisk Manager Interface, Skinny, SIP over TCP, or the built in HTTP server enabled, it is possible for...

...Reported By Tzafrir Cohen < tzafrir.cohen AT xorcom DOT com > Posted On April 21, 2011 Last Updated On April 21, 2011 Advisory Contact Matthew Nicholson <mnicholson at digium.com> CVE Name CVE-2011-1507 Description On systems that have the Asterisk Manager Interface, Skinny, SIP over TCP, or the built in HTTP server enabled, it is possible for...

Greetings, Recently a performance regression in chan_sip was discovered in Asterisk 1.8. The regression is caused by chan_sip setting MASTER_CHANNEL(HASH(SIP_CAUSE,<chan name>)) after each response received on a channel. That feature has been made optional in the latest 1.8 SVN code, but is currently still enabled by default. After some internal discussion, we decided to consider disabling

...#39;t clear the username from a realtime database when a registration expires. Non-realtime chan_sip does not clear the username from memory when a registration expiries so realtime probably shouldn't either. (Closes issue #17551. Reported, patched by: ricardolandim. Patched by mnicholson) * Don't hang up a call on an SRTP unprotect failure. Also make it more obvious when there is an issue en/decrypting. (Closes issue #17563. Reported by Alexcr. Patched by sfritsch. Tested by twilson) * Many more issues. This is a significant upgrade over Asterisk 1.8.0 beta 5...

...#39;t clear the username from a realtime database when a registration expires. Non-realtime chan_sip does not clear the username from memory when a registration expiries so realtime probably shouldn't either. (Closes issue #17551. Reported, patched by: ricardolandim. Patched by mnicholson) * Don't hang up a call on an SRTP unprotect failure. Also make it more obvious when there is an issue en/decrypting. (Closes issue #17563. Reported by Alexcr. Patched by sfritsch. Tested by twilson) * Many more issues. This is a significant upgrade over Asterisk 1.8.0 beta 5...

Greetings chan_mobile users, I have just merged my refactor of chan_mobile into asterisk-addons trunk and now the code needs testing. The changes I have made should improve the stability and reliability of the code and should also improve audio quality. Error reporting should be improved as well. I have tested most of the code with my blackberry device, but I need more people to test the code