lp://staging/asterisk/1.8

Branch merges

This import branch has no branches proposed for merge into it.

No branches dependent on this one.

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

22823. By jrose on 2015-04-08

Security/tcptls: MitM Attack potential from certificate with NULL byte in CN.

When registering to a SIP server with TLS, Asterisk will accept CA signed
certificates with a common name that was signed for a domain other than the
one requested if it contains a null character in the common name portion of
the cert. This patch fixes that by checking that the common name length
matches the the length of the content we actually read from the common name
segment. Some certificate authorities automatically sign CA requests when
the requesting CN isn't already taken, so an attacker could potentially
register a CN with something like www.google.com\x00www.secretlyevil.net
and have their certificate signed and Asterisk would accept that certificate
as though it had been for www.google.com - this is a security fix and is
noted in AST-2015-003.

ASTERISK-24847 #close
Reported by: Maciej Szmigiero
Patches:
 asterisk-null-in-cn.patch submitted by mhej (license 6085)

22822. By mmichelson on 2015-01-28

Backport AST-2015-002 fix to 1.8.

This helps to prevent Asterisk from being an attack vector for
HTTP request injection attacks based on CVE-2014-8150.

22821. By mmichelson on 2014-11-20

Fix error with mixed address family ACLs.

Prior to this commit, the address family of the first item in an ACL
was used to compare all incoming traffic. This could lead to traffic
of other IP address families bypassing ACLs.

ASTERISK-24469 #close

Reported by Matt Jordan
Patches:
 ASTERISK-24469-11.diff uploaded by Matt Jordan (License #6283)

AST-2014-012

22820. By kharwell on 2014-11-20

AST-2014-018 - func_db: DB Dialplan function permission escalation via AMI.

The DB dialplan function when executed from an external protocol (for instance
AMI), could result in a privilege escalation.

Asterisk now inhibits the DB function from being executed from an external
interface if the live_dangerously option is set to no.

ASTERISK-24534
Reported by: Gareth Palmer
patches: submitted by Gareth Palmer (license 5169)

22819. By coreyfarrell on 2014-11-06

Fix unintential memory retention in stringfields.

* Fix missing / unreachable calls to __ast_string_field_release_active.
* Reset pool->used to zero when the current pool->active reaches zero.

ASTERISK-24307 #close
Reported by: Etienne Lessard
Tested by: ibercom, Etienne Lessard
Review: https://reviewboard.asterisk.org/r/4114/

22818. By coreyfarrell on 2014-11-02

Fix ast_writestream leaks

Fix cleanup in __ast_play_and_record where others[x] may be leaked.
This was caught where prepend != NULL && outmsg != NULL, once
realfile[x] == NULL any further others[x] would be leaked. A cleanup
block was also added for prepend != NULL && outmsg == NULL.

11+: Fix leak of ast_writestream recording_fs in
app_voicemail:leave_voicemail.

ASTERISK-24476 #close
Reported by: Corey Farrell
Review: https://reviewboard.asterisk.org/r/4138/

22817. By tzafrir on 2014-10-31

Fix syntax from r426926

22816. By tzafrir on 2014-10-31

install init.d files on GNU/kFreeBSD

Review: https://reviewboard.asterisk.org/r/4118/

22815. By mjordan on 2014-10-31

channels/sip/reqresp_parser: Fix unit tests for r426594

When r426594 was made, it did not take into account a unit test that verified
that the function properly populated the unsupported buffer. The function
would previously memset the buffer if it detected it had any contents; since
this function can now be called iteratively on successive headers, the unit
tests would now fail. This patch updates the unit tests to reset the buffer
themselves between successive calls, and updates the documentation of the
function to note that this is now required.

22814. By coreyfarrell on 2014-10-31

REF_DEBUG: Install refcounter.py to $(ASTDATADIR)/scripts

This change ensures refcounter.py is installed to a place where it
can be found by the Asterisk testsuite if REF_DEBUG is enabled.

ASTERISK-24432 #close
Reported by: Corey Farrell
Review: https://reviewboard.asterisk.org/r/4094/